federicodigirolamoyc3ip.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2ccf Public Scan

Go To Rescan
Add Verdict Report

URL:
https://federicodigirolamoyc3ip.pages.dev/
Submission: On August 15 via api (August 15th 2024, 3:22:37 am UTC) from US — Scanned from GB

Summary HTTP 47 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 19 domains to perform 47 HTTP transactions. The main IP is 2606:4700:310c::ac42:2ccf, located in United States and belongs to CLOUDFLARENET, US. The main domain is federicodigirolamoyc3ip.pages.dev.
TLS certificate: Issued by WE1 on July 29th 2024. Valid for: 3 months.

This is the only time federicodigirolamoyc3ip.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:310... 2606:4700:310c::ac42:2ccf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.240.253.132 172.240.253.132	7979 (SERVERS-COM) (SERVERS-COM)
2	18.195.79.25 18.195.79.25	16509 (AMAZON-02) (AMAZON-02)
3 7	192.243.61.227 192.243.61.227	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:33::10 2620:1ec:33::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	45.133.44.10 45.133.44.10	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac42:8472	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.39.128.117 54.39.128.117	16276 (OVH) (OVH)
8	192.243.59.13 192.243.59.13	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2606:4700:20:... 2606:4700:20::681a:613	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a06:98c1:312... 2a06:98c1:3120::9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
47	20

1 2606:4700:310c::ac42:2ccf (United States)

ASN13335 (CLOUDFLARENET, US)

federicodigirolamoyc3ip.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

myads.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
shayscholz.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.240.253.132 (United States)

ASN7979 (SERVERS-COM, US)

affordedseasick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.79.25 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-79-25.eu-central-1.compute.amazonaws.com

proftrafficcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 192.243.61.227 (Ashburn, United States) 3 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

corneredsedatetedious.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
unseenreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

suggestqueries.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

tse1.mm.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

recordedthereby.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.133.44.10 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cdn.cloudimagesb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac42:8472 (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.39.128.117 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns561935.ip-54-39-128.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

softenedcollar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:613 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.yourwebbars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3120::9 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.creative-bars1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	softenedcollar.com softenedcollar.com	12 KB
7	myads.my.id myads.my.id	6 KB
6	corneredsedatetedious.com 3 redirects corneredsedatetedious.com	17 KB
4	creative-bars1.com cdn.creative-bars1.com — Cisco Umbrella Rank: 13609	43 KB
3	cloudimagesb.com cdn.cloudimagesb.com — Cisco Umbrella Rank: 13358	199 KB
3	affordedseasick.com affordedseasick.com — Cisco Umbrella Rank: 712389	41 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	54 KB
2	gstatic.com fonts.gstatic.com	37 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 6836 s4.histats.com — Cisco Umbrella Rank: 6819	5 KB
2	proftrafficcounter.com proftrafficcounter.com — Cisco Umbrella Rank: 8770	624 B
2	blogspot.com 3.bp.blogspot.com — Cisco Umbrella Rank: 17124 shayscholz.blogspot.com	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
1	yourwebbars.com cdn.yourwebbars.com — Cisco Umbrella Rank: 33047	934 B
1	unseenreport.com unseenreport.com — Cisco Umbrella Rank: 10738	488 B
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157	51 KB
1	recordedthereby.com recordedthereby.com — Cisco Umbrella Rank: 8708	27 KB
1	bing.net tse1.mm.bing.net — Cisco Umbrella Rank: 3687	1 KB
1	google.com suggestqueries.google.com — Cisco Umbrella Rank: 923	758 B
1	pages.dev federicodigirolamoyc3ip.pages.dev	7 KB
47	19

	Domain	Requested by
8	softenedcollar.com	affordedseasick.com
7	myads.my.id	federicodigirolamoyc3ip.pages.dev
6	corneredsedatetedious.com	3 redirects federicodigirolamoyc3ip.pages.dev
4	cdn.creative-bars1.com	affordedseasick.com
3	cdn.cloudimagesb.com	federicodigirolamoyc3ip.pages.dev
3	affordedseasick.com	myads.my.id
3	cdnjs.cloudflare.com	federicodigirolamoyc3ip.pages.dev myads.my.id
2	fonts.gstatic.com	fonts.googleapis.com
2	proftrafficcounter.com	affordedseasick.com
1	fonts.googleapis.com	affordedseasick.com
1	cdn.yourwebbars.com	affordedseasick.com
1	unseenreport.com
1	shayscholz.blogspot.com
1	s4.histats.com	s10.histats.com
1	s10.histats.com	federicodigirolamoyc3ip.pages.dev
1	pagead2.googlesyndication.com	federicodigirolamoyc3ip.pages.dev
1	recordedthereby.com	affordedseasick.com
1	tse1.mm.bing.net	federicodigirolamoyc3ip.pages.dev
1	suggestqueries.google.com	federicodigirolamoyc3ip.pages.dev
1	3.bp.blogspot.com	federicodigirolamoyc3ip.pages.dev
1	federicodigirolamoyc3ip.pages.dev
47	21

This site contains links to these domains. Also see Links.

Domain
affordedseasick.com

Subject Issuer	Validity	Valid
federicodigirolamoyc3ip.pages.dev WE1	`2024-07-29` - `2024-10-27`	3 months	crt.sh
myads.my.id WE1	`2024-08-06` - `2024-11-04`	3 months	crt.sh
misc-sni.blogspot.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
affordedseasick.com R11	`2024-07-25` - `2024-10-23`	3 months	crt.sh
proftrafficcounter.com Amazon RSA 2048 M03	`2023-11-21` - `2024-12-19`	a year	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.mm.bing.net Microsoft Azure RSA TLS Issuing CA 04	`2024-07-30` - `2025-01-26`	6 months	crt.sh
recordedthereby.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
cdn.cloudimagesb.com R10	`2024-07-20` - `2024-10-18`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
s10.histats.com WE1	`2024-08-07` - `2024-11-05`	3 months	crt.sh
histats.com R11	`2024-08-06` - `2024-11-04`	3 months	crt.sh
softenedcollar.com R10	`2024-08-01` - `2024-10-30`	3 months	crt.sh
*.unseenreport.com R11	`2024-07-20` - `2024-10-18`	3 months	crt.sh
yourwebbars.com WE1	`2024-06-22` - `2024-09-20`	3 months	crt.sh
creative-bars1.com WE1	`2024-08-11` - `2024-11-09`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://federicodigirolamoyc3ip.pages.dev/
Frame ID: ECD692038E7D34F6EFAB031FF6F85F1B
Requests: 41 HTTP requests in this frame

Frame: https://cdn.cloudimagesb.com/cti/42/9d/39/429d39c381ed333edc13827196e894b4/1708270395.jpg
Frame ID: 4E31262533F4C752634FB17D04D64B09
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cloudimagesb.com/cti/fb/2e/4c/fb2e4ceb25f9e8394e12c3d216df7b2e/1708270373.jpg
Frame ID: 4F18C4195385C141FF1F5CE29E47DA5A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cloudimagesb.com/cti/2a/64/ce/2a64ce8eda8dd978aa075a952612a996/1707813839.png
Frame ID: 2AC04D01063195A590D84BCD50709D52
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
Frame ID: F674C8017FE48E69119C1CBF144405CE
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

(1) New Message!

