urlscan.io logo urlscan.io
SecurityTrails logo

shagorbd.com Open in urlscan Pro
45.87.41.89  Public Scan

Go To Rescan Add Verdict Report
URL: https://shagorbd.com/
Submission: On February 18 via api from BE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 4 countries across 21 domains to perform 53 HTTP transactions. The main IP is 45.87.41.89, located in Groningen, Netherlands and belongs to SPECTRAIP SpectraIP B.V., NL. The main domain is shagorbd.com.
TLS certificate: Issued by R3 on February 16th 2024. Valid for: 3 months.
This is the only time shagorbd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 45.87.41.89 62068 (SPECTRAIP...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
5 5.45.74.150 58061 (SCALAXY-AS)
4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a02:b4a:1:7:... 39572 (ADVANCEDH...)
1 2a02:b4a:1:7:... 39572 (ADVANCEDH...)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 50.7.24.35 174 (COGENT-174)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 109.206.168.17 50245 (SERVEREL-AS)
4 4 109.206.162.121 50245 (SERVEREL-AS)
4 2606:4700:303... 13335 (CLOUDFLAR...)
53 20
1    45.87.41.89 (Groningen, Netherlands)

ASN62068 (SPECTRAIP SpectraIP B.V., NL)
PTR: static.45-87-41-89.spectraip.net
shagorbd.com
4    2606:4700:3036::ac43:a54e (United States)

ASN13335 (CLOUDFLARENET, US)
fastcdn.jdi5.com
counter.jdi5.com
imgcdn1.jdi5.com
8    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:3037::ac43:ae0b (United States)

ASN13335 (CLOUDFLARENET, US)
fasty11.site
3    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www1.btc747.xyz
4    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
2    2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.nl
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
nwwais.com
5    5.45.74.150 (Dronten, Netherlands)

ASN58061 (SCALAXY-AS, LV)
PTR: zmta28.corpresponse.com
greenfox.ink
4    2606:4700:3035::ac43:8726 (United States)

ASN13335 (CLOUDFLARENET, US)
1337x1.wb4.xyz
2    2a02:b4a:1:7::9168:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
tdmrfw.com
ptxhzp.com
1    2a02:b4a:1:7::5647:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
wivyiz.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2606:4700:3031::ac43:dce7 (United States)

ASN13335 (CLOUDFLARENET, US)
revive.stats.rip
1    50.7.24.35 (Halfweg, Netherlands)

ASN174 (COGENT-174, US)
amd-cdn-1.fabrate-gooklor-i-268.site
1    2606:4700:3035::ac43:be41 (United States)

ASN13335 (CLOUDFLARENET, US)
px.greenfox.ink
1    109.206.168.17 (Amsterdam, Netherlands)

ASN50245 (SERVEREL-AS, US)
PTR: 109.206.168.17.serverel.net
jswww.net
4    109.206.162.121 (Amsterdam, Netherlands)

ASN50245 (SERVEREL-AS, US)
PTR: 121.162.serverel.net
imcod.net
4    2606:4700:3038::6815:ea48 (United States)

ASN13335 (CLOUDFLARENET, US)
imcdn.co
Apex Domain
Subdomains		 Transfer
9 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
region1.google-analytics.com — Cisco Umbrella Rank: 2000
63 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 52
558 KB
6 greenfox.ink
greenfox.ink — Cisco Umbrella Rank: 258620
px.greenfox.ink — Cisco Umbrella Rank: 288799
9 KB
4 imcdn.co
imcdn.co — Cisco Umbrella Rank: 102965
15 KB
4 imcod.net
imcod.net
1 KB
4 wb4.xyz
1337x1.wb4.xyz
30 KB
4 jdi5.com
fastcdn.jdi5.com
counter.jdi5.com
imgcdn1.jdi5.com
5 KB
3 btc747.xyz
www1.btc747.xyz
3 KB
2 google.nl
www.google.nl — Cisco Umbrella Rank: 8503
515 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2400
462 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 113
394 B
1 jswww.net
jswww.net — Cisco Umbrella Rank: 840703
20 KB
1 fabrate-gooklor-i-268.site
amd-cdn-1.fabrate-gooklor-i-268.site — Cisco Umbrella Rank: 201824
36 KB
1 stats.rip
revive.stats.rip — Cisco Umbrella Rank: 321448
584 B
1 ptxhzp.com
ptxhzp.com — Cisco Umbrella Rank: 89245
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
1 wivyiz.com
wivyiz.com — Cisco Umbrella Rank: 83991
1 tdmrfw.com
tdmrfw.com — Cisco Umbrella Rank: 78425
157 B
1 nwwais.com
nwwais.com — Cisco Umbrella Rank: 191217
25 KB
1 fasty11.site
fasty11.site
467 B
1 shagorbd.com
shagorbd.com
2 KB
53 21
Domain Requested by
8 www.googletagmanager.com shagorbd.com
www.googletagmanager.com
www.google-analytics.com
www1.btc747.xyz
1337x1.wb4.xyz
6 www.google-analytics.com counter.jdi5.com
www.google-analytics.com
shagorbd.com
www.googletagmanager.com
5 greenfox.ink www1.btc747.xyz
greenfox.ink
4 imcdn.co srcdoc
4 imcod.net 4 redirects
4 1337x1.wb4.xyz www1.btc747.xyz
1337x1.wb4.xyz
3 region1.google-analytics.com www.googletagmanager.com
3 www1.btc747.xyz shagorbd.com
2 www.google.nl shagorbd.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 counter.jdi5.com shagorbd.com
counter.jdi5.com
1 jswww.net 1337x1.wb4.xyz
1 px.greenfox.ink
1 amd-cdn-1.fabrate-gooklor-i-268.site
1 revive.stats.rip 1 redirects
1 ptxhzp.com nwwais.com
1 pagead2.googlesyndication.com nwwais.com
1 wivyiz.com nwwais.com
1 tdmrfw.com nwwais.com
1 nwwais.com www1.btc747.xyz
1 region1.analytics.google.com www.googletagmanager.com
1 www.google.com shagorbd.com
1 imgcdn1.jdi5.com shagorbd.com
1 fasty11.site 1 redirects
1 fastcdn.jdi5.com shagorbd.com
1 shagorbd.com
53 26

This site contains no links.

Subject Issuer Validity Valid
shagorbd.com
R3		 2024-02-16 -
2024-05-16		 3 months crt.sh
jdi5.com
GTS CA 1P5		 2024-01-14 -
2024-04-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
btc747.xyz
E1		 2024-01-26 -
2024-04-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.google.nl
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
nwwais.com
GTS CA 1P5		 2024-01-21 -
2024-04-20		 3 months crt.sh
greenfox.ink
R3		 2024-01-19 -
2024-04-18		 3 months crt.sh
wb4.xyz
GTS CA 1P5		 2024-02-16 -
2024-05-16		 3 months crt.sh
tdmrfw.com
R3		 2024-01-17 -
2024-04-16		 3 months crt.sh
wivyiz.com
R3		 2024-01-18 -
2024-04-17		 3 months crt.sh
ptxhzp.com
R3		 2024-01-18 -
2024-04-17		 3 months crt.sh
jswww.net
R3		 2024-02-06 -
2024-05-06		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://shagorbd.com/
Frame ID: C15BF92E3AD6E2922878A8C50D4E7EAE
Requests: 21 HTTP requests in this frame

Frame: https://www1.btc747.xyz/2024/02/cruise-passengers-allege-they-werent.html
Frame ID: 230600E46F935B346D42A7CB3A545D67
Requests: 20 HTTP requests in this frame

Frame: https://1337x1.wb4.xyz/2019/05/chargha-recipe.html
Frame ID: 638834A12155DD15ADE6CBDFB4518DC9
Requests: 8 HTTP requests in this frame

Frame: https://imcdn.co/317urqDu1FufnzaNFh4vUEsN6jaiUstzubSxWhhc.png
Frame ID: 588AB51434CB87530CDA03F4A13ED3BD
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

