urlscan.io logo urlscan.io
SecurityTrails logo

www.startseven.xyz Open in urlscan Pro
13.251.251.159  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://startseven.xyz/
Effective URL: http://www.startseven.xyz/
Submission: On September 03 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 12 domains to perform 26 HTTP transactions. The main IP is 13.251.251.159, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is www.startseven.xyz.
This is the only time www.startseven.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.229.38.226 16509 (AMAZON-02)
1 13.251.251.159 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
7 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 13.229.20.70 16509 (AMAZON-02)
1 193.108.153.4 20940 (AKAMAI-ASN1)
6 2a00:1450:400... 15169 (GOOGLE)
2 54.151.164.10 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 151.101.114.133 54113 (FASTLY)
1 13.225.78.38 16509 (AMAZON-02)
26 11
1    13.229.38.226 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-229-38-226.ap-southeast-1.compute.amazonaws.com
startseven.xyz
1    13.251.251.159 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-251-159.ap-southeast-1.compute.amazonaws.com
www.startseven.xyz
1    2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2606:4700::6812:d44 (United States)

ASN13335 (CLOUDFLARENET, US)
w.ladicdn.com
1    2a00:1450:4001:81e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    13.229.20.70 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-229-20-70.ap-southeast-1.compute.amazonaws.com
static.ladipage.net
1    193.108.153.4 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a193-108-153-4.deploy.static.akamaitechnologies.com
meteor.tiktok.com
6    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    54.151.164.10 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-151-164-10.ap-southeast-1.compute.amazonaws.com
a.ladipage.com
1    2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
spreadsheets.google.com
4    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sf19-scmcdn-va.ibytedtos.com
1    13.225.78.38 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-38.fra2.r.cloudfront.net
s0.ipstatp.com
Domain Requested by
7 w.ladicdn.com www.startseven.xyz
6 fonts.gstatic.com fonts.googleapis.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.startseven.xyz
2 a.ladipage.com w.ladicdn.com
2 static.ladipage.net 2 redirects
1 s0.ipstatp.com sf19-scmcdn-va.ibytedtos.com
1 sf19-scmcdn-va.ibytedtos.com meteor.tiktok.com
1 spreadsheets.google.com w.ladicdn.com
1 meteor.tiktok.com www.startseven.xyz
1 www.googletagmanager.com www.startseven.xyz
1 fonts.googleapis.com www.startseven.xyz
1 www.startseven.xyz
1 startseven.xyz 1 redirects
26 13

This site contains links to these domains. Also see Links.

Domain
www.supershophov.live
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1O1		 2020-08-19 -
2020-11-11		 3 months crt.sh
ladicdn.com
Cloudflare Inc ECC CA-3		 2020-07-13 -
2021-07-13		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
*.tiktok.com
RapidSSL RSA CA 2018		 2019-11-14 -
2022-01-12		 2 years crt.sh
*.gstatic.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
a.ladipage.com
Amazon		 2020-07-31 -
2021-08-30		 a year crt.sh
*.ibytedtos.com
RapidSSL RSA CA 2018		 2019-07-26 -
2020-09-23		 a year crt.sh

This page contains 1 frames:

Primary Page: http://www.startseven.xyz/
Frame ID: 34CC81ABE7BE5EA18CA98170555813CB
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://startseven.xyz/ HTTP 301
    http://www.startseven.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

26
Requests

92 %
HTTPS

46 %
IPv6

12
Domains

13
Subdomains

11
IPs

4
Countries

367 kB
Transfer

774 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://startseven.xyz/ HTTP 301
    http://www.startseven.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://static.ladipage.net/source/notify.svg HTTP 301
  • https://w.ladicdn.com/source/notify.svg
Request Chain 24
  • https://static.ladipage.net/source/notify.svg HTTP 301
  • https://w.ladicdn.com/source/notify.svg