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

94 %
HTTPS

68 %
IPv6

19
Domains

21
Subdomains

20
IPs

3
Countries

500 kB
Transfer

934 kB
Size

27
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://affordedseasick.com/jvc7j1tkig?key=c66d0e08f8c29db24bae4694b4ff0db5
Title: Download

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://corneredsedatetedious.com/watch.198318184526.js?key=2d37e6d07504ef306df285fbfc54ea4e&kw=%5B%5D&refer=https%3A%2F%2Ffedericodigirolamoyc3ip.pages.dev%2F&tz=1&dev=r&res=14.31&uuid=d53f9f58-2c1d-476b-826b-bca004e0e1c1%3A2%3A1 HTTP 307
https://corneredsedatetedious.com/watch.198318184526.js?dev=r&key=2d37e6d07504ef306df285fbfc54ea4e&kw=%5B%5D&pst=1723692209&refer=https%3A%2F%2Ffedericodigirolamoyc3ip.pages.dev%2F&res=14.31&rmtc=t&shu=77e4060b7e16c04a1effe1077f3ef9a6a9559a429e337a45c7dcab187b75c10ceeadad36ccc5bd855b41061d2f3ed8ec7b8139d77c4b287e7ba020a3afddab25d889342294b27d96279fdcc2b2879dd39ed9cc7b3df778e604776546051c06&tz=1&uuid=d53f9f58-2c1d-476b-826b-bca004e0e1c1%3A2%3A1

Request Chain 16

https://corneredsedatetedious.com/watch.635050010334.js?key=a2fa1c021faaa64dc52545dcd0d45f38&kw=%5B%5D&refer=https%3A%2F%2Ffedericodigirolamoyc3ip.pages.dev%2F&tz=1&dev=r&res=14.31&uuid=d53f9f58-2c1d-476b-826b-bca004e0e1c1%3A2%3A1 HTTP 307
https://corneredsedatetedious.com/watch.635050010334.js?dev=r&key=a2fa1c021faaa64dc52545dcd0d45f38&kw=%5B%5D&pst=1723692209&refer=https%3A%2F%2Ffedericodigirolamoyc3ip.pages.dev%2F&res=14.31&rmtc=t&shu=d95646e5c75eee8932609f1385e37f886815835a344ef342b2cc3ddb1e3e70882e77d3e82f82727a9457c6409fb78019e012c550326a2f460b9f0caf10a2fb7831ae2a1887b5a298fd0f65423161cad5bf26c3a5d2390cd8d55421dd3f1f7c&tz=1&uuid=d53f9f58-2c1d-476b-826b-bca004e0e1c1%3A2%3A1

Request Chain 19

https://corneredsedatetedious.com/watch.1695313187236.js?key=2d37e6d07504ef306df285fbfc54ea4e&kw=%5B%5D&refer=https%3A%2F%2Ffedericodigirolamoyc3ip.pages.dev%2F&tz=1&dev=r&res=14.31&uuid=adf29443-348c-4e11-b26d-2d03db0605db%3A1%3A1 HTTP 307
https://corneredsedatetedious.com/watch.1695313187236.js?dev=r&key=2d37e6d07504ef306df285fbfc54ea4e&kw=%5B%5D&pst=1723692209&refer=https%3A%2F%2Ffedericodigirolamoyc3ip.pages.dev%2F&res=14.31&rmtc=t&shu=599534f741ffa946d7832100c14636add3685b34cd367d87fa6995b544a5455fd5896bae3a38a4caa839980c982a3b184c0978aaeb6b88fafd27eeddafabf5b6e172d8c6b6bfd01bc129ff04fa793a6229236d69f27e6a35d32d1be803062e&tz=1&uuid=adf29443-348c-4e11-b26d-2d03db0605db%3A1%3A1

47 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
federicodigirolamoyc3ip.pages.dev/ 19 KB
7 KB 416ms
305ms Document
text/html 2606:4700:310c::ac42:2ccf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://federicodigirolamoyc3ip.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2ccf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

879cbf0b90334918bcfc225a36fc9a16f3b63c254fd73c46d705c6b6dbbc7c65

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 8b360f762d67cdbd-LHR
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 15 Aug 2024 03:22:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B3EDmqNxgEvohaZqD7gQ%2Fp374BTz6TlskBPeFxbKZgmTkUZ0x%2BogoTitwxivhe%2B%2Fbcvfg0CoscdFL1eWTnpulOgDkbgm5GeBi7iBhJOJrW6hep3AmmgKPkyKGZirvO%2FPmA%2FER54sspQXWf8rpSr9fL9XpOklfqmTK%2BfPl82IdiQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 a3ea5e2c4a89dc22586c3215359c51e8 Show response
myads.my.id/get/site/js/ 19 B
357 B 260ms
107ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://myads.my.id/get/site/js/a3ea5e2c4a89dc22586c3215359c51e8
Requested by: Host: federicodigirolamoyc3ip.pages.dev
URL: https://federicodigirolamoyc3ip.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 975381fd677695b4fe94a1352d347098a5acd8af613c89d28459dd8dd661b26e

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Aug 2024 03:22:28 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FVmxXxM%2FkuEddhp1hbc7iAfghC2SpYnD3ydPGS4KJ2oP5Fmxt1u1R5sSx%2FI3tNQotooWMrHY5P59YijnSh9N%2FvJLzs3uVn9ioLmaQ7DZvqdpjDn%2BO%2BJfepkW%2B2N5mTCGjqC6h23Iabhbqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8b360f792933bf0d-LHR
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 0ec4be041787e105fcb110b4725d4d42 Show response
myads.my.id/get/site/js/ 375 B
798 B 245ms
92ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://myads.my.id/get/site/js/0ec4be041787e105fcb110b4725d4d42
Requested by: Host: federicodigirolamoyc3ip.pages.dev
URL: https://federicodigirolamoyc3ip.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 864aad55d445c6cab1d098a3d786ed8965c164ee7d79d1d2df11f88cc486b651

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Aug 2024 03:22:28 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J%2F2%2B%2BdOyiUi9p43lo5N%2F6a%2BmxtUuyMLo8oob7DrBVjOo02InZx3kVStse%2B5Gy8YvgbjgBocG%2Fa64ZJ%2F20NRmtTjOfmH%2BwCAl5KdKj49Fftu7sWGM1tnGkIFidxoVZAcKWEWLn%2FrwsRyNxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8b360f792931bf0d-LHR
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 btn_close.gif
3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/ 362 B
664 B 219ms
59ms Image
image/gif 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif

Requested by

Host: federicodigirolamoyc3ip.pages.dev
URL: https://federicodigirolamoyc3ip.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 01:39:49 GMT
x-content-type-options: nosniff
age: 6159
content-disposition: inline;filename="btn_close.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 362
x-xss-protection: 0
server: fife
etag: "v1764"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 16 Aug 2024 01:39:49 GMT

GET
H2 200 d6f51a1ed1d2f145512197f7cd7be46d Show response
myads.my.id/get/site/js/ 372 B
558 B 244ms
92ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://myads.my.id/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d
Requested by: Host: federicodigirolamoyc3ip.pages.dev
URL: https://federicodigirolamoyc3ip.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6bb7bab06e686c19c76b38777825f174cc6ddeeddd62b1e902137bfe512bb9a

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Aug 2024 03:22:28 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6txmxO%2BpDG1kAAPVeYLSzp%2BLpEjGc%2Fnkiojjq1t7CEa55rfMCJHylgyDwVQ%2Bgw%2BHJRhnaXRFvYtBi6TcYruYlgkkapGdaYr86yLeaTw8ZilW1aLKr%2BknzvPiig%2BqzLFj0dsDpdFn6vU4Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8b360f792934bf0d-LHR
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 jquery.slim.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 71 KB
22 KB 146ms
46ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.slim.min.js

Requested by

Host: federicodigirolamoyc3ip.pages.dev
URL: https://federicodigirolamoyc3ip.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
Origin: https://federicodigirolamoyc3ip.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 03:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 551341
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 22329
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-11ab4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f1zZ2hjJlLhK2xaj%2BDf7xT7A30XxzqOF1%2FZZlT5XwrlE%2BuD0kupd5T5Y4SVKuHMgnEfDzBif7rs6OZZp6GLPFtLhk%2FEcDx%2BHhaw63qoTgCyep1jrNPrB98uL4y4x8wGyYoGi5bnwvfsXChegHNI5pepb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b360f7a3e2179c4-LHR
expires: Tue, 05 Aug 2025 03:22:28 GMT

GET
H3 200 lazysizes.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.0/ 8 KB
4 KB 111ms
42ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.0/lazysizes.min.js