shagorbd.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

53
Requests

89 %
HTTPS

77 %
IPv6

21
Domains

26
Subdomains

20
IPs

4
Countries

768 kB
Transfer

2010 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://fasty11.site/red2.php?rand=oCc04bd0f900da72b3c6a6ff74bfe37a7c&id=27 HTTP 302
  • https://www1.btc747.xyz/submit.php
Request Chain 41
  • https://revive.stats.rip/?type=2&service=test&advertiser=BATERY_PageBanners&custom=43519b58b68d940f8734726dfed6c5c9|1|aino.sbs&atype=2&banner=BATERY_SPORT&redirect=https%3A%2F%2Famd-cdn-1.fabrate-gooklor-i-268.site%2Fcontent%2Fstream%2FBatery%2F500x200_batery_sport_sticker.jpg HTTP 302
  • https://amd-cdn-1.fabrate-gooklor-i-268.site/content/stream/Batery/500x200_batery_sport_sticker.jpg
Request Chain 47
  • https://imcod.net/b2/l/i/icon?asid=3291706230RXrzVzIJ&cid=1&did=cl96SEk&eid=10592&n=0fd005e507edacd617aae213&nid=1&sid=IFrfaKzTZK%2FQ6%2F0gjrhK36WMjmFj3NzoZnqpvarjJgXP88vvdt70rmITvso4r0zyuHNC2bijfNu93pSs0fBisW9firhKaxdil9V1WnlmkHA%2FpylWzI%2BFWeS2tVXihit2E7jzkB8Cz2jyeLPjODoyF6hauB8OhHhtmy9VGVNwejulqp1YBhSSEHGNvN%2BRYh%2BHxw3xCjItL%2B3KxIvuy0FaxRAZp9EWQykyaAlH4Y1iuY%2BMB7Se5Si2BTJbhuYnxqdm%2BHsnir0%2FlZ0gacCG17ptFHyYLa%2Fvi3i0MsDGNUauXF%2B6xrJKsyWHXwIEPQZFQsfuytl%2B6rBTkOIlCdFjq1ImMgAL0hJRqGVYAEls6IXKmaDxcG0Bgh4N%2FWa1xnR7L8RNDOpdxbKuXgWJAxX3iMZh3xuDNJJuvgzslnVYX22nE0oKC0dLilcQ40feAypkuA2BTlJMmTHZARfphMFMuw%2BxsuIkyqdyey4f8B12YJ%2BUJTuHyCS6Ot%2BInl4Tr2afbtdrmjo3T%2BnO0WTWI%2BsRe80nOBKuTB0wZOjfBI0qk4qqAY72uykXHPXfA8SusJBphl3aTAmZG%2Bid7G%2BMxNtXdQ11zC8y3z7fZeHTEmOwFWZ3EfgvtH0AmcCBMsWub25YJ3J0qpRWWKCu9%2F7NjRAlsajSHSlTkQlGQllwxFHUOCtv4K9AapIA1EL1ebQ2S8CS6OjAJqD5EndI62pfIpKGJXFmTp87a4z6q10h5MlzR%2B4l4qTyiA3WW0%2FS6PS6Qr6OyssLmIYeQG2WG4s78cvgLu5wWiXfZp%2FlHjlZRswQivEIY5i497RRieVr9eWCY4vPFM0VG4KP2aL4iRLe3KYfkumz3fEcvB6AD%2Bk4LzZyuOX80WRlBtQkag6RGFceUb7jL%2BAWIfF91O6FnuXZcJUbw4dENtzyXsA3vsGZw2UfBNh%2Bk%2B7fXrnqqDm1xqb1S2866P7%2FhcmOEfWcLx2J1zZjgykER4f1h0Ov2bsXN2Ss38JwuKWNc3RtIr7pJyR2fvUFhWQw5NsNGbYQW8%2By4G2DesNDI62R0QWTNDkyUz8LhjRupJQjk%2BoZY%2FoPYDbgBovyDJ0teYFIZuPZsx0A3Dg9jS2tqJAXdIvvqwDUSblCzubI6PCZ6WZE4fYPX8Vpiv9cHvzecnqAvohhphBskpNl7OjRkrNYGs7LefX4GT2ny3UHDUzzPRuVyuyScRFlmefmfbOIpjZFhcPRSg%2Fqbg4dfnQFKpzQEyTGRRKorbBVkD9qmR1DhhNebxp6dmIjGuenkdCzrB%2FUe1p5%2BSZmkKhlqm%2BuOxOFSgEVXLK1sW7nlpaea01%2FbMCxfnozf6WyCxsuQzkgkmYqcEQ387sbdEMGtOknj2X8Ciu3aO9yVZr68rsCPiNd2SsVa6QNJMt0nzw1m7LCJPzY%2B1xrQxRuompLAHxifzlWVpRdVnyULLCNKq8KX6mUSb627GKZVB6TaWjT%2BRa%2FLA1OIU3quSZ16NmMQ937sgjw7bFcyg23UJoPLYMxIEvSXUU3s5nJmu6hHLd%2FTVWF5juns1f4SXGODhTth1OHvbpYbvKZbt2rKgEEgOoIXJWVMjxwi3nxC3h%2BpXLUTtRXEwO1eRzCyqIxLMrmvnGoE3RnOro%2FhM9cdNXL7glzADaa%2BPKEPiw%2B%2B95R9Hgs4lJq7BQBogdI9FCtCjvO0fFqeZ6%2B%2FEVIuaktxCubBFERm9z4ueQ9expEhcJXD5fw2egM2mQLB8%2F5qI4yaS2lD1TwjOzRyeT7ZPThLvatKdz4eC7wKXkmLGn1F1uDI6mBpbX%2Bod7s1mAXPrGgqoyLQJQQW2TYWDUavhduPSFiWDIBDt8YIh0jQ3kUBsaq59zijdumJ3iscgZu7Jvk8NrQuzhwcpKgM9JkANm4MmLuKFl0Pz18phO5dxcbqJBGQ3QusPg1hjj%2FL3AlXlYv1jAfypiX7TbH2i5ywvwUxA&ssid=3291706230RXrzVzIJ&ts=1708286570&ttl=7200&v=v5.10.1 HTTP 302
  • https://imcdn.co/317urqDu1FufnzaNFh4vUEsN6jaiUstzubSxWhhc.png
Request Chain 48
  • https://imcod.net/b2/l/i/icon?asid=3291706230TWcefCFe&cid=1&did=bW9DR2Y&eid=10592&n=7ac7f9bfb21da28d00b855a7&nid=1&sid=YY54Pq7jfXxoMSlWi0sEB%2F3aSPhjhv6%2FoxN8WyHaEYQs7DJerRac3oPM4nRfryTpqYOZd0qkLt0OwU%2F943falTZkH9pK%2FPvpBeHekSKfMgJukg9%2BoBXMpizDc80UzAB32MRc%2BfpONvE13tvc1Q6YIFFilTVY1NmTm5wcN1gF6lWzS47k%2FSCv%2Fwv1I%2BknMPA7Jy6hobNhQnJW89d98KuE0uy4wBJH3uP92Y41m1uqSYF5diDye3ueQeQB4aUdmGJ2TDe2pvQc5SE%2Fyx6eHhAEyDC8%2FEtMJDkpCmF2TZYEDFottbS7TFL6ePnIA6V1t3LG8An8lY7mEjClPKhdDUeWflpYZC2y5gwO3NK0zsgp6Pc0ZKI8eoC3oAXwDBwSXLQ72Le1LH0Pyaf%2BAERXZRjXPUfNKbjZMrYFUeh%2BTSYYewCLg61BbOfPilPgrjazuDl9f3qaN6q5yn2jzhJe%2FVHBOpwItG9%2BCopR68vkPCFemZkpfU5YgGievziGeWswoSubffQv%2BYgWAzFdeoHLhGuywX8KWsArVy9emkf%2BJxa077h3zYSDLmhWYO7UTHdAeHRrrI79aqsaw4jO5xaugnDWTzd3GaJqI3Jjvo3Qb8ioOjIgfmwC%2BY64nF%2BMlhfOUuZWIje0T56J%2BOcBfZ543dyjeguNI%2FshaeaBg7sRw20kAzlT%2BeU1VefRuFhrXiB8OuQXUau5h9RkucL4a6L%2BJPs71qsHrNHp3XUjFWJYqJ4Nay%2FBkz7PmCbl7J6hIwvjHPx2mHnDoBakhOSDmvzLjPIkiXNjfqddtmLlN0mUqxYg3tl%2BIUx1rHrHs4Sst8HGQBY%2BaRrHk6G8HtI%2BPRgwOfJGmAsa%2B08OemhTrO4pE9o9HW3mAdBhnejJY8Gm0SaVNv71PWYff%2BudO9kTVQYxrTw73L2LPTrc9oWClNA8VH9HGDbWypoyQIk2fME40WVDoTPkZAwtZFtXAfMLf3n8x8lfARsrINKv1X7rSiTiL8Z9we8NfxbZx9Ow2s8fy5tQ4km8o9uTL9TMI%2FwQPPraSm76UmSl%2BGW0mV90QvRXmINPNXf9UyT7N%2FZmdAvBmM6XdyOcugbrP3NsUJvXlodUbNlZ2CzowBshjxO3yzqoRBn1PS4WG3T96YclygcV2c9e2Gx0PzmEcCHBiuQloQ632xTFDxU4i3kkXQcLC%2Be6I2voOL0FsMmk2kVoeYq1YHMMT23JbYto9bqgOtyBHSdmar4p1mst1MFSXTHxIJUvWTEEpoTKh8kC4riY9s70bIDd%2Fy3NXpGNJ2phCC5q1zG7TKoQckb63zgae1aR4xzpktETwiuScohwzfiGKyR5FS%2F%2FRJfC%2BPWT9fGHQ650lDIeSuNXOQ0iPXDnaS%2BpDiVS8QFKY7%2BqUBkhWYFQkYZGK2JcHEl981c%2FcGtIKUj9s6WZWuwIRI08Rt1MzskVWzwuOFYJYnRmc3BcJ0MKYqwhkwZvdF48bspVd1eFl5YtFqQGvYnG0EiA8tKPl2rteV1aayUzVdpSEYskVprhxK4vUg7nn%2BWrtLQblJRIi0Mb0GVI291YDjQw6k96XjRuXNF7VVHiHzOtx0aInX%2Fd2pNcayDHB%2BFtTqWqqCAcWMbTCF8pBal3ZqbKv7MraYWkWbKNJD4lEL68xdvsyWFaE74eoFSnvhweLjAIeKWZ1z86x1dgkkNFSBcGr3zW%2F8ZnsC7QaP2Zxyd6m0IySfcLe3emohAtLvw8hq%2BwE4wDqFCm1srR%2BQfrcxMGBFeFI10WPYKIN5nNRW5pNWROQVP0W2DUwTBdu0X2TiWYAdGBmQoAW3EhCqOENTC2z9U5hWC2FZac%2BPnSdBvwKHwX%2FJIb1SHpf48i1hG%2BIgd6F6npkhlKK%2FFurPixxhJHcXUKMEL4dbVR2ne5ZPSePvvSDQs7qGYCJ5Un07R8afy4eNXCivtYMKFwWF3u5Juy3OZvZdTRlg&ssid=3291706230TWcefCFe&ts=1708286570&ttl=7200&v=v5.10.1 HTTP 302
