urlscan.io logo urlscan.io
SecurityTrails logo

bjyl.s.m28n.net Open in urlscan Pro
2001:19f0:5001:3eef:5400:3ff:fe0f:8927  Public Scan

Go To Rescan Add Verdict Report
URL: http://bjyl.s.m28n.net/
Submission: On November 13 via manual from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 3 countries across 18 domains to perform 44 HTTP transactions. The main IP is 2001:19f0:5001:3eef:5400:3ff:fe0f:8927, located in United States and belongs to AS-CHOOPA, US. The main domain is bjyl.s.m28n.net.
This is the only time bjyl.s.m28n.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2001:19f0:5001:3eef:5400:3ff:fe0f:8927 (United States)

ASN20473 (AS-CHOOPA, US)
bjyl.s.m28n.net
1    104.111.215.135 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-135.deploy.static.akamaitechnologies.com
js-sec.indexww.com
2    2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2606:4700:20::681a:bf2 (United States)

ASN13335 (CLOUDFLARENET, US)
c.n.m28.io
1    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2606:4700:20::ac43:491c (United States)

ASN13335 (CLOUDFLARENET, US)
static.diep.io
1    34.214.217.77 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-214-217-77.us-west-2.compute.amazonaws.com
apollo.miniclip.com
3    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.de
adservice.google.com
1    2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    172.217.22.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s17-in-f66.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
19ff74c05b557664165e460ee0279021.safeframe.googlesyndication.com
10    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
tpc.googlesyndication.com
2    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
Domain Requested by
8 static.diep.io 4 redirects bjyl.s.m28n.net
static.diep.io
6 tpc.googlesyndication.com bjyl.s.m28n.net
cdn.ampproject.org
securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 cdn.ampproject.org securepubads.g.doubleclick.net
4 pagead2.googlesyndication.com bjyl.s.m28n.net
securepubads.g.doubleclick.net
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
bjyl.s.m28n.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 bjyl.s.m28n.net bjyl.s.m28n.net
1 www.google.com bjyl.s.m28n.net
1 19ff74c05b557664165e460ee0279021.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagservices.com bjyl.s.m28n.net
1 apollo.miniclip.com bjyl.s.m28n.net
apollo.miniclip.com
1 www.googletagmanager.com bjyl.s.m28n.net
1 fonts.googleapis.com bjyl.s.m28n.net
1 c.n.m28.io bjyl.s.m28n.net
1 js-sec.indexww.com bjyl.s.m28n.net
0 api.rlcdn.com Failed js-sec.indexww.com
0 match.adsrvr.org Failed js-sec.indexww.com
0 cdn.webglstats.com Failed bjyl.s.m28n.net
44 21

This site contains no links.

Subject Issuer Validity Valid
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
m28.io
Cloudflare Inc ECC CA-3		 2020-07-02 -
2021-07-02		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-18 -
2021-08-18		 a year crt.sh
miniclip.com
Amazon		 2020-08-20 -
2021-09-19		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-10-20 -
2021-01-12		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh

This page contains 3 frames:

Primary Page: http://bjyl.s.m28n.net/
Frame ID: 4000BAD3A506557637EF4A0354BEC0EB
Requests: 29 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/232010270040000/amp4ads-v0.mjs
Frame ID: D0D0E40C66E7B7EBA201754D740DD7BA
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 290EA3EDB5F5F8F192C43F907D3C53BB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

44
Requests

80 %
HTTPS

82 %
IPv6

18
Domains

21
Subdomains

18
IPs

3
Countries

646 kB
Transfer

1738 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://static.diep.io/pow.js?v2 HTTP 301
  • https://static.diep.io/pow.js?v2
Request Chain 6
  • http://static.diep.io/a.js?a&ad_box_ HTTP 301
  • https://static.diep.io/a.js?a&ad_box_
Request Chain 7
  • http://static.diep.io/c.js?2 HTTP 301
  • https://static.diep.io/c.js?2
Request Chain 9
  • http://apollo.miniclip.com/v1/js HTTP 307
  • https://apollo.miniclip.com/v1/js
Request Chain 14
  • http://static.diep.io/build_7cfc34fd65cffe7ef51d03a8f128ea59e85dbe31.wasm.js HTTP 301
  • https://static.diep.io/build_7cfc34fd65cffe7ef51d03a8f128ea59e85dbe31.wasm.js