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.startseven.xyz/
Redirect Chain
  • http://startseven.xyz/
  • http://www.startseven.xyz/
114 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.startseven.xyz/
Protocol
HTTP/1.1
Server
13.251.251.159 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-251-159.ap-southeast-1.compute.amazonaws.com
Software
openresty /
Resource Hash
a690de9ae4ea47075b78aa0e67967e8bbb658bbdeae8d023b4480cfbb1fdfb96

Request headers

Host
www.startseven.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
openresty
Date
Thu, 03 Sep 2020 03:40:57 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
Set-Cookie
LADI_CLIENT_ID=856b377b-9d75-4add-73d7-7524e1c8fd4f; Expires=Sun, 01 Sep 2030 03:40:57 GMT LADI_PAGE_VIEW=0; Expires=Sun, 01 Sep 2030 03:40:57 GMT LADI_FORM_SUBMIT=0; Expires=Sun, 01 Sep 2030 03:40:57 GMT LADI_PAGE_VIEW=1; Expires=Sun, 01 Sep 2030 03:40:57 GMT LADI_CAMP_ID=; Max-Age=0 LADI_CAMP_NAME=; Max-Age=0 LADI_CAMP_TYPE=; Max-Age=0 LADI_CAMP_ORIGIN_URL=; Max-Age=0 LADI_CAMP_TARGET_URL=; Max-Age=0 LADI_CAMP_PAGE_VIEW=; Max-Age=0 LADI_CAMP_FORM_SUBMIT=; Max-Age=0 LADI_CAMP_BEHAVIOR_PAGE_VIEW=; Max-Age=0 LADI_CAMP_BEHAVIOR_FORMSUBMIT=; Max-Age=0
Statuscode
200
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Thu, 03 Sep 2020 03:40:56 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
http://www.startseven.xyz/
css
fonts.googleapis.com/ 		7 KB
878 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Itim:bold,regular&display=swap
Requested by
Host: www.startseven.xyz
URL: http://www.startseven.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f4be9238008388da65982f6e7a4280955d9c903f204cb7ec4ca657ae64b5f50e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.startseven.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Sep 2020 03:40:57 GMT
server
ESF
date
Thu, 03 Sep 2020 03:40:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Sep 2020 03:40:57 GMT
ladipage.min.js
w.ladicdn.com/v2/source/ 		152 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.ladicdn.com/v2/source/ladipage.min.js?v=1598941181362
Requested by
Host: www.startseven.xyz
URL: http://www.startseven.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77c37bfe8fba3bc08a87669729e046dd966d249cbba4f9f3272b072f8515d813

Request headers

Referer
http://www.startseven.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Sep 2020 03:40:57 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
162491
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
04f3a6b2b800001762f6bd1200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
5ccc73cac88b1762-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 03 Sep 2021 03:40:57 GMT
js
www.googletagmanager.com/gtag/ 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-134521961-1
Requested by
Host: www.startseven.xyz
URL: http://www.startseven.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
64c9eba4c8e068aee5a464ab4bdf54bed44f5ccf2ff97ed1faf1e4e341be8913
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://www.startseven.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Sep 2020 03:40:57 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35610
x-xss-protection
0
last-modified
Thu, 03 Sep 2020 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 03 Sep 2020 03:40:57 GMT
notify.svg
w.ladicdn.com/source/
Redirect Chain
  • https://static.ladipage.net/source/notify.svg
  • https://w.ladicdn.com/source/notify.svg
2 KB
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/source/notify.svg
Requested by
Host: www.startseven.xyz
URL: http://www.startseven.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c950f9d8711acbcb718c05c7d12d9297acfd418b228382d45c92c36deab49b12

Request headers

Referer
http://www.startseven.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Sep 2020 03:40:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
3282254
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
04f3a6b54300001762f6bf4200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
5ccc73cedd831762-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 03 Sep 2021 03:40:58 GMT