  • https://imcdn.co/C7yCeVzEPrIohRfaGQ9iouOV80bjBFe4BwmbZkVM.png
Request Chain 49
  • https://imcod.net/b2/l/i/icon?asid=3291706230rpTqRVFw&cid=1&did=eVtWR3Q&eid=10592&n=d715cffeb7cf890738f1acce&nid=1&sid=oAH%2FLuxMa290i1Jonpu%2BYm3emSVZDiiGWKYUdmfUMCMMY737ZQfC9MgnYbmfMCllDDK1NvLaQe0rvdCSks77k4njMTrj%2BCqVRYe6brVHk0FbUaq%2Fukrq68wzpSdJ%2F%2BL6DghAqte%2FMvFNC4roTghNuLx2UM%2BeP3H%2BZGOFFRNnwZjA89CVG4EJqxxLtwf4O8FESmCjjCLFu19JUNltuRXVEvIqkOGinoVuxs7UwK72X2AkelxRGukfE%2FPIUSQfjQqt0oknFY2she8Z5MbFXG%2B%2B1RU99sp6vtTqv3LmhxkVbJqCiRwqT5wMsieuPhhzJDxa2KZu4YFzZSfZD0pS813hyVmAYImS9p%2BA%2B33LnDCSJSFa2EPNSDge81uAe9I0D5OKAyZ4Ez5s4yeDpvWhFAfsrC%2BR6dweGkgKyJUBSBPrW7CU8XCUmUgTEWURoQNudxE7apflm45sEJD9I5EjKVeXL8UB8i8k1tLCPgWsEIcKxLiQsXK5%2FKz9JjTfUwhR4W77YaCGqlowGnuiS5g0VblwvE6OPbaDwKsquBuntV3NhdHst3%2Bjw2w76OvZ3HrbukXtR75Ic%2BxO4N%2BYzkgXeeYLJI0U1bTRKKjB7bbaBAStOMV7Lpsiu%2BCNAaXhPlKsyqt4XsXTfUBhuCPkeHAiD8dLvYeo3jXwkz3aQ5sBvo3DHRb0vDjpNuOcPHfCOgdS39zSi%2Bq8Knp10qaDXTjP7kegeW4jlvma9R3l657pgyjG6uEBbWYBE8fqVAnArY63ouBRpIrXT8IvLhlaNcq3fOBR0ajj3D9qCtX2fPHLAiULs3E0DavLEBi6z4BsekH1dS6HeID7Mvk63Ju9LA8BJOMXPQcxwx%2FJa%2FevXZycRlJtWnjUWQnHJJ5s51V%2B%2FInWY4f%2FQftSO8y3ngtsrlx7yXO6cCEv4XlD9xE1qAoGPBfwYJ9thLl2thGq84X1LHvTahsL%2FLP8XMKQTE8EGMmvvQqKgMLS9spGcXA%2B6Oqek1TKmso5dsVwaHN6UiV2j4YyAaYLnGXKVjW96glqCbRKq%2Bq%2BXcJn8KWdBb%2BaMrWq9RAAvegaJHD%2Bebp1mIyKfolZS5GEFwOiavqnfXyQTKMC%2Bl4ZoiS7vJ%2BmxY5VSnhcqmzzJyUMO7P8uss3nVxnNwtNQ50loNJY279ztkhah%2F2ukP66%2B3v9qDQGkjdWDiEnSMCtSNepU16dJ5odauNrcNdstQT5GjeIhRW0OApsp4c9qGP%2Fl%2BojRy2J89NmMz7k5Ns5TOaENz09Sdx0UPqDYhc1pE%2B5XZvvA63%2FDTimQvJIvuSCJx1heQ3isp9%2F5lIZtBiCfN4Yml3oZYyqmCV0GMWQhNLgBi2gwQ01RukOryrQxg3Irtk23Q9rZPwKthxc5Z%2F2CXhL3g1MpgFTyNEz2wYSvq4cBSe8VrnUrs3EMc75TVvrrNVA6XQ%2B21pH%2BmMMn3SPOdFJ6N18lNYQXIvI6r2ZvjJqXeEOfyPzPuvcd%2BFVKLPk40wj0cpbs6t3D%2BNk1snD9qlVubx%2BeKJVJq1ajObRkSpSkspC33%2F%2BLG1G9eVHc3Ld8VyUoZoVZ%2Fjghjavw1vUaDwVKPz95WEVBqa8tEqVU1jD7rWmdpT278B6xrDYH3BJVWp%2Bf06Ntld1%2FSuESEJgi9tyznLSnhGNGCHDA1vLInlxK2ZW2Vha8PvvMqxC1unoAd9SyUQfJ8ddocwd5Hy5HoZUWNg7KrlocQ8NT6HqzYAxVQ3EDau5XQr7L59cqi3%2BBv8RUKFbx06wKuorU1tFKHSHKEHzebEfz2NOcJ8rWS2slUUm1F7evqj9YBMF9LAq27mgOhQZzJKoaqfB5YL8JD32GssYyiHFN%2FwMiiawFXhHYUs6TRjth5rePBjAGQ2UHjBuYpMBuBfydAV4uxLTBJY3SMg5kQ4YeL65TpIIrP%2FLo6hheyZ90xKVtWfCjTjkdMyKBP1cruBasQ&ssid=3291706230rpTqRVFw&ts=1708286570&ttl=7200&v=v5.10.1 HTTP 302
  • https://imcdn.co/ptbWgmjzFLnMOFJ6D7aDV0X6NmUQ9MLDVEbEeNUp.png
Request Chain 50
  • https://imcod.net/b2/l/i/icon?asid=3291706230LKMTWGeX&cid=1&did=XF5HZFs&eid=10592&n=82bfdefff58289c805f2834b&nid=1&sid=vwpb71q%2FtHzSJBEdiPY8LhvAj7hAo2tmYnBo363kBWYT1xbcGTy8c7i8I7%2FDBRPWnE2poFpPtb6psqxnoCfiRT1OUPcLKVi7HCi%2Fe9X8OLDgVsE13hWr%2BvAPJElb75Y03SADteABHZVhXenTmz%2B4XumvZHygoCaKlXzUCiKeE4QFcZydgzhF62ysQd6jl%2FFekdHQQv7TVwwkfomD0J6NismXec97GwT4O2ZHAzLEmp4PnZOEmKuQUNP8%2FDsRyxf8hqxGClkdMFShV5H0R7awWKwAXnM6MRbhmHv7GKEXR6TNXx99mgnzl5wDh%2FUKUI7PXuFNwnhFIapmpsWfBj1jYCDhPdnTHu3BEzBvyoYS5%2B3gyuBuBWfBI4pSaU9yQ53UhVX2OE6LImFmYGqZ83kOTSQNXAwdH3YS5SwNMESi60ynsJMA6yFgo66wafbEDZlDiekVqaUCo5HpTHQJP5PULMdldKeWYoxQMkuKF42eq9PyUCICSU90ZtKqS%2BcgHQQwxrZCNHlFg72WEGJErNmY9noKkUF9woMpkb3Qhf3zR3OQWDll8U3l4zjFkdRQYiUUOjCcpXRW4QksJKmgB70hKRM7N3vMkXkfad5GF9EgLC6njsjntFQ0UFI42Cn6gDBkwKtmu6csIwVE06UpciDAOAMTZWmR%2F0k4SG4NBuH3gtLFinB02Fkk4m4gnBv7g0VUg7WhJJyOzUK00FK%2FCZBP4EQ6wMk%2BZ5%2F6lWl3CHDIOMILH3GHaX4H9%2Fk26fWpr8053PfbnXbQZgzypTV1pwINYeJIyf8blf4aI0YakwZ5Smdk2gsDKl6ccz9jqxQkyp0LtKd9dfgmUsZUxwFfu5pa7ikeMIrLtzTE3IbGpZYbq30FlHyZVW%2FqkfhzBkATblDto46%2BJZK3ldBdbDhLKGC%2FIxvejacBpWdI1CjC5Lee3KDEShzR%2Fg29CxNrwdWYPkZoGv5EBrURmgJNRKcEfEiYZVcdg8bZ5RA%2F01nxQn8277cnNFb3OYQ%2BRwfFm0DLCkdX%2Bvr7z0neGOD1oKOTDqrZZFyUg2izd5mIPOMJikogK%2FpTAGX%2F1KYkCAMTx1wxtGAyPgUGS1LXgCMlOPoK9TdX7f9%2FP1yHNZWRwOwcdnh35jgbv%2FTqInu2nYXcJH3jaDsP8XCxQm7oX9rENBbqhqqWCZwi3u9huq04Hzq%2BiXMRaAEpjWryUQR1XZVdmgDuleE42c%2FhJFKgMwdpJJpZ6wUvbNS8dn%2BpTmKhH0hbc5cWiIuPZip7JDOZx5bD8IdUyO9QwLOyMRKvG8y3wH7Skdjud6IRhRK5hQaSHgAuCaWql%2BVOeDUzatHILIN9emuNNsanmZKDmJwN66uwW%2FNaxuU%2FCCKyimTdlrAoY5axls0oKTF7%2F8I83ZV9139b9MCGzOJBW5P0%2FpmyrjSBqnvPALaoV68d6uk2FKJRXWY95DHmyZLmPGQAXkKqXA03eFO6RknSUp1hKeBqMK8qUY8jIa3ge7MJLwKIq0jh57I2LRtsc1hPu7QBCaW1Ad7za9blYAPp%2FIOHrK%2FTsS1KRg%2F%2FY7mMYVZnXTBaDH6Rx0J0K2hz6bDVzZDALfXVFO1GBW32KPX2Z65NVYlJwwL7OgOnZffAVx5S%2Fs7MyRq%2BiUTKo43e8pHs%2BrK4ZLp2EeQb3MzBs1Rl8V%2FWrvj1jhIhRR%2Bz7D7pBjXXvdZoWJFyHbByG2X315OmrJPWhW7ih4ElKbKNoZQJ5lBzP2gwzv%2F9Jej%2FBBB%2FFroS%2BXN%2FvseNd0hwJSZ%2BY%2Fea5KuWaBg4cB3wLBRG5q9SZYywbIjZHrHgY3rT8A7pN73injR2n6F6re1U%2Fb98FfgVVrUmjQ1CPG8eVMmRDzFkzMKTIsmSy2PZoJ3PhruvBuIyWx5qp7jTQCMTj1xyyVtGQHo6yFtCSM2AA1%2Ber35YccnrYIRomTNIwYq%2BaU1FfdwfsVwFl4o&ssid=3291706230LKMTWGeX&ts=1708286570&ttl=7200&v=v5.10.1 HTTP 302
  • https://imcdn.co/bejQSVIT3PaBGuuhBCnOW6We8kgjEBVQNDYhU2pu.png