Requested by

Host: federicodigirolamoyc3ip.pages.dev
URL: https://federicodigirolamoyc3ip.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46112dbceed738f759d03f04b115d5256a7d73660b7795acb382192ad84d9f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
Origin: https://federicodigirolamoyc3ip.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 03:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1847748
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3150
last-modified: Sat, 02 Jan 2021 18:12:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ff0b799-1ed1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ji%2BiaEiU5WXw%2F4%2FiT4Q1BdcGwzEW7dUApbglGyk6bWBHHJ2nBehprZfzXHl9eAvVhSzv9MuzWaL%2BLXdjRVS7WDlmxtgSxBfv%2BD8U6u2NFQp1SoPiGmiReGneGeOTXZc0%2B8K6xrUua64m6YTFoglE25LL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b360f7a3e2379c4-LHR
expires: Tue, 05 Aug 2025 03:22:28 GMT

GET
H2 200 ac3cda920831b1641735293117e0bf8c Show response
myads.my.id/get/site/js/ 4 KB
1 KB 81ms
77ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://myads.my.id/get/site/js/ac3cda920831b1641735293117e0bf8c
Requested by: Host: federicodigirolamoyc3ip.pages.dev
URL: https://federicodigirolamoyc3ip.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa0d7a47a1d6b923137aa4e069744d472504efd3bc2189f40ce64f2c51124d17

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Aug 2024 03:22:28 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KlqvNH3lotb7Q7r3961W4ohbJmi61TDgxfdilHvxoSiZDwxigHaiXMCYNVjK3aggIaHS2u6YXbt%2Ftqbb%2BztolMG%2FV7pe6W9m0Li6cN%2Fy3%2F0lwglnWmg8Gk4Lv6YVYh%2F%2BVrzXeD44GWZhQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8b360f79d979bf0d-LHR
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 f4c445a9929212d3a2108ce0a48d7aec Show response
myads.my.id/get/site/js/ 1 KB
954 B 94ms
93ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://myads.my.id/get/site/js/f4c445a9929212d3a2108ce0a48d7aec
Requested by: Host: federicodigirolamoyc3ip.pages.dev
URL: https://federicodigirolamoyc3ip.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69074867c465ce372e59d204e7172f858001a054de934e26f0e7fd0c012d2918

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Aug 2024 03:22:28 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Na0lU6zFw%2FJAeRDADj917zmpa48RPKxwL135BjIiA1UStptVvTheKJeSsso%2FCtyYB8r%2BdO6XKtYGY%2FIQKK6vABXnWZuuu7RKSSVaED6LWjrk5bJ6%2BuJ2HjDZFcntOaf6vuXe834P76lu2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8b360f79d97abf0d-LHR
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 00e40766c9bb8bf76dcea0f374537f1e Show response
myads.my.id/get/site/js/ 2 KB
1 KB 76ms
75ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://myads.my.id/get/site/js/00e40766c9bb8bf76dcea0f374537f1e
Requested by: Host: federicodigirolamoyc3ip.pages.dev
URL: https://federicodigirolamoyc3ip.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a73573898a2702359d256caddc3b06a8e2f1ca74ee0b474caae8b93c13296e5f

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Aug 2024 03:22:28 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=McuH5VqZeuh3mo0Lt7zV4WdKLgzyOwwkQcdEXJwmI5ElxUwQXbeZ40HWHDpO%2BeYPPWZxOz9bIIYemW7ZBr%2BVTC2GhDbFC7Lko43FDyjnv3QThaTwGPnvCs96jl0auhgAs0P4v28GbyiAhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8b360f79d97bbf0d-LHR
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK invoke.js Show response
affordedseasick.com/2d37e6d07504ef306df285fbfc54ea4e/ 31 KB
12 KB 463ms
209ms Script
application/javascript 172.240.253.132
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://affordedseasick.com/2d37e6d07504ef306df285fbfc54ea4e/invoke.js

Requested by

Host: myads.my.id
URL: https://myads.my.id/get/site/js/0ec4be041787e105fcb110b4725d4d42

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

388886fcc8c3db98b130b17563b7f4f81c7582b5dcaf9a534c3ce13a73b0f9f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Thu, 15 Aug 2024 03:22:29 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
X-Request-ID: f55bdf84c729f8e101c0e3bb692e24bd
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 stats Show response
proftrafficcounter.com/ 40 B
312 B 257ms
101ms XHR
text/html 18.195.79.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proftrafficcounter.com/stats
Requested by: Host: affordedseasick.com
URL: https://affordedseasick.com/2d37e6d07504ef306df285fbfc54ea4e/invoke.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.79.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-79-25.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: d7222ca461c65cffd0e537018b98b0ef88eda9e0396882609f89d91252a199e3

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://federicodigirolamoyc3ip.pages.dev
date: Thu, 15 Aug 2024 03:22:29 GMT
access-control-allow-credentials: true
server: fasthttp
content-length: 40
vary: Origin
content-type: text/html; charset=UTF-8

GET
H3 200 0ec4be041787e105fcb110b4725d4d42 Show response
myads.my.id/get/site/js/ 375 B
786 B 204ms
204ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://myads.my.id/get/site/js/0ec4be041787e105fcb110b4725d4d42
Requested by: Host: federicodigirolamoyc3ip.pages.dev
URL: https://federicodigirolamoyc3ip.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 864aad55d445c6cab1d098a3d786ed8965c164ee7d79d1d2df11f88cc486b651

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Aug 2024 03:22:29 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WdZGtz7IHv%2FlUZmjoa7az3DKHeIHCDQVI284PddkO9XZIE6tM6Rt1ONhB3pFVeQSLl%2FSmsmk6eKM6IJ6IIT0lT6c0C960xB%2FoB3KiZSw1YAiicmumxqsxpi3Y1ddCr0eoX%2FqoJUx1M%2Blvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8b360f7cddd7cd0a-LHR
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 stats Show response
proftrafficcounter.com/ 40 B
312 B 136ms
97ms XHR
text/html 18.195.79.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proftrafficcounter.com/stats
Requested by: Host: affordedseasick.com
URL: https://affordedseasick.com/2d37e6d07504ef306df285fbfc54ea4e/invoke.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.79.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-79-25.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: adcd019b3482529f7d5d1e10840e400ed3f5a85adde89aba34ab3f7c978b7a36

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://federicodigirolamoyc3ip.pages.dev
date: Thu, 15 Aug 2024 03:22:29 GMT
access-control-allow-credentials: true
server: fasthttp
content-length: 40
vary: Origin
content-type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK invoke.js Show response
affordedseasick.com/a2fa1c021faaa64dc52545dcd0d45f38/ 31 KB
12 KB 112ms
112ms Script
application/javascript 172.240.253.132
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://affordedseasick.com/a2fa1c021faaa64dc52545dcd0d45f38/invoke.js

Requested by

Host: myads.my.id
URL: https://myads.my.id/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

2ed241cd8ded2fab1fcb18311a5295cf0c43c60905193c3e88d95e9be0872859

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Thu, 15 Aug 2024 03:22:29 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
X-Request-ID: 4acdb94ad3179087d25fac22b3ed667e
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1

200
OK

watch.198318184526.js Show response
corneredsedatetedious.com/
Redirect Chain

https://corneredsedatetedious.com/watch.198318184526.js?key=2d37e6d07504ef306df285fbfc54ea4e&kw=%5B%5D&refer=https%3A%2F%2Ffedericodigirolamoyc3ip.pages.dev%2F&tz=1&dev=r&res=14.31&uuid=d53f9f58-2c...
https://corneredsedatetedious.com/watch.198318184526.js?dev=r&key=2d37e6d07504ef306df285fbfc54ea4e&kw=%5B%5D&pst=1723692209&refer=https%3A%2F%2Ffedericodigirolamoyc3ip.pages.dev%2F&res=14.31&rmtc=t...