Redirect headers

status
301
date
Thu, 03 Sep 2020 03:40:57 GMT
server
awselb/2.0
content-length
150
location
https://w.ladicdn.com:443/source/notify.svg
content-type
text/html
sdk.js
meteor.tiktok.com/i18n/pixel/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://meteor.tiktok.com/i18n/pixel/sdk.js?sdkid=BT6CCV3NNFC0MNU60F80
Requested by
Host: www.startseven.xyz
URL: http://www.startseven.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.4 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a193-108-153-4.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f5d1dff02098141f7845741820eb27f9d1736e1767eb9d434e2b100948554f98

Request headers

Referer
http://www.startseven.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 03 Sep 2020 03:40:57 GMT
Content-Encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
Server
nginx
X-Tt-Logid
202009030340570101890560285EB21957
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
X-Parent-Response-Time
276,23.54.206.4
Connection
keep-alive
X-Origin-Response-Time
8,23.48.36.66
server-timing
cdn-cache; desc=MISS, edge; dur=268, origin; dur=8, inner; dur=4
Content-Length
18474
Upstream-Caught
1599104457864470
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Itim:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.startseven.xyz
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Itim:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 31 Aug 2020 09:03:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:11 GMT
server
sffe
age
239825
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Tue, 31 Aug 2021 09:03:52 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Itim:bold,regular&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.startseven.xyz
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Itim:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 31 Aug 2020 09:03:54 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
239823
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Tue, 31 Aug 2021 09:03:54 GMT
mem5YaGs126MiZpBA-UN7rgOXOhpKKSTj5PW.woff2
fonts.gstatic.com/s/opensans/v17/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOXOhpKKSTj5PW.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Itim:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35327bcecf226f1e75d221cf9b537d5d8a127dd1e38298cc4596bcf638f6071a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.startseven.xyz
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Itim:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 31 Aug 2020 09:03:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:50 GMT
server
sffe
age
239825
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7208
x-xss-protection
0
expires
Tue, 31 Aug 2021 09:03:52 GMT
mem8YaGs126MiZpBA-UFW50bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v17/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFW50bf8pkAp6a.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Itim:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6446b6826bb6136c8782e74d99a2ea78cc9cb508cf61f4020fee5415f108c7e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.startseven.xyz
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Itim:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 31 Aug 2020 09:06:15 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:53 GMT
server
sffe
age
239682
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7292
x-xss-protection
0
expires
Tue, 31 Aug 2021 09:06:15 GMT
ladipage.min.css
w.ladicdn.com/v2/source/ 		59 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w.ladicdn.com/v2/source/ladipage.min.css?v=1598941181362
Requested by
Host: www.startseven.xyz
URL: http://www.startseven.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5b12ba320d79744057a337087cb9fb09cec08a78576936f0c69bb44132823e0

Request headers

Referer
http://www.startseven.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Sep 2020 03:40:57 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
162491
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
04f3a6b35f00001762f6bdd200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
5ccc73cbc9ef1762-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 03 Sep 2021 03:40:57 GMT
images-20200831125740.png
w.ladicdn.com/s450x450/5ae19977f35b8f093dff12f5/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s450x450/5ae19977f35b8f093dff12f5/images-20200831125740.png
Requested by
Host: www.startseven.xyz
URL: http://www.startseven.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
916485cf27b208519056ab129496e6d56cec8ed668b0d35204f093babb37e261

Request headers

Referer
http://www.startseven.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Sep 2020 03:40:57 GMT
vary
Accept-Encoding
cf-cache-status
MISS
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
04f3a6b36a00001762f6bde200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
5ccc73cbda0c1762-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 03 Sep 2021 03:40:57 GMT
anh-gai-xinh-dep-nhat_012902114_800x450-20200901073210.jpg
w.ladicdn.com/s1000x700/5ae19977f35b8f093dff12f5/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s1000x700/5ae19977f35b8f093dff12f5/anh-gai-xinh-dep-nhat_012902114_800x450-20200901073210.jpg
Requested by
Host: www.startseven.xyz
URL: http://www.startseven.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a28140591ce44fd7e91e7381326078dc4362249ba8454c1b2e8749905deefea