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
shagorbd.com/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shagorbd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.87.41.89 Groningen, Netherlands, ASN62068 (SPECTRAIP SpectraIP B.V., NL),
Reverse DNS
static.45-87-41-89.spectraip.net
Software
nginx /
Resource Hash
b60895edac48c0e57797626f934999e3fad879df8b848e0e9c9e0e573c1a8dd7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
public
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 18 Feb 2024 20:02:46 GMT
Etag
53d78bfa3ef9b68188dfbc3a029f3be0
Expires
Sun, 18 Feb 2024 20:11:23 GMT
Last-Modified
Sun, 18 Feb 2024 20:01:23 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
style.css
fastcdn.jdi5.com/css/shagorbd.wapkiz.mobi/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fastcdn.jdi5.com/css/shagorbd.wapkiz.mobi/style.css
Requested by
Host: shagorbd.com
URL: https://shagorbd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:a54e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
e48fdd83e77643574ad93366df36d8044d721b8b5ecc0f4fc5eb90f3ba48151d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://shagorbd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 20:02:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 18 Feb 2024 20:02:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttHoYAMXNc0ARLhcZTaggoam8Rw%2BDf7x4Pc8p4qLSfaC1l3%2F1plFZiJo2YIfBOaIDyVxQcMVhMwFD69pCeYH7inNHSqJpkZB0%2BGlcM5S50UCyDDrZWBInHs7KknPklfh9VUoro0EMQiTztoaFpoH"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8578dea0e99f664f-AMS
alt-svc
h3=":443"; ma=86400
online.js
counter.jdi5.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://counter.jdi5.com/online.js
Requested by
Host: shagorbd.com
URL: https://shagorbd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:a54e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
024567767cf06d1279bc0c4fa98581bf8ece442aef4700cd19e8eb3b4a9d522a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://shagorbd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 20:02:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7514
cf-polished
origSize=4470
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 07 Oct 2022 16:12:30 GMT
server
cloudflare
etag
W/"63404fee-1176"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qUhjLdXVUA7KIuSRCJ8MvdHoNoJXgUQ55LDX9z0%2FWpizHoBcQ6prNkxh1j8YNC6%2FaH46OTeRyHd%2FCkyEOCyQ9z4E4ETopLWW3oEvLjYZLJ5ySpKAGfTUk%2FEDQXCbQzUbWyklduLUAPwXkluhv9ba"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
8578dea0f80f669d-AMS
expires
Mon, 19 Feb 2024 05:57:32 GMT
js
www.googletagmanager.com/gtag/ 		283 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P0LJR3FHEL
Requested by
Host: shagorbd.com
URL: https://shagorbd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0b7511436cbc2a083a8a265c33d2eff7195011dad9ac1a2d2a05781e57feaaa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://shagorbd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 20:02:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96011
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 18 Feb 2024 20:02:46 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: counter.jdi5.com
URL: https://counter.jdi5.com/online.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://shagorbd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 18 Feb 2024 19:48:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
877
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 18 Feb 2024 21:48:09 GMT
fc.php
counter.jdi5.com/ 		49 B
503 B 		Script
General
Check archive.org
Download Go to
Full URL
https://counter.jdi5.com/fc.php?id=b1f18cf35e799c49d554de31fdf4febe&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F121.0.6167.184%20Safari%2F537.36&ref=&pn=https%3A%2F%2Fshagorbd.com%2F&wh=1600x1200&rand=69
Requested by
Host: counter.jdi5.com
URL: https://counter.jdi5.com/online.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:a54e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
964b256de36925c99745a87998ea54f5f487da42812e3e56ca21b19d64a31e3f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://shagorbd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 20:02:46 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tUcOtyrnMbo8SxObTF8hXX6ZyLQsAYckKysCCmchXN7azyV4CgvUV%2Bddr0fFu%2FTQwXYL1Ka81gqzaEp7dqQujOeUAgzVcuT9E8uVMn3%2BJd6rtPyjmLqun0YVvQ58846%2FCnprvdqu%2BJz0MqtiFML%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cf-ray
8578dea1b950669d-AMS
alt-svc
h3=":443"; ma=86400
submit.php
www1.btc747.xyz/ Frame 2306
Redirect Chain
  • https://fasty11.site/red2.php?rand=oCc04bd0f900da72b3c6a6ff74bfe37a7c&id=27
  • https://www1.btc747.xyz/submit.php
356 B
631 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www1.btc747.xyz/submit.php
Requested by
Host: shagorbd.com
URL: https://shagorbd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
93aca88a20d54d45cdaedf7d7f54adb3947614e4cebb5d31c1c2f14c5c68831e