3 KB
3 KB

120ms
119ms

XHR
text/html

192.243.61.227
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://corneredsedatetedious.com/watch.198318184526.js?dev=r&key=2d37e6d07504ef306df285fbfc54ea4e&kw=%5B%5D&pst=1723692209&refer=https%3A%2F%2Ffedericodigirolamoyc3ip.pages.dev%2F&res=14.31&rmtc=t&shu=77e4060b7e16c04a1effe1077f3ef9a6a9559a429e337a45c7dcab187b75c10ceeadad36ccc5bd855b41061d2f3ed8ec7b8139d77c4b287e7ba020a3afddab25d889342294b27d96279fdcc2b2879dd39ed9cc7b3df778e604776546051c06&tz=1&uuid=d53f9f58-2c1d-476b-826b-bca004e0e1c1%3A2%3A1

Requested by

Host: federicodigirolamoyc3ip.pages.dev
URL: https://federicodigirolamoyc3ip.pages.dev/

Protocol

HTTP/1.1

Server

192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

090ccf5a3f72966a551781af55093364a34f157f0465ac249278dc1b860297b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 15 Aug 2024 03:22:29 GMT
Custom-Referer: https://federicodigirolamoyc3ip.pages.dev
Content-Encoding: gzip
Strict-Transport-Security: max-age=0; includeSubdomains
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
X-Request-ID: de220c5e2514e4b37e1bc9753c19ec42
Pragma: no-cache
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: text/html
Access-Control-Allow-Origin: https://federicodigirolamoyc3ip.pages.dev
Cache-Control: no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date: Thu, 15 Aug 2024 03:22:29 GMT
Custom-Referer: https://federicodigirolamoyc3ip.pages.dev
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0
X-Request-ID: 10d1889096babd161095cbe5f78a6b70
Pragma: no-cache
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: text/html
Access-Control-Allow-Origin: https://federicodigirolamoyc3ip.pages.dev
Location: https://corneredsedatetedious.com/watch.198318184526.js?dev=r&key=2d37e6d07504ef306df285fbfc54ea4e&kw=%5B%5D&pst=1723692209&refer=https%3A%2F%2Ffedericodigirolamoyc3ip.pages.dev%2F&res=14.31&rmtc=t&shu=77e4060b7e16c04a1effe1077f3ef9a6a9559a429e337a45c7dcab187b75c10ceeadad36ccc5bd855b41061d2f3ed8ec7b8139d77c4b287e7ba020a3afddab25d889342294b27d96279fdcc2b2879dd39ed9cc7b3df778e604776546051c06&tz=1&uuid=d53f9f58-2c1d-476b-826b-bca004e0e1c1%3A2%3A1
Cache-Control: no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1

200
OK

watch.635050010334.js Show response
corneredsedatetedious.com/
Redirect Chain

https://corneredsedatetedious.com/watch.635050010334.js?key=a2fa1c021faaa64dc52545dcd0d45f38&kw=%5B%5D&refer=https%3A%2F%2Ffedericodigirolamoyc3ip.pages.dev%2F&tz=1&dev=r&res=14.31&uuid=d53f9f58-2c...
https://corneredsedatetedious.com/watch.635050010334.js?dev=r&key=a2fa1c021faaa64dc52545dcd0d45f38&kw=%5B%5D&pst=1723692209&refer=https%3A%2F%2Ffedericodigirolamoyc3ip.pages.dev%2F&res=14.31&rmtc=t...

3 KB
3 KB

136ms
135ms

XHR
text/html

192.243.61.227
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://corneredsedatetedious.com/watch.635050010334.js?dev=r&key=a2fa1c021faaa64dc52545dcd0d45f38&kw=%5B%5D&pst=1723692209&refer=https%3A%2F%2Ffedericodigirolamoyc3ip.pages.dev%2F&res=14.31&rmtc=t&shu=d95646e5c75eee8932609f1385e37f886815835a344ef342b2cc3ddb1e3e70882e77d3e82f82727a9457c6409fb78019e012c550326a2f460b9f0caf10a2fb7831ae2a1887b5a298fd0f65423161cad5bf26c3a5d2390cd8d55421dd3f1f7c&tz=1&uuid=d53f9f58-2c1d-476b-826b-bca004e0e1c1%3A2%3A1

Requested by

Host: federicodigirolamoyc3ip.pages.dev
URL: https://federicodigirolamoyc3ip.pages.dev/

Protocol

HTTP/1.1

Server

192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

ba048f19bf3c3d408f4187dbbefc5f9ed1fda203d07fb430edf2062e02438601

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 15 Aug 2024 03:22:30 GMT
Custom-Referer: https://federicodigirolamoyc3ip.pages.dev
Content-Encoding: gzip
Strict-Transport-Security: max-age=0; includeSubdomains
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
X-Request-ID: 0a36844ab9661badfbe50fd93af6531a
Pragma: no-cache
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: text/html
Access-Control-Allow-Origin: https://federicodigirolamoyc3ip.pages.dev
Cache-Control: no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date: Thu, 15 Aug 2024 03:22:29 GMT
Custom-Referer: https://federicodigirolamoyc3ip.pages.dev
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0
X-Request-ID: 4e3abad128309ba6c4b21df5c3ea272f
Pragma: no-cache
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: text/html
Access-Control-Allow-Origin: https://federicodigirolamoyc3ip.pages.dev
Location: https://corneredsedatetedious.com/watch.635050010334.js?dev=r&key=a2fa1c021faaa64dc52545dcd0d45f38&kw=%5B%5D&pst=1723692209&refer=https%3A%2F%2Ffedericodigirolamoyc3ip.pages.dev%2F&res=14.31&rmtc=t&shu=d95646e5c75eee8932609f1385e37f886815835a344ef342b2cc3ddb1e3e70882e77d3e82f82727a9457c6409fb78019e012c550326a2f460b9f0caf10a2fb7831ae2a1887b5a298fd0f65423161cad5bf26c3a5d2390cd8d55421dd3f1f7c&tz=1&uuid=d53f9f58-2c1d-476b-826b-bca004e0e1c1%3A2%3A1
Cache-Control: no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 search Show response
suggestqueries.google.com/complete/ 20 B
758 B 315ms
124ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=

Requested by

Host: federicodigirolamoyc3ip.pages.dev
URL: https://federicodigirolamoyc3ip.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

5ffae3c0e627b6a2083d67639bfa32ecfe695671ee25f8e1315d2067a4e28df4

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-84beoVUvZF3M2wOSItkMYQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 15 Aug 2024 03:22:29 GMT
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-84beoVUvZF3M2wOSItkMYQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
content-encoding: br
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
permissions-policy: unload=()
expires: -1

GET
H2 404 th
tse1.mm.bing.net/ 727 B
1 KB 255ms
102ms Image
image/jpeg 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tse1.mm.bing.net/th?q=
Requested by: Host: federicodigirolamoyc3ip.pages.dev
URL: https://federicodigirolamoyc3ip.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7edda2585f580c167fd4e3a6c162534548cda437f8bef67c544f3aa9c162a17c

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Aug 2024 03:22:29 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4207D08DA29E438A8E3FC53E1A34CB42 Ref B: LON04EDGE0622 Ref C: 2024-08-15T03:22:29Z
access-control-allow-methods: GET, POST, OPTIONS
x-cache: TCP_MISS
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
cache-control: no-cache
timing-allow-origin: *
access-control-allow-headers: *
content-length: 727
expires: -1

GET
H/1.1

200
OK

watch.1695313187236.js Show response
corneredsedatetedious.com/
Redirect Chain

https://corneredsedatetedious.com/watch.1695313187236.js?key=2d37e6d07504ef306df285fbfc54ea4e&kw=%5B%5D&refer=https%3A%2F%2Ffedericodigirolamoyc3ip.pages.dev%2F&tz=1&dev=r&res=14.31&uuid=adf29443-3...
https://corneredsedatetedious.com/watch.1695313187236.js?dev=r&key=2d37e6d07504ef306df285fbfc54ea4e&kw=%5B%5D&pst=1723692209&refer=https%3A%2F%2Ffedericodigirolamoyc3ip.pages.dev%2F&res=14.31&rmtc=...