Request headers

Referer
http://www.startseven.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Sep 2020 03:40:57 GMT
vary
Accept-Encoding
cf-cache-status
MISS
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
04f3a6b36a00001762f6bdf200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
5ccc73cbda0d1762-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 03 Sep 2021 03:40:57 GMT
8a10b56129875b58c9d4e5c9b237cbb2068832c1_800x301-20200901073318.jpg
w.ladicdn.com/s1000x600/5ae19977f35b8f093dff12f5/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/s1000x600/5ae19977f35b8f093dff12f5/8a10b56129875b58c9d4e5c9b237cbb2068832c1_800x301-20200901073318.jpg
Requested by
Host: www.startseven.xyz
URL: http://www.startseven.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15f0f3a5cb5c5d96f68ff4b736f92f183d68ff4f511ae807904cd803cb61e443

Request headers

Referer
http://www.startseven.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Sep 2020 03:40:58 GMT
vary
Accept-Encoding
cf-cache-status
MISS
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
04f3a6b36a00001762f6be0200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
5ccc73cbda0e1762-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 03 Sep 2021 03:40:58 GMT
mem5YaGs126MiZpBA-UN7rgOXehpKKSTj5PW.woff2
fonts.gstatic.com/s/opensans/v17/ 		3 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOXehpKKSTj5PW.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Itim:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f47e5856ad7cbe9d872ce57b054a281f0410e101be9fee17cfc149620ba95878
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.startseven.xyz
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Itim:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 31 Aug 2020 09:12:35 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:06 GMT
server
sffe
age
239302
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3580
x-xss-protection
0
expires
Tue, 31 Aug 2021 09:12:35 GMT
mem8YaGs126MiZpBA-UFWp0bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v17/ 		3 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFWp0bf8pkAp6a.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Itim:bold,regular&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
074ac4556c0b06d0fb73bbd04909faccc1f60f28b2a873d34bdb0efa6b740800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.startseven.xyz
Referer
https://fonts.googleapis.com/css?family=Open%20Sans:bold,regular|Itim:bold,regular&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 31 Aug 2020 09:12:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
239312
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3520
x-xss-protection
0
expires
Tue, 31 Aug 2021 09:12:25 GMT
event
a.ladipage.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://a.ladipage.com/event
Protocol
H2
Server
54.151.164.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-151-164-10.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,ladi_camp_form_submit,ladi_camp_form_submit_daily,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_page_view_daily,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_form_submit_daily,ladi_page_view,ladi_page_view_daily
Origin
http://www.startseven.xyz
Sec-Fetch-Mode
cors

Response headers

status
204
date
Thu, 03 Sep 2020 03:40:58 GMT
access-control-allow-origin
*
access-control-allow-methods
OPTIONS,POST
access-control-allow-headers
content-type,ladi_camp_form_submit,ladi_camp_form_submit_daily,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_page_view_daily,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_form_submit_daily,ladi_page_view,ladi_page_view_daily
access-control-max-age
0
apigw-requestid
SRTXljVwyQ0EJ0Q=
values
spreadsheets.google.com/feeds/list/11G4wiTRMvxg-fSRsYtutX7_ux8WjfZGYv6XcYKmc31I/1/public/ 		13 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://spreadsheets.google.com/feeds/list/11G4wiTRMvxg-fSRsYtutX7_ux8WjfZGYv6XcYKmc31I/1/public/values?alt=json
Requested by
Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.min.js?v=1598941181362
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ade3a3021ed3b523eabb07dcaa4fc8365dde1d99d2d03eb21aae05ef739d99e6
Security Headers
Name Value
Content-Security-Policy base-uri 'self';object-src 'self';report-uri https://docs.google.com/spreadsheets/cspreport;script-src 'report-sample' 'nonce-hWcW2duwwRA/CBguSabs7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.startseven.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Sep 2020 03:40:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
http://www.startseven.xyz
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
1; mode=block
last-modified
Thu, 03 Sep 2020 03:40:58 GMT
server
GSE
x-frame-options
SAMEORIGIN
vary
Accept, X-GData-Authorization, GData-Version
content-type
application/json; charset=UTF-8
gdata-version
1.0
access-control-expose-headers
Cache-Control,Content-Encoding,Content-Length,Content-Type,Date,Expires,Last-Modified,Server,Transfer-Encoding,Vary
cache-control
private, max-age=0, must-revalidate, no-transform
content-security-policy
base-uri 'self';object-src 'self';report-uri https://docs.google.com/spreadsheets/cspreport;script-src 'report-sample' 'nonce-hWcW2duwwRA/CBguSabs7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self'
x-robots-tag
noindex, nofollow, nosnippet
expires
Thu, 03 Sep 2020 03:40:58 GMT
event
a.ladipage.com/ 		43 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ladipage.com/event
Requested by
Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipage.min.js?v=1598941181362
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.151.164.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-151-164-10.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
90be1d292866bd2d976a959d9c1e4ebf99cb299fea6deb1de70d12f1812717c7