Request headers

Referer
https://shagorbd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8578dea2fc1f1e9d-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 18 Feb 2024 20:02:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9KT3llO9fdx7hwltnrhC2A0wVip%2FxwC6HQ6PC6wQBsbKsQkC2d8OnjD5ly4acB%2FR%2BhtsiWVnk2R00sviV4wLFMaIG1PM7gVetrdNxlh2a64Fanw2jrSa5S9nZWhHrNLr%2FJBsrUAqh0CwV4LF7E%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8578dea259c606b6-LHR
content-type
text/html; charset=UTF-8
date
Sun, 18 Feb 2024 20:02:46 GMT
location
https://www1.btc747.xyz/submit.php
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AN%2BkjGAIHduCgNvELhq1IUWOsA5qaXvPY58fkyAh4IBLzLSAe7SX4WWCjFuMs7FXKVGW6JGuufOFXLA5LdcmFmHbskRsOHsQUVtObZNpSVd2XPqYnRckOn6FBy7K3oRqRO8%2FMlP2X7unx3A%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
js
www.googletagmanager.com/gtag/ 		179 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-46789381-60&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P0LJR3FHEL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
75b84da300926141978b2df0e00f5a7e897e29182ddad569ad1a736adee26907
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://shagorbd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 20:02:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66781
x-xss-protection
0
last-modified
Sun, 18 Feb 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 18 Feb 2024 20:02:46 GMT
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-P0LJR3FHEL&gtm=45je42e0v867598820za200&_p=1708286566662&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=217601000.1708286567&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708286566&sct=1&seg=0&dl=https%3A%2F%2Fshagorbd.com%2F&dt=shagorbd.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=300
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P0LJR3FHEL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://shagorbd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Feb 2024 20:02:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shagorbd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-P0LJR3FHEL&gtm=45je42e0v867598820za200&_p=1708286566662&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=217601000.1708286567&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=2&sid=1708286566&sct=1&seg=0&dl=https%3A%2F%2Fshagorbd.com%2F&dt=shagorbd.com&en=shagorbd.com&_ee=1&ep.event_category=shagorbd.com&ep.event_label=shagorbd.com&_et=2&tfd=306
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P0LJR3FHEL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://shagorbd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Feb 2024 20:02:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shagorbd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
EF0808.png
imgcdn1.jdi5.com/img/ 		133 B
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgcdn1.jdi5.com/img/EF0808.png
Requested by
Host: shagorbd.com
URL: https://shagorbd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:a54e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
94f541dbfdef1a8128c164c852a4d6e5e28c1802806c015d2039f1380cae9ce1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://shagorbd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 20:02:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9481566
x-powered-by
PHP/5.6.40
alt-svc
h3=":443"; ma=86400
content-length
133
last-modified
Wed, 01 Nov 2023 02:16:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwzVUu8ywXIKIid9aSxZTwtLsiZaxmhPHNZVVu32pZd2ehr14lvskyGrdbg%2BpADcg6fpjn1Glsl2J5Ce%2BjqzpUWGY501XypS%2BZosz3bkluQ5tyHo3u2JiZNmY9cCIWYpczH8IB0pMdm7mc9Z7g%2Bt"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8578dea24c2c664f-AMS
expires
Thu, 31 Oct 2024 02:16:40 GMT
collect
www.google-analytics.com/j/ 		16 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=515917863&t=pageview&_s=1&dl=https%3A%2F%2Fshagorbd.com%2F&ul=en-us&de=UTF-8&dt=shagorbd.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=1833172609&gjid=1413499983&cid=217601000.1708286567&tid=UA-46789381-10&_gid=872132122.1708286567&_r=1&_slc=1&z=1581619814
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
549f8289905f59c82a3d55643d6f2868f3589a4ff2b067ad9f8c830daff502cb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shagorbd.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 18 Feb 2024 20:02:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shagorbd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=515917863&t=pageview&_s=1&dl=https%3A%2F%2Fshagorbd.com%2F&ul=en-us&de=UTF-8&dt=shagorbd.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=134711935&gjid=678598781&cid=217601000.1708286567&tid=UA-46789381-60&_gid=872132122.1708286567&_r=1&gtm=457e42e0z8867598820za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&jsscut=1&z=137566066
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shagorbd.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 18 Feb 2024 20:02:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shagorbd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=515917863&t=event&_s=2&dl=https%3A%2F%2Fshagorbd.com%2F&ul=en-us&de=UTF-8&dt=shagorbd.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=shagorbd.com&ea=shagorbd.com&el=shagorbd.com&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=217601000.1708286567&tid=UA-46789381-60&_gid=872132122.1708286567&gtm=457e42e0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&jsscut=1&cg1=shagorbd.com&z=1246949819
Requested by
Host: shagorbd.com
URL: https://shagorbd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://shagorbd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Feb 2024 09:05:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
39446
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-46789381-10&cid=217601000.1708286567&jid=1833172609&gjid=1413499983&_gid=872132122.1708286567&_u=IADAAEAAAAAAACAAI~&z=697549345
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://shagorbd.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 18 Feb 2024 20:02:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shagorbd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		285 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HYY21FHH92&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6452b139fbbc67f3f19248ae05c1d130f1432ad3a11f395203413e26d410f30c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://shagorbd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 20:02:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97499
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 18 Feb 2024 20:02:46 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-46789381-10&cid=217601000.1708286567&jid=1833172609&_u=IADAAEAAAAAAACAAI~&z=504243399
Requested by
Host: shagorbd.com
URL: https://shagorbd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://shagorbd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Feb 2024 20:02:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-46789381-10&cid=217601000.1708286567&jid=1833172609&_u=IADAAEAAAAAAACAAI~&z=504243399
Requested by
Host: shagorbd.com
URL: https://shagorbd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://shagorbd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Feb 2024 20:02:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-HYY21FHH92&gtm=45je42e0v9128476500za200&_p=1708286566662&_gaz=1&gcd=13l3l3l3l2&npa=0&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=217601000.1708286567&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fshagorbd.com%2F&dt=shagorbd.com&sid=1708286566&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=530
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HYY21FHH92&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://shagorbd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Feb 2024 20:02:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shagorbd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HYY21FHH92&cid=217601000.1708286567&gtm=45je42e0v9128476500za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l2&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HYY21FHH92&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://shagorbd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Feb 2024 20:02:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shagorbd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HYY21FHH92&cid=217601000.1708286567&gtm=45je42e0v9128476500za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l2&npa=0&z=730259238
Requested by
Host: shagorbd.com
URL: https://shagorbd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://shagorbd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Feb 2024 20:02:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www1.btc747.xyz/ Frame 2306 		388 B
564 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www1.btc747.xyz/
Requested by
Host: shagorbd.com
URL: https://shagorbd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
2ec3f75a7c54901965eefe4fa2e999f69b497bfe18d9d3dc5d60516e3cfac83d

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www1.btc747.xyz
Referer
https://www1.btc747.xyz/submit.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8578deaebd2a1e9d-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 18 Feb 2024 20:02:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJ6Bu0i3UpZf7KGq54BDEQh%2F5eHlWCeZSVGs7GY0T%2FLaaah00drBuayosStAHpZGzT2FZIGdg%2F4GZwg2ZF%2FbZYwQTthnSDlqU%2Bia4gX5xMhF8O0JQKfOvHMnsATlrT6Yegb%2B%2F%2Fkqev342XNcs5w%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
cruise-passengers-allege-they-werent.html
www1.btc747.xyz/2024/02/ Frame 2306 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www1.btc747.xyz/2024/02/cruise-passengers-allege-they-werent.html
Requested by
Host: shagorbd.com
URL: https://shagorbd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
bec80f10a0d02ad02fa63c9d7731b712e730f6543a190cb0eabf1cf609ef4ce7

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www1.btc747.xyz
Referer
https://www1.btc747.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8578deaf0c357746-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 18 Feb 2024 20:02:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7FaR89ahdJuChVo8zP%2F1GYnLA7vw%2BjKQ0LRG%2BqYip2ckaYJ9Y35oOv4K1oGS1SBemxkhGbktcCsqz17%2FNA4n9IOLLLIuIzLXeHl39f95Qz5TuvTkPXH8BJebAQ9owEE2RE%2BPpVwx8Ndcf2LUeV0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
js
www.googletagmanager.com/gtag/ Frame 2306 		197 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-46789381-59
Requested by
Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2024/02/cruise-passengers-allege-they-werent.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cf5b66d7767321ee08e55da122d7bb06ffffeb077e26e6ed5efe5de8ff91a669
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 20:02:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73107
x-xss-protection
0
last-modified
Sun, 18 Feb 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 18 Feb 2024 20:02:48 GMT
waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
nwwais.com/pw/ Frame 2306 		66 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nwwais.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
Requested by
Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2024/02/cruise-passengers-allege-they-werent.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c452aa8726f0841cbc4c73fa7f52a5171316bf10824997dea70e67ad7b990f12

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 20:02:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 18 Feb 2024 18:56:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
e-tag
d52f59a7db87abd19a873a74591150b6
age
3983
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W5DT5hmQtqVaVlLu2yILdMUfZAwvyX1SQWu32xPBzuc5H%2BgNnJHN14RtvM8Vp1IXm58TlFkfvTT%2FbDHHb6YacqhVGTOWTdkdDDS1qfJ403gcaLIRcFyIEKrYsM0g6QAR7Zkb%2Bb6nS5aJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://www1.btc747.xyz
cache-control
max-age=14400
cf-ray
8578deafa94c0e87-AMS
alt-svc
h3=":443"; ma=86400
asyncjs.php
greenfox.ink/d/ Frame 2306 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://greenfox.ink/d/asyncjs.php
Requested by
Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2024/02/cruise-passengers-allege-they-werent.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS
zmta28.corpresponse.com
Software
nginx/1.22.1 / PHP/8.0.30
Resource Hash
aad5623efaae82ad301a146d1437b18fff9885db2a872538bc5f885a7632fb89

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Sun, 18 Feb 2024 20:02:48 GMT
Server
nginx/1.22.1
X-Powered-By
PHP/8.0.30
ETag
1d63e790351363d29b61f9cf59b98fad
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=3600
Connection
keep-alive
Expire
Sun, 18 Feb 2024 21:02:48 GMT
submit.php
1337x1.wb4.xyz/ Frame 6388 		1 KB
948 B 		Document
General
Check archive.org
Download Go to
Full URL
https://1337x1.wb4.xyz/submit.php
Requested by
Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2024/02/cruise-passengers-allege-they-werent.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:8726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
99262cf14b9cc66dc28995a10253b7025649240b73a10bbc57f8d0cfd471bf56