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bjyl.s.m28n.net/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://bjyl.s.m28n.net/
Protocol
HTTP/1.1
Server
2001:19f0:5001:3eef:5400:3ff:fe0f:8927 , United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
fa0f640d8e4904dee9e1c33f7c38ca2457de3342b7b0f84e2f6a493506b780c9

Request headers

Host
bjyl.s.m28n.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Fri, 13 Nov 2020 14:21:55 GMT
Content-Type
text/html
Last-Modified
Sun, 08 Nov 2020 06:48:59 GMT
Transfer-Encoding
chunked
Connection
keep-alive
ETag
W/"5fa794db-15ce"
Content-Encoding
gzip
htw-mc-diep.js
js-sec.indexww.com/ht/ 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/htw-mc-diep.js
Requested by
Host: bjyl.s.m28n.net
URL: http://bjyl.s.m28n.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-135.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
41472a7f1c3d558d1565acb5322ac7bf76e0c58eb89e641f463bb0b7acbc532d

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 14:21:58 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Nov 2020 14:21:20 GMT
Server
Apache
ETag
"da2ca4-1e925-5b3fdbe0e6891"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
37252
Expires
Fri, 13 Nov 2020 15:21:58 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		130 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: bjyl.s.m28n.net
URL: http://bjyl.s.m28n.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af37fe3ad7a203af217db65b76b7c0931626f71e1c3a7b7163b447fdc5e4dc4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 14:21:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
45475
x-xss-protection
0
server
cafe
etag
12302490219791743052
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 13 Nov 2020 14:21:55 GMT
sdk.js
c.n.m28.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.n.m28.io/sdk.js
Requested by
Host: bjyl.s.m28n.net
URL: http://bjyl.s.m28n.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bf2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
414f5adc81178f465ce2432d4ae09c983a92075b42795fa3cc7b6b83ebe259ac

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 14:21:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
427
cf-polished
origSize=5283
status
200
cf-request-id
0663950b520000979c1b3b0000000001
last-modified
Tue, 25 Dec 2018 03:57:23 GMT
server
cloudflare
etag
W/"14a3-167e3828cb8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cYrfDOuGPvGevVS4cn99lxCTasK%2BMTOMrKr1rwxDrBWvxnj1CqjJudrGp8wd7oQP%2Btyd32HNZP9Jf4%2F0rJcpBm2dAXRJj8XlGj09U7Ue68n0PVsa5Ntl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
cf-ray
5f1924588c16979c-FRA
cf-bgj
minify
css
fonts.googleapis.com/ 		2 KB
606 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:700
Requested by
Host: bjyl.s.m28n.net
URL: http://bjyl.s.m28n.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
45b4c56f022a9a970d3f5cf8ebc93e824bd7518ff530b6ab118d9d05a14bcd70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 13 Nov 2020 14:14:23 GMT
server
ESF
date
Fri, 13 Nov 2020 14:21:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Nov 2020 14:21:55 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-101224921-4
Requested by
Host: bjyl.s.m28n.net
URL: http://bjyl.s.m28n.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ef9bb30e523c1bbaed65b56c0ff83a2a6bee52d5366ce59f9d42788d58d64c52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 14:21:55 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38695
x-xss-protection
0
last-modified
Fri, 13 Nov 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 13 Nov 2020 14:21:55 GMT
pow.js
static.diep.io/
Redirect Chain
  • http://static.diep.io/pow.js?v2
  • https://static.diep.io/pow.js?v2
612 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.diep.io/pow.js?v2
Requested by
Host: bjyl.s.m28n.net
URL: http://bjyl.s.m28n.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
276ab2b47f32276ae30be2b8daf958509a801918fb70cc3389c89f73a0d26d43

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 14:21:55 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
429
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iW7k04E6eG7JEdWRfrns1aWqD0IfQPV%2FKoNWhfxEC1MexRip13KZiC8uabZ87zjsx3uXdVtiCY1CYg8DoNQjj%2FzEz8uiOWmsQ947%2FxV6kNTNQ95%2FZSZS5c1gwg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
cache-control
max-age=1800, immutable
cf-ray
5f192458afdd2b22-FRA
access-control-allow-origin
*
cf-request-id
0663950b6c00002b22bebc8000000001