3 KB
3 KB

111ms
111ms

XHR
text/html

192.243.61.227
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://corneredsedatetedious.com/watch.1695313187236.js?dev=r&key=2d37e6d07504ef306df285fbfc54ea4e&kw=%5B%5D&pst=1723692209&refer=https%3A%2F%2Ffedericodigirolamoyc3ip.pages.dev%2F&res=14.31&rmtc=t&shu=599534f741ffa946d7832100c14636add3685b34cd367d87fa6995b544a5455fd5896bae3a38a4caa839980c982a3b184c0978aaeb6b88fafd27eeddafabf5b6e172d8c6b6bfd01bc129ff04fa793a6229236d69f27e6a35d32d1be803062e&tz=1&uuid=adf29443-348c-4e11-b26d-2d03db0605db%3A1%3A1

Requested by

Host: federicodigirolamoyc3ip.pages.dev
URL: https://federicodigirolamoyc3ip.pages.dev/

Protocol

HTTP/1.1

Server

192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

939f33bd9fd32633218078f8d31ab3560adf6887ee20450bda193420889c5740

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 15 Aug 2024 03:22:30 GMT
Custom-Referer: https://federicodigirolamoyc3ip.pages.dev
Content-Encoding: gzip
Strict-Transport-Security: max-age=0; includeSubdomains
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
X-Request-ID: a4d995f1385bf7facb5722ed9952ee7c
Pragma: no-cache
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: text/html
Access-Control-Allow-Origin: https://federicodigirolamoyc3ip.pages.dev
Cache-Control: no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date: Thu, 15 Aug 2024 03:22:29 GMT
Custom-Referer: https://federicodigirolamoyc3ip.pages.dev
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0
X-Request-ID: f6bab8f3d9b1e136b21072d31789d127
Pragma: no-cache
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: text/html
Access-Control-Allow-Origin: https://federicodigirolamoyc3ip.pages.dev
Location: https://corneredsedatetedious.com/watch.1695313187236.js?dev=r&key=2d37e6d07504ef306df285fbfc54ea4e&kw=%5B%5D&pst=1723692209&refer=https%3A%2F%2Ffedericodigirolamoyc3ip.pages.dev%2F&res=14.31&rmtc=t&shu=599534f741ffa946d7832100c14636add3685b34cd367d87fa6995b544a5455fd5896bae3a38a4caa839980c982a3b184c0978aaeb6b88fafd27eeddafabf5b6e172d8c6b6bfd01bc129ff04fa793a6229236d69f27e6a35d32d1be803062e&tz=1&uuid=adf29443-348c-4e11-b26d-2d03db0605db%3A1%3A1
Cache-Control: no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK c677e860e1188598b4dcedec4384d295.js Show response
affordedseasick.com/c6/77/e8/ 44 KB
17 KB 112ms
112ms Script
application/javascript 172.240.253.132
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://affordedseasick.com/c6/77/e8/c677e860e1188598b4dcedec4384d295.js

Requested by

Host: myads.my.id
URL: https://myads.my.id/get/site/js/f4c445a9929212d3a2108ce0a48d7aec

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

76dc8e22c5e2dab50604fcc902e6b5579154b806c5468f82fa68e6a1727906f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Thu, 15 Aug 2024 03:22:29 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
X-Request-ID: eeb8963c541d9574ed6a6042a54001c9
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 sfp.js Show response
recordedthereby.com/ 83 KB
27 KB 591ms
244ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://recordedthereby.com/sfp.js

Requested by

Host: affordedseasick.com
URL: https://affordedseasick.com/c6/77/e8/c677e860e1188598b4dcedec4384d295.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 03:22:30 GMT
strict-transport-security: max-age=0; includeSubdomains
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
x-request-id: 0ade8ef890073c767fe460b82f441ef7
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bErJH%2FFu27NYPwhpEC8P3t6azDzodgDS7st3jarAtjakZ1%2BD0BEbXpE9m0TnYJsHu5ETDondVbQiLa8BV%2FxGGj6T3N1Ey2qKjI9YdpB48aKgRbsbsGgzL6DhbE0e4fyW3ABZTNaSDAnwjzRMuIwRBNDi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, max-age=0, private, no-cache
cf-ray: 8b360f840eaa9431-LHR
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/ 85 KB
27 KB 39ms
38ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js

Requested by

Host: myads.my.id
URL: https://myads.my.id/get/site/js/00e40766c9bb8bf76dcea0f374537f1e

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://federicodigirolamoyc3ip.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 15 Aug 2024 03:22:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 131562
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27446
last-modified: Tue, 29 Aug 2023 04:36:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64ed75bb-6b36"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QawDwg%2BMqmqEgJ9%2Fkois95TlmgPHtsE3FU%2FzIKdMd1GVlI2dXOTbL2JY6qb6QBHt4lrfthDsZ1DMsmtsGVnDGY70K4YDL1fMKPhOVUvnayU49COU4jAShR8%2Bx7i7bZ09lwwnUrvx1E0hz0wPxxWL5Y2o"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b360f81ea5e79c4-LHR
expires: Tue, 05 Aug 2025 03:22:30 GMT

GET
H2 200 1708270395.jpg
cdn.cloudimagesb.com/cti/42/9d/39/429d39c381ed333edc13827196e894b4/ Frame 4E31 38 KB
38 KB 346ms
40ms Image
image/jpeg 45.133.44.10
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cloudimagesb.com/cti/42/9d/39/429d39c381ed333edc13827196e894b4/1708270395.jpg
Requested by: Host: federicodigirolamoyc3ip.pages.dev
URL: https://federicodigirolamoyc3ip.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.10 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: aba32ac81423e3689fb90338e51fbdf841d9aa5ddcb38f485be2fdd17efd1597

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Thu, 15 Aug 2024 03:22:30 GMT
last-modified: Sun, 18 Feb 2024 15:33:24 GMT
server: nginx/1.21.6
etag: "65d22344-9829"
x-cdn-host-id: ds5950
content-type: image/jpeg
cache-control: max-age=172800
accept-ranges: bytes
content-length: 38953
expires: Sat, 17 Aug 2024 03:22:30 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
51 KB 321ms
59ms Fetch
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: federicodigirolamoyc3ip.pages.dev
URL: https://federicodigirolamoyc3ip.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c5500a9153c7d0eb092236c6ffb853342e5cc07f575c793d2a2d84a8f8ba070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 03:22:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52584
x-xss-protection: 0
server: cafe
etag: 13310118429563475644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 15 Aug 2024 03:22:30 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 302ms
42ms Script
text/javascript 2606:4700:10::ac42:8472
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: federicodigirolamoyc3ip.pages.dev
URL: https://federicodigirolamoyc3ip.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac42:8472 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 03:22:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 36306
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8b360f841bf1947b-LHR
content-length: 4547

GET
H2 200 1708270373.jpg
cdn.cloudimagesb.com/cti/fb/2e/4c/fb2e4ceb25f9e8394e12c3d216df7b2e/ Frame 4F18 37 KB
37 KB 306ms
80ms Image
image/jpeg 45.133.44.10
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cloudimagesb.com/cti/fb/2e/4c/fb2e4ceb25f9e8394e12c3d216df7b2e/1708270373.jpg
Requested by: Host: federicodigirolamoyc3ip.pages.dev
URL: https://federicodigirolamoyc3ip.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.10 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: f53bba61704138e18c9373a89b36aa4cfc03b9db23db3d944f32cc67a11bfcff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Thu, 15 Aug 2024 03:22:30 GMT
last-modified: Sun, 18 Feb 2024 15:33:02 GMT
server: nginx/1.21.6
etag: "65d2232e-927f"
x-cdn-host-id: ds5950
content-type: image/jpeg
cache-control: max-age=172800
accept-ranges: bytes
content-length: 37503
expires: Sat, 17 Aug 2024 03:22:30 GMT