Request headers

Referer
https://www1.btc747.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8578deafbf4f6704-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 18 Feb 2024 20:02:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Mayl6YZeVnAFZuRQYNqtZpCl1nA1yV%2FysZZe8sop%2FbBnFzwtLCTHvhRW5I12SWaJQdxzwxsGdDpjnkDKsNrZaWpdslqy58Z0a6e%2BwhWJa7ohd%2FBfnecpPXtmNDPRoGtJIqk9Gk8DK%2Ba0Rfa9A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
js
www.googletagmanager.com/gtag/ Frame 2306 		230 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4SD8J57M3L&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-59
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ab39ba5bfed23061381cd5c12100eac34dd596f3c0b2f4bd80842ab6c38fd1de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 20:02:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83154
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 18 Feb 2024 20:02:48 GMT
analytics.js
www.google-analytics.com/ Frame 2306 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-59
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 18 Feb 2024 19:48:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
879
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 18 Feb 2024 21:48:09 GMT
6f2c1d30-91ba-40b0-9fd7-c261b008129a
https://www1.btc747.xyz/ Frame 2306 		91 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www1.btc747.xyz/6f2c1d30-91ba-40b0-9fd7-c261b008129a
Requested by
Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2024/02/cruise-passengers-allege-they-werent.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length
91
Content-Type
application/javascript
wnload
tdmrfw.com/ Frame 2306 		0
157 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tdmrfw.com/wnload?a=1&e=aeyJwaWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsImQiOiJ3d3cxLmJ0Yzc0Ny54eXoiLCJsaSI6Mn0=&tz=1&if=1&u=aHR0cHM6Ly93d3cxLmJ0Yzc0Ny54eXovMjAyNC8wMi9jcnVpc2UtcGFzc2VuZ2Vycy1hbGxlZ2UtdGhleS13ZXJlbnQuaHRtbA==&inc=0
Requested by
Host: nwwais.com
URL: https://nwwais.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:b4a:1:7::9168:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 18 Feb 2024 20:02:48 GMT
access-control-allow-credentials
true
server
nginx/1.18.0
accept-ch
Sec-CH-UA-Platform-Version
content-length
0
content-type
application/javascript; charset=utf-8
/
1337x1.wb4.xyz/ Frame 6388 		1 KB
853 B 		Document
General
Check archive.org
Download Go to
Full URL
https://1337x1.wb4.xyz/
Requested by
Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2024/02/cruise-passengers-allege-they-werent.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:8726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
16a273954e382a0d8968fdc919213200ca0dcf3fc3d7b37c0d759269557dd72f

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://1337x1.wb4.xyz
Referer
https://1337x1.wb4.xyz/submit.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8578deb0485e6704-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 18 Feb 2024 20:02:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqd0kIXwUMm2ovKj2cy8EMQpa6rBAOG917tIX5MVyOg58nk84Dti%2Fg9jkuGDUW9h4UVC2Wb4cE%2Fq%2B2xSb9Rvo3Fu%2FXYhl7cPHkOlTFcUEznYdn5gULZ5vUCXZusReMMhfof7Go2rfhLnRxfotA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
admc
wivyiz.com/ Frame 2306 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wivyiz.com/admc?a=2&pid=1051205&sid=1224016&wid=465053&fp=d319685890ed5ac4ed1f511f52332122&f=8&tz=1
Requested by
Host: nwwais.com
URL: https://nwwais.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:b4a:1:7::5647:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
https://www1.btc747.xyz
date
Sun, 18 Feb 2024 20:02:49 GMT
access-control-allow-credentials
true
server
nginx/1.18.0
accept-ch
Sec-CH-UA-Platform-Version
content-length
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 2306 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: nwwais.com
URL: https://nwwais.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 20:02:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51227
x-xss-protection
0
server
cafe
etag
4319174793136295479
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 18 Feb 2024 20:02:49 GMT
chargha-recipe.html
1337x1.wb4.xyz/2019/05/ Frame 6388 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1337x1.wb4.xyz/2019/05/chargha-recipe.html
Requested by
Host: www1.btc747.xyz
URL: https://www1.btc747.xyz/2024/02/cruise-passengers-allege-they-werent.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
62df74d6e8f3357e95f3cfd5efc124f5171b2bf671e6579fc9eb30e0c4577619

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://1337x1.wb4.xyz
Referer
https://1337x1.wb4.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8578deb0cd980eaf-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 18 Feb 2024 20:02:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5yR%2BsdXQjLm%2Biie9wALxtPsOfsnV9HZ27pcIuUvoYAjloHOjEGmjMye8wYpHyPaLlki3a%2FZqJqp04Lzojcd8fOQKY8q3OOvm52C724YkmQbMsLKM%2FG%2FOdg%2FonlcBlkJp4Op4TCFKmhCLZbdxg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
js
www.googletagmanager.com/gtag/ Frame 6388 		191 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-46789381-49
Requested by
Host: 1337x1.wb4.xyz
URL: https://1337x1.wb4.xyz/2019/05/chargha-recipe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
43028fef5d3ad692f7d297bd3b81ba7ea7cfe9dfcfb83d2b6ae5d4e55380542b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1337x1.wb4.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 20:02:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70774
x-xss-protection
0
last-modified
Sun, 18 Feb 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 18 Feb 2024 20:02:49 GMT
script.js
1337x1.wb4.xyz/ Frame 6388 		90 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1337x1.wb4.xyz/script.js?t=202411820
Requested by
Host: 1337x1.wb4.xyz
URL: https://1337x1.wb4.xyz/2019/05/chargha-recipe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
bb81c521c328cf4dce09e15b0f34795e68d447f46a0c4007084689d10b6f20e1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1337x1.wb4.xyz/2019/05/chargha-recipe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 20:02:49 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sun, 18 Feb 2024 19:51:13 GMT
server
cloudflare
age
696
x-powered-by
PHP/7.4.33
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hBy1Hq9%2Fr0OfGPCXQsS1SqFhmF0QrOax2YlJDJAcU9TZ%2FljwoayIZmxIPfzQbDUdQSRUl2uGaWVMLkTtI5NBpB7O1XrS1ZFouwayXB4euQq5PNtBgMlmzIvhIcM4pYTS9ShjwMLVlWjUegxOuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8578deb11e4e0eaf-AMS
alt-svc
h3=":443"; ma=86400
abs
ptxhzp.com/ Frame 2306 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ptxhzp.com/abs?f=8&wid=465053&di=nwwais.com&dl=tdmrfw.com&d=www1.btc747.xyz&lok=1&abf=0
Requested by
Host: nwwais.com
URL: https://nwwais.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTIyNDAxNiwid2lkIjo0NjUwNTMsInNyYyI6Mn0=eyJ.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:b4a:1:7::9168:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 18 Feb 2024 20:02:49 GMT
access-control-allow-credentials
true
server
nginx/1.18.0
accept-ch
Sec-CH-UA-Platform-Version
content-length
0
js
www.googletagmanager.com/gtag/ Frame 6388 		230 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-32THDDHNK8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
961c5361b3ca4d12b617905e92f0ce4e51ac6c37526b3c3d7285a5dda5fb7d3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1337x1.wb4.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 20:02:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83123
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 18 Feb 2024 20:02:49 GMT
analytics.js
www.google-analytics.com/ Frame 6388 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1337x1.wb4.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 18 Feb 2024 19:48:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
880
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 18 Feb 2024 21:48:09 GMT
asyncspc.php
greenfox.ink/d/ Frame 2306 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://greenfox.ink/d/asyncspc.php?zones=6%7C7%7C10&prefix=revive-0-&cphost=43519b58b68d940f8734726dfed6c5c9%7C1%7Caino.sbs&loc=https%3A%2F%2Fwww1.btc747.xyz%2F2024%2F02%2Fcruise-passengers-allege-they-werent.html&referer=https%3A%2F%2Fwww1.btc747.xyz%2F
Requested by
Host: greenfox.ink
URL: https://greenfox.ink/d/asyncjs.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS
zmta28.corpresponse.com
Software
nginx/1.22.1 / PHP/8.0.30
Resource Hash
7f0d5ebc34355280a2aa2a13f3be21c168eca62e240a4e7d5ac7261e4b0073c6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 18 Feb 2024 20:02:49 GMT
Content-Encoding
gzip
Server
nginx/1.22.1
X-Powered-By
PHP/8.0.30
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
https://www1.btc747.xyz
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
0
a
www.googletagmanager.com/ Frame 2306 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?v=3&t=l&pid=1395799032&rv=42e0&h=Ag&gtm=457e42e0za200&ccid=_UA-46789381-59&cid=UA-46789381-59&l=L55.S2.Y2.B10.E574.I56.EC7.TC5.HTC0~gtm.init.S0.V0.E9.TS5ogt1pdatav2.TI6.TE2.TS5ccdgalast.TI8.TE0.TS5ccdgafirst.TI9.TE0~gtm.js.S0.V0.E6.TS5rep.TI1.TE0.TS5zone.TI3.TE1~*.S0.V0.E1~*.S0.V0.E0~gtm.dom.S0.V0.E0~gtm.load.S0.V0.E0~gtm.init_consent.S1.V0.E10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 20:02:49 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
500x200_batery_sport_sticker.jpg
amd-cdn-1.fabrate-gooklor-i-268.site/content/stream/Batery/ Frame 2306
Redirect Chain
  • https://revive.stats.rip/?type=2&service=test&advertiser=BATERY_PageBanners&custom=43519b58b68d940f8734726dfed6c5c9|1|aino.sbs&atype=2&banner=BATERY_SPORT&redirect=https%3A%2F%2Famd-cdn-1.fabrate-g...
  • https://amd-cdn-1.fabrate-gooklor-i-268.site/content/stream/Batery/500x200_batery_sport_sticker.jpg
35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amd-cdn-1.fabrate-gooklor-i-268.site/content/stream/Batery/500x200_batery_sport_sticker.jpg
Protocol
H2
Server
50.7.24.35 Halfweg, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
39688e8c4a367b0c6a5f68aefe81ea2f9161613afe3a51e6572623c2ae7da9b7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 20:02:49 GMT
last-modified
Tue, 24 Oct 2023 09:30:17 GMT
server
nginx
etag
"65378ea9-8d80"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding
content-length
36224