Redirect headers

Date
Fri, 13 Nov 2020 14:21:55 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UegRSmKKoKPsw3rXMQpvl6Rzo4sT2c7VXWmDXqh9HTNVjK43n5BSBot%2FiHZGPqm3S7KknMpV498RoqzHqb%2BEsHUu67Z0CaRW1POEBW24g8rnsksLwj0o1uChKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://static.diep.io/pow.js?v2
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5f1924587dd0175a-FRA
cf-request-id
0663950b4d0000175abb073000000001
Expires
Fri, 13 Nov 2020 15:21:55 GMT
a.js
static.diep.io/
Redirect Chain
  • http://static.diep.io/a.js?a&ad_box_
  • https://static.diep.io/a.js?a&ad_box_
22 B
306 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.diep.io/a.js?a&ad_box_
Requested by
Host: bjyl.s.m28n.net
URL: http://bjyl.s.m28n.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f4f5dea4285a0889142ef248715467863f1509fd7c63da1a40ac18e09df7e5c

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 14:21:55 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
429
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WCuPkm5O83TXXd%2BjHhJDOUAIjywcQm9kfx7gJbXD7V0bu0bcEA1gTZPvKMB2EWblgKUmWa3VJhEjrJkf20klh2Ruy0tMl25yj0XRVtGCSQ9P6%2B9TB7xepVlrgA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
cache-control
max-age=1800, immutable
cf-ray
5f192458afda2b22-FRA
access-control-allow-origin
*
cf-request-id
0663950b6c00002b22d52ef000000001

Redirect headers

Date
Fri, 13 Nov 2020 14:21:55 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8f6MRijTo5gmNGvxBt6%2FpX3o58kToFD8sC9O61xx%2BURgBVhBFJWk6XNZ9XTVOlB0P4dsFkbCvKi2lkS2bKqwq7rC4piCnYia8pQ%2BeSfmgBkpvF6%2BMz%2BkXCCr2A%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://static.diep.io/a.js?a&ad_box_
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5f19245879913258-FRA
cf-request-id
0663950b4c0000325851345000000001
Expires
Fri, 13 Nov 2020 15:21:55 GMT
c.js
static.diep.io/
Redirect Chain
  • http://static.diep.io/c.js?2
  • https://static.diep.io/c.js?2
4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.diep.io/c.js?2
Requested by
Host: bjyl.s.m28n.net
URL: http://bjyl.s.m28n.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c74e81a1d5d217657680d11330b514bb162702db6dcd738460d1c1b9ea7a55e

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 14:21:55 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
429
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=coGW2Lxvsk8t1tfJGjLEReoZb7%2Febaz4c47R0AermSYh10W453SUu3m%2Fnos%2Fmph3v%2B3J6iyyuMyRjtXEa62x%2FoTJjrnCGOinH0hpgmoj1q3AfrnW7nNCtmYr4g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
cache-control
max-age=1800, immutable
cf-ray
5f192458afde2b22-FRA
access-control-allow-origin
*
cf-request-id
0663950b6c00002b22ca222000000001

Redirect headers

Date
Fri, 13 Nov 2020 14:21:55 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FJHjPU2mQYp5uwFsmKtBdylw5UARXqUkGWCk2978fJgqUGYSdxpzaimVi%2BtlDIiqzi4x6cDckahuL707KSXvFjga4kkkY2u21prYLngoJkmLJxUpEJQPtfC1Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://static.diep.io/c.js?2
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5f1924587b732c32-FRA
cf-request-id
0663950b4c00002c32681a7000000001
Expires
Fri, 13 Nov 2020 15:21:55 GMT
stat.js
cdn.webglstats.com/ 		0
0
js
apollo.miniclip.com/v1/
Redirect Chain
  • http://apollo.miniclip.com/v1/js
  • https://apollo.miniclip.com/v1/js
13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apollo.miniclip.com/v1/js
Requested by
Host: bjyl.s.m28n.net
URL: http://bjyl.s.m28n.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.217.77 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-217-77.us-west-2.compute.amazonaws.com
Software
nginx / PHP/5.6.31
Resource Hash
6038900f86562100c8cc07b92614903162734181a933961b5f01261dca395b64

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
public
Date
Fri, 13 Nov 2020 14:21:58 GMT
Content-Encoding
gzip
Etag
W/"1601548296-3733783334"
Last-Modified
Thu, 01 Oct 2020 10:31:36 GMT
Server
nginx
X-Powered-By
PHP/5.6.31
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=7200, no-cache="set-cookie"
Connection
keep-alive
Content-Length
5427
Expires
Fri, 13 Nov 2020 16:21:58 GMT