GET
H2 200 1707813839.png
cdn.cloudimagesb.com/cti/2a/64/ce/2a64ce8eda8dd978aa075a952612a996/ Frame 2AC0 124 KB
124 KB 293ms
77ms Image
image/png 45.133.44.10
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cloudimagesb.com/cti/2a/64/ce/2a64ce8eda8dd978aa075a952612a996/1707813839.png
Requested by: Host: federicodigirolamoyc3ip.pages.dev
URL: https://federicodigirolamoyc3ip.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.10 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: cb63305035c57bf9d2d2cdca42c28adf15860b1807c7a40c6a1bfd72058848f1

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Thu, 15 Aug 2024 03:22:30 GMT
last-modified: Tue, 13 Feb 2024 08:44:07 GMT
server: nginx/1.21.6
etag: "65cb2bd7-1efa1"
x-cdn-host-id: ds5950
content-type: image/png
cache-control: max-age=172800
accept-ranges: bytes
content-length: 126881
expires: Sat, 17 Aug 2024 03:22:30 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 50 B
184 B 447ms
182ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4783699&@f16&@g1&@h1&@i1&@j1723692150444&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-GB&@u1600&@b1:189164102&@b3:1723692150&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Ffedericodigirolamoyc3ip.pages.dev%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: 17f85e1d5aea1cd0ea651dc82491b7ab0a0f840390d5723fe8cd21a802ae3bb8

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 15 Aug 2024 03:22:14 GMT
Connection: close
Content-Length: 50
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK sbar.json Show response
softenedcollar.com/ 12 KB
8 KB 982ms
446ms XHR
text/plain 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://softenedcollar.com/sbar.json?key=c677e860e1188598b4dcedec4384d295&uuid=adf29443-348c-4e11-b26d-2d03db0605db%3A1%3A1

Requested by

Host: affordedseasick.com
URL: https://affordedseasick.com/c6/77/e8/c677e860e1188598b4dcedec4384d295.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

92d6fd0a4f3cbf88c577416263f7011c180fe49b16589270e7109d3de4fbbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 15 Aug 2024 03:22:31 GMT
Custom-Referer: https://federicodigirolamoyc3ip.pages.dev
Content-Encoding: gzip
Strict-Transport-Security: max-age=0; includeSubdomains
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
X-Request-ID: ebac008d82578d3508c1a5dfab4875c3
Pragma: no-cache
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://federicodigirolamoyc3ip.pages.dev
Cache-Control: no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 favicon.ico
shayscholz.blogspot.com/ 4 KB
895 B 366ms
350ms Other
image/x-icon 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://shayscholz.blogspot.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
date: Thu, 15 Aug 2024 03:22:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-to blogspot; report-uri https://www.blogger.com/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 412
x-xss-protection: 1; mode=block
last-modified: Fri, 08 Mar 2024 19:12:27 GMT
server: GSE
etag: W/"53e1bb00e6929e879a040ee00d8ddd9c6a9b1f6c6c79cd1077a9390901619218"
x-frame-options: SAMEORIGIN
report-to: {"group":"blogspot","max_age":2592000,"endpoints":[{"url":"https://www.blogger.com/cspreport"}]}
content-type: image/x-icon
cache-control: private, max-age=86400
expires: Thu, 15 Aug 2024 03:22:31 GMT

GET
H/1.1 200
OK pxf.gif
unseenreport.com/ 1 B
488 B 488ms
160ms Image
image/gif 192.243.61.227
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unseenreport.com/pxf.gif?uuid=adf29443-348c-4e11-b26d-2d03db0605db&eb=a66d8d39cde75cc50d1b5e4c019c7c99&te=566b20406b2dfb88a42628d0275cc61f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F127.0.0.0%20Safari%2F537.36&dev=r&res=14.31&b_frame=0&pk=c677e860e1188598b4dcedec4384d295&bl=en-GB&sr=1200x1600&sz=1200x1600&hjs=4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Aug 2024 03:22:31 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.21.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
Content-Length: 1
X-Request-ID: 43b6d98a89dd61f52a3810dcdd0aa1ac
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 index.html Show response
cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/ 2 KB
934 B 485ms
345ms XHR
text/html 2606:4700:20::681a:613
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/index.html
Requested by: Host: affordedseasick.com
URL: https://affordedseasick.com/c6/77/e8/c677e860e1188598b4dcedec4384d295.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:613 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 892770f87203561e88170098d4d7bf67c604abc086e165cbe07782aab5514a38

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 03:22:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 01 Feb 2024 14:48:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7u4H9gnGuuko%2BLXk8St5MKoYcvBdDjWHH8ou0sWjI1s0eOpyWTCd3M%2B4s6pSSgIdgiaSljdBSttwXwApS8zatrTjbQLhUDeZMiR2S5GR9swTqFD%2BlQ0bFnBeUV8XHG9f%2BpoSbrYKG5zqQEnP%2FWzs6pA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public, max-age=315360000
cf-ray: 8b360f8c1cd279c1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ren.gif
softenedcollar.com/ 7 B
733 B 130ms
130ms Image
image/gif 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://softenedcollar.com/ren.gif?sid=H4sIAAAAAAAC%2F1xSzYscRR%2BumbzkEgi8L7wgitgHD4lkJ909Xz14kGxiPtgJifkg8STVVTWzP6e7qqnqnt7sxWhEchxz8dr7TD7wI6IXbwkyqyAEhIxe9rIg%2FgWevchMFkf8Nc3vo54fPM9T9clOsc9CFHxPXTTblCT8ZLvhe8duBsGbXp90seVtRZ33Oq3j3qksS9QNFW9QfrLd7DaaHe%2FYxvlrF%2FsnvIRGyjunxMgc905vWpOqk0HYbfiLz7vKB9zSwQooexz0Wo1uqxEGYaPTw5b918AVNThegxzvs%2F%2BB5Pzon7%2F3QWIGnX5zRrlRbrITb6dFwnNjMZaPruuRNqVGuioHtoaBfnSAhnHPzz6F0Q%2BWimDGfwNjmrP6kQKxfviCOOLxNAi7iBMojVgeQTmeQSUzEJ9BmDsgeRFC4tw6dPr1dU25kt4G6aE06QsMX2Dm7PChm6Byzg5%2F7EOnT9ct5eQ2vWsqUcKkaaFJ8JyMdt7l%2FmlsDSrQ1gw0nCErdpFv10DlLkT%2BEUj%2BzI7deA06fdg3WhoNknuvczkIe61Wc63ZisRaSwXBWhx25Foo%2FaaM%2FY7flvHSNqIZaDBDoibgroZi8VMNxaCOIqsjlXteIAbtbstvi5A3m%2B2op3p%2B4MtBFETdqBNEbRRioWqCPJtAJBMIexuZvY0RTWCL7%2BE2KzhZh8vnrPbOBxjLCqViKB1DyRlKYihzhnJcPZCJC131UCauiIODHB7kZjU1%2BXAnfmDyodIvgdsJrKx2sn3236Wtf%2Fz4MkZqzxOdbldFHV8FQRS1e1HckkJJJVrNqCXDXhuOKpCrLyVv05z9%2F9MPkdGc1c7%2FhJjvwiW7EHQIvHgVvKzANyts68c04mlWuEZ6q0ES0lTI8v8gv1XbSfbZK0sKG5%2FdgxLP2EFA2AqZrfA%2B%2FcAwTO5Or5iS3b9iSse%2BvZTllNL28qav5jxXh7%2FYULdKY%2BWFM27y%2BSmxOFiUX11TLu9zLUkPHftynaRU9qyxQrEnF9wNFV8u3OZ6YXWR9S%2BfPnshzaxyjoyegdPzd%2B9B0Jwd%2Fa6%2FfNJveL%2BC7Ay2qJAWK6ZkZhDZbbhsNXOGwSarPs5qKItqasN4NUyIIVGrnscV3D%2F6eFVPLV9sc6p23F0MbR08vwOdVhjbCuOkAk8mcMWhaZ7ZZ2%2F90lwG4qQ%2BjRNbvx8nNrm3NHnOLv0WwdGeF3DREWE39JsBj8OOL4OujIJeGLW6oi19jtzNB0%2Fy8q8AAAD%2F%2F07HegPPBAAA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Aug 2024 03:22:31 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: image/gif
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
Content-Length: 7
X-Request-ID: 5aa9443d88541d0edaded363b23f2f7e
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 animate.css Show response
cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/css/ 77 KB
5 KB 322ms
201ms XHR
text/css 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/css/animate.css
Requested by: Host: affordedseasick.com
URL: https://affordedseasick.com/c6/77/e8/c677e860e1188598b4dcedec4384d295.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f831a59615f8d5d40b4340b2836f91438c876f8dbce75f78e38360d6fe0f429