Request headers

LADI_CLIENT_ID
856b377b-9d75-4add-73d7-7524e1c8fd4f
LADI_PAGE_VIEW_DAILY
0
LADI_CAMP_ORIGIN_URL
LADI_FORM_SUBMIT_DAILY
0
LADI_CAMP_ID
LADI_CAMP_FORM_SUBMIT
0
LADI_CAMP_TYPE
LADI_CAMP_FORM_SUBMIT_DAILY
0
LADI_CAMP_PAGE_VIEW_DAILY
0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
LADI_FORM_SUBMIT
0
LADI_CAMP_NAME
Content-Type
application/json
Referer
http://www.startseven.xyz/
LADI_CAMP_TARGET_URL
LADI_CAMP_PAGE_VIEW
0
LADI_PAGE_VIEW
1

Response headers

status
200
date
Thu, 03 Sep 2020 03:40:58 GMT
access-control-allow-origin
*
content-length
43
apigw-requestid
SRTXni3OyQ0EJbw=
content-type
text/plain; charset=utf-8
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-134521961-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.startseven.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 19 Aug 2020 20:46:40 GMT
server
Golfe2
age
1517
date
Thu, 03 Sep 2020 03:15:40 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18323
expires
Thu, 03 Sep 2020 05:15:40 GMT
collect
www.google-analytics.com/j/ 		1 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j85&a=1174612759&t=pageview&_s=1&dl=http%3A%2F%2Fwww.startseven.xyz%2F&ul=en-us&de=UTF-8&dt=Startseven&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=918844541&gjid=426867155&cid=197629387.1599104458&tid=UA-134521961-1&_gid=1178495923.1599104458&_r=1&gtm=2ou8q1&z=924882949
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.startseven.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Sep 2020 03:40:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
http://www.startseven.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j85&a=1174612759&t=event&ni=1&_s=2&dl=http%3A%2F%2Fwww.startseven.xyz%2F&ul=en-us&de=UTF-8&dt=Startseven&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=LadiPageScrollDepth&ea=ScrollDepth_50_percent&el=www.startseven.xyz%2F&_u=IEBAAUABAAAAAC~&jid=&gjid=&cid=197629387.1599104458&tid=UA-134521961-1&_gid=1178495923.1599104458&gtm=2ou8q1&z=1746955410
Requested by
Host: www.startseven.xyz
URL: http://www.startseven.xyz/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.startseven.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Aug 2020 02:37:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1818182
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
track-log.js
sf19-scmcdn-va.ibytedtos.com/obj/goofy-va/track-log-international/ad/business/v2/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sf19-scmcdn-va.ibytedtos.com/obj/goofy-va/track-log-international/ad/business/v2/track-log.js
Requested by
Host: meteor.tiktok.com
URL: https://meteor.tiktok.com/i18n/pixel/sdk.js?sdkid=BT6CCV3NNFC0MNU60F80
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
10e0217659c265583f7b96b3c0bbad388ac4a2dd232ab6073a5e53699e2dc57d