Redirect headers

Location
https://apollo.miniclip.com/v1/js
Non-Authoritative-Reason
HSTS
gpt.js
www.googletagservices.com/tag/js/ 		53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: bjyl.s.m28n.net
URL: http://bjyl.s.m28n.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c8536ce0cb20fde041856a5af3b69f5dba5c12f961d73a63772f8992f5d10df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 14:21:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"692 / 528 of 1000 / last-modified: 1605269458"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
18136
x-xss-protection
0
expires
Fri, 13 Nov 2020 14:21:55 GMT
4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
251e8e864140d9a7ceacce3371ff692595dd0a455ad000de4041d8a313618bd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://bjyl.s.m28n.net
Referer
https://fonts.googleapis.com/css?family=Ubuntu:700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 08:15:41 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:03:11 GMT
server
sffe
age
21974
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14096
x-xss-protection
0
expires
Sat, 13 Nov 2021 08:15:41 GMT
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-101224921-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
3967
date
Fri, 13 Nov 2020 13:15:48 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Fri, 13 Nov 2020 15:15:48 GMT
pow_worker.js
bjyl.s.m28n.net/ 		7 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
http://bjyl.s.m28n.net/pow_worker.js
Requested by
Host: bjyl.s.m28n.net
URL: http://bjyl.s.m28n.net/
Protocol
HTTP/1.1
Server
2001:19f0:5001:3eef:5400:3ff:fe0f:8927 , United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d57064cdc8653d6ef07e00a0dd1ba2d59e9090704b79f5f2d0b44ccdbb3d8a76

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 13 Nov 2020 14:21:55 GMT
Last-Modified
Wed, 22 Jul 2020 13:29:12 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5f183f28-1cf1"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7409
build_7cfc34fd65cffe7ef51d03a8f128ea59e85dbe31.wasm.js
static.diep.io/
Redirect Chain
  • http://static.diep.io/build_7cfc34fd65cffe7ef51d03a8f128ea59e85dbe31.wasm.js
  • https://static.diep.io/build_7cfc34fd65cffe7ef51d03a8f128ea59e85dbe31.wasm.js
74 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.diep.io/build_7cfc34fd65cffe7ef51d03a8f128ea59e85dbe31.wasm.js
Requested by
Host: bjyl.s.m28n.net
URL: http://bjyl.s.m28n.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:491c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61caa2359ab04162757f02fee34c281c586df9fa3ad6af86824ddb6320ddb35b

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 14:21:55 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
418
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
status
200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gbkZJ8k9fb8MZOVubglcXrsR4BVnGrtpt3wrwy%2FNaXGfC1waGK3ltNWy%2B1U50jr0ztkYjhYp%2FLTxNcNMA3h80uzGC8wHqDpEx5btqu0z1ICFIY23gKAmVmNr3g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
cache-control
max-age=1800, immutable
cf-ray
5f192458f8692b22-FRA
access-control-allow-origin
*
cf-request-id
0663950b9700002b225bb2f000000001