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 03:22:32 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 01 Feb 2024 14:48:12 GMT
server: cloudflare
etag: W/"65bbaf2c-1358d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5MmjcEPPVVnb%2Bs562pTnzzGxTs2Wc8kxq4vb8llh0%2FpeCqAaHvYqfHO4Db09i1HKjHPV6WMEYouIhhGixppY%2BqMnN%2FTvfI2J9MSDlRRLd9q147Kuzp%2F4DyuvahJYZrbJONysv3jrxfS%2B0p8CJnzb5Q%2BV%2Brwz"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public, max-age=315360000
cf-ray: 8b360f8f4d729427-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 style.css Show response
cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/css/ 4 KB
2 KB 308ms
192ms XHR
text/css 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/css/style.css
Requested by: Host: affordedseasick.com
URL: https://affordedseasick.com/c6/77/e8/c677e860e1188598b4dcedec4384d295.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 758934b1fbbad9e578664b4efbb5ee3303482d0d37ec7837b4bb2fa4915be70f

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 03:22:32 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 01 Feb 2024 14:48:12 GMT
server: cloudflare
etag: W/"65bbaf2c-e2e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yLJn%2Fy4T4IB9%2F2J7JeK99K8MdLDHI7jdebQnCLLQcQA7WfhLnLMi0EudsQGztJv2adOD3sMnMmxCrvgaCt6ssBZtoPRQLc%2Fk2BqEGumJRFhALSVzxlF4B6WnXXkip5obB43vswQ4On2n4PsXMtQvFPlrNeiW"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public, max-age=315360000
cf-ray: 8b360f8f4d749427-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 script.js Show response
cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/js/ 386 B
699 B 310ms
202ms XHR
application/javascript 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/js/script.js
Requested by: Host: affordedseasick.com
URL: https://affordedseasick.com/c6/77/e8/c677e860e1188598b4dcedec4384d295.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 520a0196a18cbe656f7382a02ec828125e68bdac511b9ebe2bf27f31e262d037

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 03:22:32 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 01 Feb 2024 14:48:15 GMT
server: cloudflare
etag: W/"65bbaf2f-182"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EXklLHdVbpNHdwQD3ogdS%2BzAwZ2vuB%2BaXxW6PTOEmdePaB5WbHS8x1z6BF%2FnAVi8qV8ppxJf1%2BTS5iEkgznr7ydahSJzEH3t%2FA9WG09r9n6I4MmGJtcvkYFYjPyup2uWkRG7ylFxQSO7yB3nruU2oKfAeux2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public, max-age=315360000
cf-ray: 8b360f8f4d739427-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK sbls
softenedcollar.com/pixel/ 0
469 B 118ms
118ms Image
text/plain 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://softenedcollar.com/pixel/sbls?bv=24.32.3879&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Findex.html&l=1553&fd=487.39999997615814
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 15 Aug 2024 03:22:32 GMT
Server: nginx/1.19.5
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F674 7 KB
1 KB 389ms
52ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

Requested by

Host: affordedseasick.com
URL: https://affordedseasick.com/c6/77/e8/c677e860e1188598b4dcedec4384d295.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a27edb907b4b9c1580815a6312982c8d6f926acb9143fd7784ffceaca42e9595

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Aug 2024 03:22:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 15 Aug 2024 01:37:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Aug 2024 03:22:32 GMT

GET
H3 200 1.jpg
cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/img/ Frame F674 35 KB
36 KB 147ms
36ms Image
image/jpeg 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/1/img/1.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b1cc40143d3a9c13f5ffb5040a72ad972bc7d285c7eceef8708efe369fdeb4