Redirect headers

date
Sun, 18 Feb 2024 20:02:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aAsBEAwKBR6CKp3V3pJZVYs%2FXfueblmyUC3Z3zoBY%2Bgm46OrdANDp72IrkrDiUPSm9HCvXve1okxvoh2hN8CtJ1r4x8mF1hBorwdDmTQAMGLKj3sGUDUiyr8LjpYnt46PtqcqRZ%2FEHspZL0F2mtI"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://amd-cdn-1.fabrate-gooklor-i-268.site/content/stream/Batery/500x200_batery_sport_sticker.jpg
cf-ray
8578deb3fbe37775-LHR
alt-svc
h3=":443"; ma=86400
pixel.gif
px.greenfox.ink/ Frame 2306 		42 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.greenfox.ink/pixel.gif?ad_type=1&banner=1&advertiser=1&cp_host=43519b58b68d940f8734726dfed6c5c9|1|aino.sbs&event_type=1&rand=7d7f63b1f4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:be41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 20:02:49 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nRIzvwPftdQRm23JP8MtSON4w1cg6a49fk9RSDjehuq8G4pB5o3zuqes9EJDJ62vVYVhrKRdppkbOW5817ZIQEr%2BaKj%2FbVbSQBRcNjPpRsU3XY5ErA%2BvKebc8dfRs4S1qFgkGDxA53XxTuggNEc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
8578deb3eb800bd0-AMS
alt-svc
h3=":443"; ma=86400
content-length
42
lg.php
greenfox.ink/d/ Frame 2306 		43 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://greenfox.ink/d/lg.php?bannerid=1&campaignid=1&zoneid=6&loc=https%3A%2F%2Fwww1.btc747.xyz%2F2024%2F02%2Fcruise-passengers-allege-they-werent.html&referer=https%3A%2F%2Fwww1.btc747.xyz%2F&cb=7d7f63b1f4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS
zmta28.corpresponse.com
Software
nginx/1.22.1 / PHP/8.0.30
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 18 Feb 2024 20:02:49 GMT
Server
nginx/1.22.1
X-Powered-By
PHP/8.0.30
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
lg.php
greenfox.ink/d/ Frame 2306 		43 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://greenfox.ink/d/lg.php?bannerid=0&campaignid=0&zoneid=7&loc=https%3A%2F%2Fwww1.btc747.xyz%2F2024%2F02%2Fcruise-passengers-allege-they-werent.html&referer=https%3A%2F%2Fwww1.btc747.xyz%2F&cb=6eda4f96c0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS
zmta28.corpresponse.com
Software
nginx/1.22.1 / PHP/8.0.30
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 18 Feb 2024 20:02:49 GMT
Server
nginx/1.22.1
X-Powered-By
PHP/8.0.30
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
lg.php
greenfox.ink/d/ Frame 2306 		43 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://greenfox.ink/d/lg.php?bannerid=45&campaignid=14&zoneid=10&loc=https%3A%2F%2Fwww1.btc747.xyz%2F2024%2F02%2Fcruise-passengers-allege-they-werent.html&referer=https%3A%2F%2Fwww1.btc747.xyz%2F&cb=a7455dc6ca
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
5.45.74.150 Dronten, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS
zmta28.corpresponse.com
Software
nginx/1.22.1 / PHP/8.0.30
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www1.btc747.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 18 Feb 2024 20:02:49 GMT
Server
nginx/1.22.1
X-Powered-By
PHP/8.0.30
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
w.js
jswww.net/ Frame 6388 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jswww.net/w.js?isr=1&wtoken=98963dc7-1c2d-49d5-bc4b-859b47dfca0e&u=678455&t=2063&sid=1337x1.wb4.xyz&r=0.9839234820576144
Requested by
Host: 1337x1.wb4.xyz
URL: https://1337x1.wb4.xyz/script.js?t=202411820
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.206.168.17 Amsterdam, Netherlands, ASN50245 (SERVEREL-AS, US),
Reverse DNS
109.206.168.17.serverel.net
Software
binder-v5.10.1 /
Resource Hash
0d4e75c88fc8be1b17e1e640c3753be562e023c398b2b8209f13e9558ab5afef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1337x1.wb4.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 20:02:50 GMT
x-response-code
20200
server
binder-v5.10.1
access-control-allow-methods
GET, POST
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
access-control-allow-headers
*
content-length
20314
317urqDu1FufnzaNFh4vUEsN6jaiUstzubSxWhhc.png
imcdn.co/ Frame 588A
Redirect Chain
  • https://imcod.net/b2/l/i/icon?asid=3291706230RXrzVzIJ&cid=1&did=cl96SEk&eid=10592&n=0fd005e507edacd617aae213&nid=1&sid=IFrfaKzTZK%2FQ6%2F0gjrhK36WMjmFj3NzoZnqpvarjJgXP88vvdt70rmITvso4r0zyuHNC2bijfN...
  • https://imcdn.co/317urqDu1FufnzaNFh4vUEsN6jaiUstzubSxWhhc.png
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imcdn.co/317urqDu1FufnzaNFh4vUEsN6jaiUstzubSxWhhc.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
2606:4700:3038::6815:ea48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
375c4282102066862504f7dfc6bebdcae26b2f71f79854b9a35afb201f84cdb0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 20:02:51 GMT
cf-cache-status
HIT
last-modified
Sun, 28 Jan 2024 04:12:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1871443
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FyXZShoFpkPZO6g7E9xUtOIvEc3n7GvqetRvkrXNfszdyAk6%2FR27n3ndsBxkOt6nLAxVu4nCkoxtZbENLPPCcrA7ddHjxYYEJZOHDXITPMubumdTz9dvIJaDjF4i5crHULergbVJaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
8578debffd280e18-AMS
alt-svc
h3=":443"; ma=86400
content-length
4102
expires
Tue, 27 Feb 2024 04:12:08 GMT

Redirect headers

location
https://imcdn.co/317urqDu1FufnzaNFh4vUEsN6jaiUstzubSxWhhc.png
date
Sun, 18 Feb 2024 20:02:50 GMT
referrer-policy
no-referrer, no-referrer
server
dspclick-v3.11.0
content-length
0
C7yCeVzEPrIohRfaGQ9iouOV80bjBFe4BwmbZkVM.png
imcdn.co/ Frame 588A
Redirect Chain
  • https://imcod.net/b2/l/i/icon?asid=3291706230TWcefCFe&cid=1&did=bW9DR2Y&eid=10592&n=7ac7f9bfb21da28d00b855a7&nid=1&sid=YY54Pq7jfXxoMSlWi0sEB%2F3aSPhjhv6%2FoxN8WyHaEYQs7DJerRac3oPM4nRfryTpqYOZd0qkLt...
  • https://imcdn.co/C7yCeVzEPrIohRfaGQ9iouOV80bjBFe4BwmbZkVM.png
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imcdn.co/C7yCeVzEPrIohRfaGQ9iouOV80bjBFe4BwmbZkVM.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
2606:4700:3038::6815:ea48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4be01a163246691ecf0cdebed0e5620e8679e25ce2d3b457f5c1eafae413eeb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 20:02:51 GMT
cf-cache-status
HIT
last-modified
Sun, 28 Jan 2024 05:10:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1867955
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNxqnOpNedL3cYxCxBz46JBP0aQJKYkSjx6y2SRBiUt0t3qvcfD7Q5mWAh5%2FiIfoWFph7VVCkn8eHabRBUq%2B7FxdcK%2FrVN5NeayJXaxvFJqr9H%2B8PLo77%2BU9dkBSrAGwhcd57VAnfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
8578debffd2b0e18-AMS
alt-svc
h3=":443"; ma=86400
content-length
4028
expires
Tue, 27 Feb 2024 05:10:16 GMT

Redirect headers

location
https://imcdn.co/C7yCeVzEPrIohRfaGQ9iouOV80bjBFe4BwmbZkVM.png
date
Sun, 18 Feb 2024 20:02:50 GMT
referrer-policy
no-referrer, no-referrer
server
dspclick-v3.11.0
content-length
0
ptbWgmjzFLnMOFJ6D7aDV0X6NmUQ9MLDVEbEeNUp.png
imcdn.co/ Frame 588A
Redirect Chain
  • https://imcod.net/b2/l/i/icon?asid=3291706230rpTqRVFw&cid=1&did=eVtWR3Q&eid=10592&n=d715cffeb7cf890738f1acce&nid=1&sid=oAH%2FLuxMa290i1Jonpu%2BYm3emSVZDiiGWKYUdmfUMCMMY737ZQfC9MgnYbmfMCllDDK1NvLaQe...
  • https://imcdn.co/ptbWgmjzFLnMOFJ6D7aDV0X6NmUQ9MLDVEbEeNUp.png
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imcdn.co/ptbWgmjzFLnMOFJ6D7aDV0X6NmUQ9MLDVEbEeNUp.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
2606:4700:3038::6815:ea48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92587924074928fb8370914c5721fe0719e52727f8f49b7fcc978eb8a52da78e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 20:02:51 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Jan 2024 02:29:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1791180
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nRvV3osL5zvdiPt1R1yOzV6fR6ML9W%2FCIJg217AG4FcPI%2FWgQQXuxYDn2nhYuDodEHNU7RDUzPqSIkgyeMBGIScfrEsyc07fXSPqyCFZtdjLqXochM1UHyFSWps%2BCddDO7dlFZQetw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
8578debffd240e18-AMS
alt-svc
h3=":443"; ma=86400
content-length
3970
expires
Wed, 28 Feb 2024 02:29:51 GMT