Request headers

Referer
http://www.startseven.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Sep 2020 03:40:57 GMT
content-encoding
gzip
x-tt-trace-tag
id=00;cdn-cache=miss
content-md5
4EBIDVT7zIU6/8PboS3XQQ==
age
85429
x-cache
HIT
status
200
x-bdcdn-cache-status
TCP_HIT
server-timing
inner; dur=0
content-length
9458
via
1.1 varnish
x-tos-request-id
ee85e84f1814d173-abea28f
x-tos-response-time
Wed, 02 Sep 2020 03:57:08 GMT
last-modified
Wed, 02 Sep 2020 03:19:14 GMT
server
nginx
x-timer
S1599104458.986975,VS0,VE0
x-served-by
cache-hhn4062-HHN
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-tt-trace-host
01c7631d4c4e8c7c0575cd2aabe97e60e32b4a0844f56720dff61fdd6dd11940e58c96791b855ce7204d9e43b28fca65dcbe43aa2179e5424e2f9b25375d7b01cd5b8b71d544631cacec013db46cd9667e
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
9830
ToutiaoJSBridge.min_180413a.js
s0.ipstatp.com/js/lib/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s0.ipstatp.com/js/lib/ToutiaoJSBridge.min_180413a.js
Requested by
Host: sf19-scmcdn-va.ibytedtos.com
URL: https://sf19-scmcdn-va.ibytedtos.com/obj/goofy-va/track-log-international/ad/business/v2/track-log.js
Protocol
HTTP/1.1
Server
13.225.78.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-38.fra2.r.cloudfront.net
Software
nginx/1.14.2 /
Resource Hash
3d0d224b8e63e7818a74209c7def0b0244f101056a870b8601a6f1e4567fda5b

Request headers

Referer
http://www.startseven.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 01 Jul 2020 08:11:07 GMT
Content-Encoding
gzip
x-tt-trace-tag
id=00;cdn-cache=miss
Age
5513391
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
server-timing
inner; dur=4
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Fri, 13 Apr 2018 07:54:18 GMT
Server
nginx/1.14.2
ETag
W/"5ad0622a-62e"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
Cache-Control
max-age=7776000
x-tt-trace-host
012fe38f7cc7ec8d51d161114771938dc6124ccf6fc785202122549aab2a6e4c39ac94db4260d025220314895cbf5a52eefe82603c44bb736223f6adc3311c603660706c0dd3a5436a4d636036c3bcf882
X-Amz-Cf-Pop
FRA2-C2
Timing-Allow-Origin
*
X-Amz-Cf-Id
1hctjgefxP_czqs2mSPN9PYOxKhfEVV14jpBg0gD_fqND9382s3nUw==
Expires
Tue, 29 Sep 2020 08:11:07 GMT
collect
www.google-analytics.com/ 		35 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j85&a=1174612759&t=event&ni=1&_s=3&dl=http%3A%2F%2Fwww.startseven.xyz%2F&ul=en-us&de=UTF-8&dt=Startseven&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=LadiPageTimeOnPage&ea=TimeOnPage_10_seconds&el=www.startseven.xyz%2F&_u=KEBAAUABAAAAAC~&jid=&gjid=&cid=197629387.1599104458&tid=UA-134521961-1&_gid=1178495923.1599104458&gtm=2ou8q1&z=1212190260
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.startseven.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Aug 2020 02:37:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1818192
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
notify.svg
w.ladicdn.com/source/
Redirect Chain
  • https://static.ladipage.net/source/notify.svg
  • https://w.ladicdn.com/source/notify.svg
2 KB
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w.ladicdn.com/source/notify.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c950f9d8711acbcb718c05c7d12d9297acfd418b228382d45c92c36deab49b12

Request headers

Referer
http://www.startseven.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Sep 2020 03:41:08 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
3282264
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
04f3a6dd8f00001762f6995200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
2592000
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
5ccc740f4a3b1762-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
expires
Fri, 03 Sep 2021 03:41:08 GMT

Redirect headers

status
301
date
Thu, 03 Sep 2020 03:41:08 GMT
server
awselb/2.0
content-length
150
location
https://w.ladicdn.com:443/source/notify.svg
content-type
text/html