Redirect headers

Date
Fri, 13 Nov 2020 14:21:55 GMT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pV29ZTknuNHVg4A%2FaaG2ZeF6xH%2BBWkV9G2QCeUXAonnFQ1hcCBrHuMEcbwA8HXSVcUiKX7%2FBRNpKagttEaxILMHsZcZJVtRDCRpAtsmVlvvuTeoOJ234PNv4ug%3D%3D"}],"group":"cf-nel","max_age":604800}
Location
https://static.diep.io/build_7cfc34fd65cffe7ef51d03a8f128ea59e85dbe31.wasm.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5f192458de6f175a-FRA
cf-request-id
0663950b850000175a2227e000000001
Expires
Fri, 13 Nov 2020 15:21:55 GMT
collect
www.google-analytics.com/j/ 		1 B
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=877158211&t=pageview&_s=1&dl=http%3A%2F%2Fbjyl.s.m28n.net%2F&ul=en-us&de=windows-1252&dt=diep.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=852813490&gjid=545053517&cid=1146212812.1605277316&tid=UA-101224921-4&_gid=1374691063.1605277316&_r=1&gtm=2oub41&z=1407048893
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Nov 2020 14:21:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
http://bjyl.s.m28n.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2020111001.js
securepubads.g.doubleclick.net/gpt/ 		276 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
sffe /
Resource Hash
f1b23a6200bdb4728ad055b6439a7055e73c62e61a97804fa6ac13871164c198
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 14:21:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99726
x-xss-protection
0
last-modified
Tue, 10 Nov 2020 09:44:01 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Nov 2020 14:21:57 GMT
build_7cfc34fd65cffe7ef51d03a8f128ea59e85dbe31.wasm.wasm
static.diep.io/ 		0
0
integrator.js
adservice.google.de/adsid/ 		109 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=bjyl.s.m28n.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Nov 2020 14:21:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=bjyl.s.m28n.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Nov 2020 14:21:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		341 KB
143 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3757203032231806&correlator=3902300084682610&output=ldjh&impl=fifs&eid=21068727%2C21068736%2C21067448%2C21068418&vrg=2020111001&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20201113&iu_parts=116850162%2CDiep.io_300x250_initial&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cookie_enabled=1&bc=23&abxe=1&lmt=1604818139&dt=1605277317875&dlt=1605277315880&idt=1967&frm=20&biw=1600&bih=1200&oid=3&adxs=650&adys=926&adks=1477199868&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fbjyl.s.m28n.net%2F&dssz=20&icsg=705175552&std=0&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=1146212812.1605277316&ga_sid=1605277318&ga_hid=877158211&fws=4&ohw=300&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
5fd80e3f0d97dc709fdbc3c6181bebd6d3c9dbaa3e0d57039c8d47c3f34947ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 14:21:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145997
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://bjyl.s.m28n.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
19ff74c05b557664165e460ee0279021.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://19ff74c05b557664165e460ee0279021.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
push
apollo.miniclip.com/v1/data/ 		0
0
push
apollo.miniclip.com/v1/data/ Frame 		0
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/232010270040000/ Frame D0D0 		188 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/232010270040000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46025f1e6296df84ea1351028c57a75217a4ffca14a3feb4ef694d00d9dc1779
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
78881
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54015
x-xss-protection
0
server
sffe
date
Thu, 12 Nov 2020 16:27:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8d96493634e86e25"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Nov 2021 16:27:17 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/232010270040000/v0/ Frame D0D0 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/232010270040000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
78881
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4850
x-xss-protection
0
server
sffe
date
Thu, 12 Nov 2020 16:27:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9b4fe327cbbf3d54"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Nov 2021 16:27:17 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/232010270040000/v0/ Frame D0D0 		90 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/232010270040000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
78881
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27668
x-xss-protection
0
server
sffe
date
Thu, 12 Nov 2020 16:27:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cf57a07d51864bbe"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Nov 2021 16:27:17 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/232010270040000/v0/ Frame D0D0 		72 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/232010270040000/v0/amp-animation-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ed84e4aa1f7fe5f0907cb64ee40941cf5cf83395e98292472157d2be68dbdd7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
74813
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16597
x-xss-protection
0
server
sffe
date
Thu, 12 Nov 2020 17:35:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ae22c13c4fff7eda"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Nov 2021 17:35:05 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/232010270040000/v0/ Frame D0D0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/232010270040000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
78881
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1350
x-xss-protection
0
server
sffe
date
Thu, 12 Nov 2020 16:27:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"801b33d761932546"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Nov 2021 16:27:17 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/232010270040000/v0/ Frame D0D0 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/232010270040000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
78881
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13075
x-xss-protection
0
server
sffe
date
Thu, 12 Nov 2020 16:27:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e6506b245eaf4710"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Nov 2021 16:27:17 GMT
truncated
/ Frame D0D0 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b3285c6b7c966ce300d963e7b5b3355958b0f4ebe77d7508ae746bd6e29e1fd