Redirect headers

location
https://imcdn.co/ptbWgmjzFLnMOFJ6D7aDV0X6NmUQ9MLDVEbEeNUp.png
date
Sun, 18 Feb 2024 20:02:51 GMT
referrer-policy
no-referrer, no-referrer
server
dspclick-v3.11.0
content-length
0
bejQSVIT3PaBGuuhBCnOW6We8kgjEBVQNDYhU2pu.png
imcdn.co/ Frame 588A
Redirect Chain
  • https://imcod.net/b2/l/i/icon?asid=3291706230LKMTWGeX&cid=1&did=XF5HZFs&eid=10592&n=82bfdefff58289c805f2834b&nid=1&sid=vwpb71q%2FtHzSJBEdiPY8LhvAj7hAo2tmYnBo363kBWYT1xbcGTy8c7i8I7%2FDBRPWnE2poFpPtb...
  • https://imcdn.co/bejQSVIT3PaBGuuhBCnOW6We8kgjEBVQNDYhU2pu.png
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imcdn.co/bejQSVIT3PaBGuuhBCnOW6We8kgjEBVQNDYhU2pu.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
2606:4700:3038::6815:ea48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21dafeca44b6b541a338fa4e4aa993e54df8ae8523623885f00adfc7bb20c121

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 20:02:51 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Jan 2024 07:22:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1773607
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shgoa5%2FLDx1SYWA08ChYGJPZuAJqD6Qqq64iuSPuwzMQBJrQGe4vvYdf5gNgtEJzCkUHtAfJTkOR2uAQFt%2Fl6wogIrTKSbp0ga%2B50BPUOsZmsR6gaUr7sL2D9ULpI7RYDRBzt6LfdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
8578debffd290e18-AMS
alt-svc
h3=":443"; ma=86400
content-length
1632
expires
Wed, 28 Feb 2024 07:22:44 GMT

Redirect headers

location
https://imcdn.co/bejQSVIT3PaBGuuhBCnOW6We8kgjEBVQNDYhU2pu.png
date
Sun, 18 Feb 2024 20:02:51 GMT
referrer-policy
no-referrer, no-referrer
server
dspclick-v3.11.0
content-length
0
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-P0LJR3FHEL&gtm=45je42e0v867598820za200&_p=1708286566662&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=217601000.1708286567&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=3&sid=1708286566&sct=1&seg=0&dl=https%3A%2F%2Fshagorbd.com%2F&dt=shagorbd.com&en=scroll&epn.percent_scrolled=90&_et=2&tfd=5306
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P0LJR3FHEL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://shagorbd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Feb 2024 20:02:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shagorbd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| sc_olimg_var object| pn string| w_h function| online function| sc_onlineimagei function| ct_inserti function| drawText_onlinei function| errorMsgi string| title string| GoogleAnalyticsObject function| ga function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData

10 Cookies

Domain/Path Name / Value
.shagorbd.com/ Name: shagorbd_com
Value: 97502q7sotbdons2e8b8fjjeo4
.shagorbd.com/ Name: _ga_P0LJR3FHEL
Value: GS1.1.1708286566.1.0.1708286566.0.0.0
.shagorbd.com/ Name: _ga
Value: GA1.2.217601000.1708286567
.shagorbd.com/ Name: _gid
Value: GA1.2.872132122.1708286567
.shagorbd.com/ Name: _gat
Value: 1
.shagorbd.com/ Name: _gat_gtag_UA_46789381_60
Value: 1
.shagorbd.com/ Name: _ga_HYY21FHH92
Value: GS1.2.1708286566.1.0.1708286566.60.0.0
greenfox.ink/ Name: OAGEO
Value: 2%7CNL%7CEU%7C1%7CRotterdam%7C3044%7C51.93%7C4.4264%7C20%7CEurope%2FAmsterdam%7C%7CZH%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
greenfox.ink/ Name: OAID
Value: 7f467dd7ab908b1fd4cd1b9a5d1ec2f2
.px.greenfox.ink/ Name: unq-user-id
Value: aaaaaaaaaa

13 Console Messages

Source Level URL
Text
other warning URL: https://shagorbd.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shagorbd.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shagorbd.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shagorbd.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shagorbd.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shagorbd.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shagorbd.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shagorbd.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shagorbd.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shagorbd.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shagorbd.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shagorbd.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shagorbd.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1337x1.wb4.xyz
amd-cdn-1.fabrate-gooklor-i-268.site
counter.jdi5.com
fastcdn.jdi5.com
fasty11.site
greenfox.ink
imcdn.co
imcod.net
imgcdn1.jdi5.com
jswww.net
nwwais.com
pagead2.googlesyndication.com
ptxhzp.com
px.greenfox.ink
region1.analytics.google.com
region1.google-analytics.com
revive.stats.rip
shagorbd.com
stats.g.doubleclick.net
tdmrfw.com
wivyiz.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www1.btc747.xyz
109.206.162.121
109.206.168.17
2001:4860:4802:34::36
2606:4700:3031::ac43:dce7
2606:4700:3035::ac43:8726
2606:4700:3035::ac43:be41
2606:4700:3036::ac43:a54e
2606:4700:3037::ac43:ae0b
2606:4700:3038::6815:ea48
2a00:1450:4001:809::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:811::2008
2a00:1450:4001:828::2002
2a00:1450:4001:830::2004
2a00:1450:400c:c06::9a
2a02:b4a:1:7::5647:1
2a02:b4a:1:7::9168:1
2a06:98c1:3120::3
2a06:98c1:3121::3
45.87.41.89
5.45.74.150
50.7.24.35
024567767cf06d1279bc0c4fa98581bf8ece442aef4700cd19e8eb3b4a9d522a
0b7511436cbc2a083a8a265c33d2eff7195011dad9ac1a2d2a05781e57feaaa6
0d4e75c88fc8be1b17e1e640c3753be562e023c398b2b8209f13e9558ab5afef
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
16a273954e382a0d8968fdc919213200ca0dcf3fc3d7b37c0d759269557dd72f
21dafeca44b6b541a338fa4e4aa993e54df8ae8523623885f00adfc7bb20c121
2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384
2ec3f75a7c54901965eefe4fa2e999f69b497bfe18d9d3dc5d60516e3cfac83d
375c4282102066862504f7dfc6bebdcae26b2f71f79854b9a35afb201f84cdb0
39688e8c4a367b0c6a5f68aefe81ea2f9161613afe3a51e6572623c2ae7da9b7
43028fef5d3ad692f7d297bd3b81ba7ea7cfe9dfcfb83d2b6ae5d4e55380542b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
549f8289905f59c82a3d55643d6f2868f3589a4ff2b067ad9f8c830daff502cb
62df74d6e8f3357e95f3cfd5efc124f5171b2bf671e6579fc9eb30e0c4577619
6452b139fbbc67f3f19248ae05c1d130f1432ad3a11f395203413e26d410f30c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
75b84da300926141978b2df0e00f5a7e897e29182ddad569ad1a736adee26907
7f0d5ebc34355280a2aa2a13f3be21c168eca62e240a4e7d5ac7261e4b0073c6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
92587924074928fb8370914c5721fe0719e52727f8f49b7fcc978eb8a52da78e
93aca88a20d54d45cdaedf7d7f54adb3947614e4cebb5d31c1c2f14c5c68831e
94f541dbfdef1a8128c164c852a4d6e5e28c1802806c015d2039f1380cae9ce1
961c5361b3ca4d12b617905e92f0ce4e51ac6c37526b3c3d7285a5dda5fb7d3b
964b256de36925c99745a87998ea54f5f487da42812e3e56ca21b19d64a31e3f
99262cf14b9cc66dc28995a10253b7025649240b73a10bbc57f8d0cfd471bf56
aad5623efaae82ad301a146d1437b18fff9885db2a872538bc5f885a7632fb89
ab39ba5bfed23061381cd5c12100eac34dd596f3c0b2f4bd80842ab6c38fd1de
b60895edac48c0e57797626f934999e3fad879df8b848e0e9c9e0e573c1a8dd7
bb81c521c328cf4dce09e15b0f34795e68d447f46a0c4007084689d10b6f20e1
bec80f10a0d02ad02fa63c9d7731b712e730f6543a190cb0eabf1cf609ef4ce7
c452aa8726f0841cbc4c73fa7f52a5171316bf10824997dea70e67ad7b990f12
cf5b66d7767321ee08e55da122d7bb06ffffeb077e26e6ed5efe5de8ff91a669
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48fdd83e77643574ad93366df36d8044d721b8b5ecc0f4fc5eb90f3ba48151d
e4be01a163246691ecf0cdebed0e5620e8679e25ce2d3b457f5c1eafae413eeb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629