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| ladi_viewport boolean| ladi_is_desktop function| gtag object| dataLayer function| LadiPageScriptV2 object| Base64 object| LadiPageScript object| LadiFormApi function| parseFloatLadiPage function| lightbox_run function| lightbox_iframe function| lightbox_image function| lightbox_video function| LadiPageLibraryV2 function| LadiPageAppV2 function| ladi object| LadiPageApp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| Jelly boolean| _tt_config object| _taq object| _jelly_sdks object| jelly object| _tt_track object| ToutiaoJSBridge function| md5 object| VENDOR_PREFIXES

7 Cookies

Domain/Path Name / Value
.startseven.xyz/ Name: _gat_gtag_UA_134521961_1
Value: 1
.startseven.xyz/ Name: _gid
Value: GA1.2.1178495923.1599104458
.startseven.xyz/ Name: _ga
Value: GA1.2.197629387.1599104458
www.startseven.xyz/ Name: _timenow
Value: 1599104457595
www.startseven.xyz/ Name: LADI_PAGE_VIEW
Value: 1
www.startseven.xyz/ Name: LADI_FORM_SUBMIT
Value: 0
www.startseven.xyz/ Name: LADI_CLIENT_ID
Value: 856b377b-9d75-4add-73d7-7524e1c8fd4f

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ladipage.com
fonts.googleapis.com
fonts.gstatic.com
meteor.tiktok.com
s0.ipstatp.com
sf19-scmcdn-va.ibytedtos.com
spreadsheets.google.com
startseven.xyz
static.ladipage.net
w.ladicdn.com
www.google-analytics.com
www.googletagmanager.com
www.startseven.xyz
13.225.78.38
13.229.20.70
13.229.38.226
13.251.251.159
151.101.114.133
193.108.153.4
2606:4700::6812:d44
2a00:1450:4001:800::200e
2a00:1450:4001:809::2003
2a00:1450:4001:815::200e
2a00:1450:4001:81e::2008
2a00:1450:4001:821::200a
54.151.164.10
074ac4556c0b06d0fb73bbd04909faccc1f60f28b2a873d34bdb0efa6b740800
10e0217659c265583f7b96b3c0bbad388ac4a2dd232ab6073a5e53699e2dc57d
15f0f3a5cb5c5d96f68ff4b736f92f183d68ff4f511ae807904cd803cb61e443
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
35327bcecf226f1e75d221cf9b537d5d8a127dd1e38298cc4596bcf638f6071a
3d0d224b8e63e7818a74209c7def0b0244f101056a870b8601a6f1e4567fda5b
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
6446b6826bb6136c8782e74d99a2ea78cc9cb508cf61f4020fee5415f108c7e1
64c9eba4c8e068aee5a464ab4bdf54bed44f5ccf2ff97ed1faf1e4e341be8913
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
77c37bfe8fba3bc08a87669729e046dd966d249cbba4f9f3272b072f8515d813
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
90be1d292866bd2d976a959d9c1e4ebf99cb299fea6deb1de70d12f1812717c7
916485cf27b208519056ab129496e6d56cec8ed668b0d35204f093babb37e261
9a28140591ce44fd7e91e7381326078dc4362249ba8454c1b2e8749905deefea
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a690de9ae4ea47075b78aa0e67967e8bbb658bbdeae8d023b4480cfbb1fdfb96
ade3a3021ed3b523eabb07dcaa4fc8365dde1d99d2d03eb21aae05ef739d99e6
c950f9d8711acbcb718c05c7d12d9297acfd418b228382d45c92c36deab49b12
d5b12ba320d79744057a337087cb9fb09cec08a78576936f0c69bb44132823e0
f47e5856ad7cbe9d872ce57b054a281f0410e101be9fee17cfc149620ba95878
f4be9238008388da65982f6e7a4280955d9c903f204cb7ec4ca657ae64b5f50e
f5d1dff02098141f7845741820eb27f9d1736e1767eb9d434e2b100948554f98