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D0D0 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: bjyl.s.m28n.net
URL: http://bjyl.s.m28n.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 Nov 2020 23:34:25 GMT
x-content-type-options
nosniff
server
cafe
age
53253
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 13 Nov 2020 23:34:25 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D0D0 		295 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: bjyl.s.m28n.net
URL: http://bjyl.s.m28n.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 21:53:21 GMT
x-content-type-options
nosniff
age
59317
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
server
cafe
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 13 Nov 2020 21:53:21 GMT
l
www.google.com/ads/measurement/ Frame D0D0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.com/ads/measurement/l?ebcid=ALh7CaQxMLpTvVKwR74C3jOwl1kyEOcX11ydSOUz5duRjEcWpwwoasBC6i5uSozumDYDQzXHmWof
Requested by
Host: bjyl.s.m28n.net
URL: http://bjyl.s.m28n.net/
Protocol
HTTP/1.1
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame D0D0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CQDxIhZauX4-2O9f57gPk-77QCfbStfJcwozlkfUIrcPvjM4UEAEg0oHAJmCRhJOF_BegAdq2yc8DyAEJqQLlVC4LMtGzPuACAKgDAcgDCKoEyAFP0AJ6DAy_HAK6wTKQeBoLfVKzpySRl4xEYjcBV0wnCIIOs5NEAvO3uEN_TrGvZ_uA6qG3YZ9bEQmg2_bEChTzkm_JEWnc8JtyjDR3DpE0Q6sUPvGCa_wyFl1A2HAow-YHmA4dINrV3nyiM0i3o4Goujy5oadPx8VCqm_iYopUMOC2qJLBizSFcQ9MaUe9BtmE1_nNPPa8UZB0IVJbtfiuVCyakYl96fKg2f3pwKu0PfYWV82PI1OpUMyLC8swhIgV52f9FuD-FcAE2vCO9v4B4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB47JtjCoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQz-MG0ggJCIDhgFAQARgdgAoDyAsB2BMCshcaChgIARIUcHViLTYyODA5NDI4NTQ3NTkzNDQ&sigh=Rgffu8xKFb8&template_id=419&tpd=AGWhJmsNiWQ3GesEK1ln2qMmSl9M69VFYfSvFbnpzCN6ns0XQQ
Requested by
Host: bjyl.s.m28n.net
URL: http://bjyl.s.m28n.net/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
truncated
/ Frame D0D0 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9bf54c695584c34deb52a0661163482c6e944d416158160b26f9ca4dfb9048d

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame D0D0 		25 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0213dac922434a02f6f0f24ee9d27be097f1e8657758cea85f333179711e5f9d

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ Frame D0D0 		39 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4712db5a3845e59705ec9ca3a9d1a13f402cc24bbcb72508ad201f8c7e893f6b

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D0D0 		38 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bdf86d7687d844b39471e7796433ba7a18d3dea73dcf9d2cbc3ff7e57fb3b66c

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpeg
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D0D0 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/232010270040000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 11:08:58 GMT
x-content-type-options
nosniff
age
11580
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
server
cafe
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 14 Nov 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D0D0 		295 B
748 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/232010270040000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 22:32:01 GMT
x-content-type-options
nosniff
age
56997
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
server
cafe
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 13 Nov 2020 22:32:01 GMT
rid
match.adsrvr.org/track/ 		0
0
identity
api.rlcdn.com/api/ 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame D0D0 		42 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPEWvgVJ5GF1kPcHk_Hc-xQjLnvPqlQ3-kowxNJMGAX9TbpkSLpOnK2-4LzjzLwGhCb9nw90qiOKk46bU-hQNJDasE7-dO_3K4fWkUbVTf4J7uHvv3CwxJz07mT6eubNgjlPDnNCo76sW5G4JYzeuN&sai=AMfl-YSNqN9QfW5bw1jtew1btdfCxl0Rdmf_upsJe6DfAKrqqk6E-7Dt0i2IcbweFWvbpVJhFP_SUEPzaQZIPv0xi3RtrgD3dLgGv3y_OgScpiaE14eIrOarF1l2ppmmWSnB&sig=Cg0ArKJSzB2Cjt8_LviGEAE&cid=CAASPeRoS5tLiNqsbHklWrqNYqs1SqHLFREkPWJedyajswLOiQm_zUofs7IeEM2mtR17iBjfLX61HOKnMs1nNFU&id=ampim&o=650,926&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=410&tls=1410&g=100&h=100&tt=1410&r=v&avms=ampa&adk=1477199868
Requested by
Host: bjyl.s.m28n.net
URL: http://bjyl.s.m28n.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Nov 2020 14:22:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d37b082387ab0db27f19a6f081a14a8866685b2c1dd2ded08086016be1b1b131
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Nov 2020 14:22:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6411
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 14:22:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603823857801521"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6015
x-xss-protection
0
expires
Fri, 13 Nov 2020 14:22:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 290E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/219/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://bjyl.s.m28n.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://bjyl.s.m28n.net/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4867
date
Fri, 13 Nov 2020 13:15:48 GMT
expires
Sat, 13 Nov 2021 13:15:48 GMT
last-modified
Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3972
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111001&jk=3757203032231806&bg=!FBelFzfNAAUoamvQKFhAHn9g9mpT3gIAAAEAUgAAAD1oAQcKAVK7IaZwJyxsJgUbu7vEaA5-w6wBaLydm4k0sQRgum4qFjKFYQOjVPhgiS9CINxxLWZvX4BUXh0q9D_ti8tcTyHlI_wvUP4WUribbmzKUDl1xEGocQGsJGqpvG_hj08YEgYtR8RwAqwbcQ_MTTk7fH1wW2_ZUFUwzyZrQK_ekZRhfE8u0F7aI28gfB611xC5qqfJAoX6uhnHxzrMVKW0qkD-iYsBRjRPqFFd6NrEpZMF7ad5E_YdBdYTRSzdOpbyUfwru6VKZxWGneONWy5dap3Ba7aIeltByGOtE8yTjcbuwZ-IAHesx3Eh2m6M-wcNMrzMQPO_YbLwz31YMzqVxQHdooSh5DrdpEs_FFIJKuYoUPDflUmcdT77BNUM6SEMVxkU3S5AAwrMXmpYCR1_T9C03sBn-8HLi1LfmNLIFsna_AeDynvC1pJX1c1YCyHitYBpAZkBt4UVe1BSV20CIyIFzAFCFes_Az4GuHJLqeqClUyy34mEIp3M2ma_624ycjfIn07i97_b86U_oU-wWC-7cgODX3k6UebMil6RjJw_AeCYI2YAw80Wla_IXg4diYXWrZ89JUHBMnAwU4RzebOi-sgK6t4NlDhT82NJh_W__irZUkX5pSug_TWrMpJuv3zG62p2kQSSdDa7mb7zLgw8U7qWaQucvYeqUbfPuwqyPBPgEEnDqAF7vNTJWyyb3PlH0A87ns3lYAMVxEta4Qckg-iGzRvknXuKbinmRqI6KCvaI_XmPlLiTSH8Hx-u6SmdyHWrIiMqCrrzYAgwVtSRy45DDkazgrBg75egBLewqv3x6C-mnvo4VxszyY0CJJb86-n33ggtFQf0xp7VqyQ2q224K-sR0MrtceU_uBaEB3Cv9la7VL0pZouAFq00F83egEW0o7z204ZMIqH1M30urRt_IuMYzy_1fA002MN4cvnMdHZ-JEk8SBV0SluczpTWnq6sqmbaEkJ333f281kSLQ4Vj2-24AL3o8S36FYA9bpAetjo9dthBgt2-VdUXS4TNcebxLpvdtS6w0g
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://bjyl.s.m28n.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Nov 2020 14:22:01 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
status
204
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.webglstats.com
URL
http://cdn.webglstats.com/stat.js
Domain
static.diep.io
URL
http://static.diep.io/build_7cfc34fd65cffe7ef51d03a8f128ea59e85dbe31.wasm.wasm
Domain
apollo.miniclip.com
URL
http://apollo.miniclip.com/v1/data/push
Domain
apollo.miniclip.com
URL
http://apollo.miniclip.com/v1/data/push
Domain
match.adsrvr.org
URL
http://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=185008
Domain
api.rlcdn.com
URL
http://api.rlcdn.com/api/identity?pid=2&rt=envelope

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| trustedTypes function| Apollo function| MCApolloPageView string| mc_ap_pv_c_n object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle object| m28n object| googletag object| initialAds object| mainAds object| statsAds function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| m28 boolean| ads function| setLoadingStatus function| setTyping function| unscale object| gaplugins object| gaGlobal object| gaData object| Module function| connect function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| googleToken object| googleIMState function| processGoogleToken boolean| ads2 number| __google_ad_urls_id number| google_unique_id object| mc_ap_pv_e object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| headertag function| headertag_render object| rubicontag object| pbjs object| GoogleGcLKhOms object| google_image_requests

3 Cookies

Domain/Path Name / Value
.m28n.net/ Name: __gads
Value: ID=9b3bb14196072c14-22c65e9634b900da:T=1605277317:S=ALNI_Ma-GX4XxNXCiMWdaUCiUjLTA5-S6g
bjyl.s.m28n.net/ Name: MCA_SID
Value: OTZkNTVlZDAtMjViYi0xMWViLTljNmItMjM1ODhmMjZmYTAy
bjyl.s.m28n.net/ Name: MCA_VID
Value: OTZkNTM3YzAtMjViYi0xMWViLTljNmItMjM1ODhmMjZmYTAy

4 Console Messages

Source Level URL
Text
console-api log URL: http://static.diep.io/build_7cfc34fd65cffe7ef51d03a8f128ea59e85dbe31.wasm.js(Line 1)
Message:
Downloading d.js...
console-api log URL: http://static.diep.io/build_7cfc34fd65cffe7ef51d03a8f128ea59e85dbe31.wasm.js(Line 1)
Message:
1 dependencies left
console-api info URL: https://cdn.ampproject.org/rtv/232010270040000/amp4ads-v0.mjs(Line 9)
Message:
Powered by AMP ⚡ HTML – Version 2010270040000 http://bjyl.s.m28n.net/
console-api error URL: https://cdn.ampproject.org/rtv/232010270040000/amp4ads-v0.mjs(Line 1)
Message:
[amp-story-auto-ads:ui] Both CTA Type & CTA Url are required in ad response.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

19ff74c05b557664165e460ee0279021.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
api.rlcdn.com
apollo.miniclip.com
bjyl.s.m28n.net
c.n.m28.io
cdn.ampproject.org
cdn.webglstats.com
fonts.googleapis.com
fonts.gstatic.com
js-sec.indexww.com
match.adsrvr.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
static.diep.io
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
api.rlcdn.com
apollo.miniclip.com
cdn.webglstats.com
match.adsrvr.org
static.diep.io
104.111.215.135
172.217.22.66
2001:19f0:5001:3eef:5400:3ff:fe0f:8927
2606:4700:20::681a:bf2
2606:4700:20::ac43:491c
2a00:1450:4001:800::2001
2a00:1450:4001:800::2002
2a00:1450:4001:801::2001
2a00:1450:4001:801::200e
2a00:1450:4001:809::2004
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:81b::2003
2a00:1450:4001:81f::2002
2a00:1450:4001:820::2008
2a00:1450:4001:820::200a
34.214.217.77
0213dac922434a02f6f0f24ee9d27be097f1e8657758cea85f333179711e5f9d
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
1ed84e4aa1f7fe5f0907cb64ee40941cf5cf83395e98292472157d2be68dbdd7
251e8e864140d9a7ceacce3371ff692595dd0a455ad000de4041d8a313618bd7
276ab2b47f32276ae30be2b8daf958509a801918fb70cc3389c89f73a0d26d43
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3c74e81a1d5d217657680d11330b514bb162702db6dcd738460d1c1b9ea7a55e
41472a7f1c3d558d1565acb5322ac7bf76e0c58eb89e641f463bb0b7acbc532d
414f5adc81178f465ce2432d4ae09c983a92075b42795fa3cc7b6b83ebe259ac
45b4c56f022a9a970d3f5cf8ebc93e824bd7518ff530b6ab118d9d05a14bcd70
46025f1e6296df84ea1351028c57a75217a4ffca14a3feb4ef694d00d9dc1779
4712db5a3845e59705ec9ca3a9d1a13f402cc24bbcb72508ad201f8c7e893f6b
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
5fd80e3f0d97dc709fdbc3c6181bebd6d3c9dbaa3e0d57039c8d47c3f34947ea
6038900f86562100c8cc07b92614903162734181a933961b5f01261dca395b64
61caa2359ab04162757f02fee34c281c586df9fa3ad6af86824ddb6320ddb35b
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f4f5dea4285a0889142ef248715467863f1509fd7c63da1a40ac18e09df7e5c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8b3285c6b7c966ce300d963e7b5b3355958b0f4ebe77d7508ae746bd6e29e1fd
8c8536ce0cb20fde041856a5af3b69f5dba5c12f961d73a63772f8992f5d10df
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
af37fe3ad7a203af217db65b76b7c0931626f71e1c3a7b7163b447fdc5e4dc4f
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
bdf86d7687d844b39471e7796433ba7a18d3dea73dcf9d2cbc3ff7e57fb3b66c
c9bf54c695584c34deb52a0661163482c6e944d416158160b26f9ca4dfb9048d
d37b082387ab0db27f19a6f081a14a8866685b2c1dd2ded08086016be1b1b131
d57064cdc8653d6ef07e00a0dd1ba2d59e9090704b79f5f2d0b44ccdbb3d8a76
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9bb30e523c1bbaed65b56c0ff83a2a6bee52d5366ce59f9d42788d58d64c52
f1b23a6200bdb4728ad055b6439a7055e73c62e61a97804fa6ac13871164c198
fa0f640d8e4904dee9e1c33f7c38ca2457de3342b7b0f84e2f6a493506b780c9