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 03:22:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12549548
alt-svc: h3=":443"; ma=86400
content-length: 36061
last-modified: Thu, 01 Feb 2024 14:48:15 GMT
server: cloudflare
etag: "65bbaf2f-8cdd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C%2BY8DRvwPVKnBWp8Ab9%2FvLcbzEDjfss2wlme%2F%2Fk38%2Fcjou9eAqQBbjbuJak2Az1q9mu%2BNJwxlcKDe%2FQa%2Fev67Sc6ZqPxP5TWv9COEF4V%2FiqEUN4TAWi4LTqg8IY09YjqNItW0FCfEuQUtO4EBBYV%2Fc4IuDW0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 8b360f8fe92b9467-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK sbls
softenedcollar.com/pixel/ 0
469 B 126ms
124ms Image
text/plain 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://softenedcollar.com/pixel/sbls?bv=24.32.3879&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Fcss%2Fstyle.css&l=3630&fd=312.09999999403954
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 15 Aug 2024 03:22:32 GMT
Server: nginx/1.19.5
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK sbls
softenedcollar.com/pixel/ 0
469 B 242ms
120ms Image
text/plain 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://softenedcollar.com/pixel/sbls?bv=24.32.3879&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Fjs%2Fscript.js&l=386&fd=313.09999999403954
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 15 Aug 2024 03:22:32 GMT
Server: nginx/1.19.5
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK sbls
softenedcollar.com/pixel/ 0
469 B 357ms
117ms Image
text/plain 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://softenedcollar.com/pixel/sbls?bv=24.32.3879&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F1%2Fcss%2Fanimate.css&l=79245&fd=325.2000000178814
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 15 Aug 2024 03:22:32 GMT
Server: nginx/1.19.5
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK impr.gif
softenedcollar.com/ 7 B
733 B 168ms
104ms Image
image/gif 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://softenedcollar.com/impr.gif?sid=H4sIAAAAAAAC%2F1xSy4scRRyumUgugYCCIIrYBw%2BJZCfTPa8ePEg2MQ92QmIeJJ6kuqpm9ud0VzVV3dObvRiNSI7jXrz2fpPd4COiF28JMqsgBISMXvayIP4Fnr3ITBZH%2FDXN71HfD77vq%2FpsOz9gAXK%2Bry6bTYpjfrpVq3snbvv%2B216PdL7hbYTtD9rNk96ZNI3VLRWtUXa61ejUGm3vxNrFG5d7p7yYhsq7oMTQnPTOrluTqNN%2B0KnV5593nfe5pcMVUPrI7zZrnWYt8INau4sN%2B7%2BByytwvAI5OmAvgeTs%2BN9%2F9kBiCp18d065YWbSU%2B8mecwzYzGSD2%2FqoTaFRrIs%2B7aCvn54iIZxz84%2FgdE7C0Uwo3%2BBEc1Y9ViOSO8%2BJ45oNPGDDqIYSiOSx1CMplDxFMSnEOYeSF6GkLiwCp18e1NTpqS3RnogTfIcw%2BeYGTt65DaomLGjn9ahkyerljJy694NFSthkiTXJHhGRjvvau8sNvolaGMKGkyR5nvINiugYg8i%2BwQkf2Unbr0Bnez2jJZGg%2BT%2Bm1z2g26z2VhpNEOx0lS%2BvxIFbbkSyHpDRvV2vSWjhW1EU1B%2FiliNwV0F%2BfynCvJ%2BFXlaRSL3PV%2F0W51mvSUC3mi0wq7q1v267Id%2B2AnbfthCLuaqxsjSMUQ8hrB3kdq7GNIYNv8Rbr2Ek1W4bMYq732EkSxRKIbCMRScoSCGImMoRuWOjF3gyl0ZuzzyD3NwmBvlxGSD7WjHZAOlXwG3Y1hZbqcH7MWFrX%2F9%2FCqGat8T7U5Hhe268v0wbHXDqCmFkko0G2FTBt0WHJUgV11I3qQZe%2Fnzj5HSjFUu%2FoKI78HFexB0BDx%2FHbwowddLbOpHNORJmrtacqdGEtKUSLMXkN2pbMcH7LUFhbUvtqDEU3YYELZEakt8SD8xDOL7k2umYA%2BumcKx76%2BkGSW0ubjp6xnP1NGv1tSdwlh56Zwbf3lGzA%2Fm5Tc3lMt6XEvSA8e%2BXiUplT1vrFDs8SV3S0VXc7e%2Bmludp72rZ89fSlKrnCOjp%2BD07P0tCJqx4z%2F0Fk%2F6Le93kJ3C5iWSfMmUzBQivQuXLmfOMNh42UdpBUVeTmwQLYcxMcRq2fOohPtPHy3rieXzbU7ltruPga2CZ%2FegkxIjW2IUl%2BDxGC4%2FMslS%2B%2FSd3xqLQBRXJ1Fsqw%2Bi2MZbC5Nn7MofIRzte1GrK5Ssq3pbRK1AdaX0eUeJ0O%2FydrPT9ZG5Wf9xVvwTAAD%2F%2F4Vngj3PBAAA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Aug 2024 03:22:32 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: image/gif
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
Content-Length: 7
X-Request-ID: 7cd94e0c3bf959482abcfcb1aa7d611a
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK sbs
softenedcollar.com/pixel/ 0
469 B 290ms
221ms Image
text/plain 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://softenedcollar.com/pixel/sbs?c=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://federicodigirolamoyc3ip.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Thu, 15 Aug 2024 03:22:32 GMT
Server: nginx/1.19.5
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ Frame F674 18 KB
19 KB 198ms
56ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://federicodigirolamoyc3ip.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:13:05 GMT
x-content-type-options: nosniff
age: 133767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 14:13:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ Frame F674 18 KB
18 KB 212ms
71ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://federicodigirolamoyc3ip.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 14:58:07 GMT
x-content-type-options: nosniff
age: 217465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18536
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Aug 2025 14:58:07 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
proftrafficcounter.com/	1970-01-21 08:24:12	Name: uid_id2 Value: adf29443-348c-4e11-b26d-2d03db0605db:1:1
federicodigirolamoyc3ip.pages.dev/	1970-01-20 22:58:16	Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c Value: adf29443-348c-4e11-b26d-2d03db0605db%3A1%3A1
corneredsedatetedious.com/	1970-01-20 22:49:38	Name: u_pl Value: 17223693
corneredsedatetedious.com/	1970-01-20 22:48:12	Name: ain Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzIyMzY5MywiayI6IjJkMzdlNmQwNzUwNGVmMzA2ZGYyODVmYmZjNTRlYTRlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNDEzNTA1LCJwaWQiOjg0MTY4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6MzIsInB0Ijo0LCJwayI6ImQzcjl5ZnM5aXoiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjUxMzg4NzQ4LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjEzNDAwNSwiYm4iOiJDaHJvbWUiLCJidiI6IjEyNyIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjc3LCJjIjoiR0IiLCJuIjoiVW5pdGVkIEtpbmdkb20ifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCcml0aXNoIFRlbGVjb21tdW5pY2F0aW9ucyBQTEMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2ZlZGVyaWNvZGlnaXJvbGFtb3ljM2lwLnBhZ2VzLmRldi8iLCJhciI6W119fQ.vrSr2JbLqa67tSvdQ54C4ra-I-zFsvAaUxKYzPxWooU
corneredsedatetedious.com/	1970-01-20 22:49:38	Name: pdhtkv Value: true
corneredsedatetedious.com/	1970-01-20 22:49:38	Name: uncs Value: 1
corneredsedatetedious.com/	1970-01-20 22:49:38	Name: pdhtkv32 Value: true
corneredsedatetedious.com/	1970-01-20 22:49:38	Name: uncs32 Value: 1
corneredsedatetedious.com/	1970-01-20 22:58:16	Name: uid_id2 Value: d53f9f58-2c1d-476b-826b-bca004e0e1c1:2:1
corneredsedatetedious.com/	1970-01-20 22:49:38	Name: pdhtkv5 Value: true
corneredsedatetedious.com/	1970-01-20 22:49:38	Name: uncs5 Value: 1
federicodigirolamoyc3ip.pages.dev/	1970-01-21 07:33:48	Name: HstCfa4783699 Value: 1723692150444
federicodigirolamoyc3ip.pages.dev/	1970-01-21 07:33:48	Name: HstCla4783699 Value: 1723692150444
federicodigirolamoyc3ip.pages.dev/	1970-01-21 07:33:48	Name: HstCmu4783699 Value: 1723692150444
federicodigirolamoyc3ip.pages.dev/	1970-01-21 07:33:48	Name: HstPn4783699 Value: 1
federicodigirolamoyc3ip.pages.dev/	1970-01-21 07:33:48	Name: HstPt4783699 Value: 1
federicodigirolamoyc3ip.pages.dev/	1970-01-21 07:33:48	Name: HstCnv4783699 Value: 1
federicodigirolamoyc3ip.pages.dev/	1970-01-21 07:33:48	Name: HstCns4783699 Value: 1
federicodigirolamoyc3ip.pages.dev/	1970-01-20 22:48:19	Name: sb_main_c677e860e1188598b4dcedec4384d295 Value: 1
federicodigirolamoyc3ip.pages.dev/	1970-01-20 22:48:19	Name: sb_count_c677e860e1188598b4dcedec4384d295 Value: 1
softenedcollar.com/	1970-01-20 22:49:38	Name: u_pl Value: 15844634
softenedcollar.com/	1970-01-20 22:58:16	Name: uid_id2 Value: adf29443-348c-4e11-b26d-2d03db0605db:1:1
softenedcollar.com/	1970-01-20 22:49:38	Name: pdhtkv Value: true
softenedcollar.com/	1970-01-20 22:49:38	Name: uncs Value: 1
softenedcollar.com/	1970-01-20 22:49:38	Name: pdhtkv29 Value: true
softenedcollar.com/	1970-01-20 22:49:38	Name: uncs29 Value: 1
federicodigirolamoyc3ip.pages.dev/	1970-01-20 22:48:12	Name: pbpr0tpuw4isk85t8yg3jb2lj5vqf Value: softenedcollar.com

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://myads.my.id/get/site/js/0ec4be041787e105fcb110b4725d4d42 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://affordedseasick.com/2d37e6d07504ef306df285fbfc54ea4e/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://myads.my.id/get/site/js/0ec4be041787e105fcb110b4725d4d42 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://affordedseasick.com/2d37e6d07504ef306df285fbfc54ea4e/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://myads.my.id/get/site/js/0ec4be041787e105fcb110b4725d4d42 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://affordedseasick.com/2d37e6d07504ef306df285fbfc54ea4e/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://myads.my.id/get/site/js/0ec4be041787e105fcb110b4725d4d42 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://affordedseasick.com/2d37e6d07504ef306df285fbfc54ea4e/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://myads.my.id/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://affordedseasick.com/a2fa1c021faaa64dc52545dcd0d45f38/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://myads.my.id/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://affordedseasick.com/a2fa1c021faaa64dc52545dcd0d45f38/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://federicodigirolamoyc3ip.pages.dev/(Line 750) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://federicodigirolamoyc3ip.pages.dev/(Line 750) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://tse1.mm.bing.net/th?q= Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://myads.my.id/get/site/js/f4c445a9929212d3a2108ce0a48d7aec Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://affordedseasick.com/c6/77/e8/c677e860e1188598b4dcedec4384d295.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://myads.my.id/get/site/js/f4c445a9929212d3a2108ce0a48d7aec Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://affordedseasick.com/c6/77/e8/c677e860e1188598b4dcedec4384d295.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://myads.my.id/get/site/js/00e40766c9bb8bf76dcea0f374537f1e Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://myads.my.id/get/site/js/00e40766c9bb8bf76dcea0f374537f1e Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3.bp.blogspot.com
affordedseasick.com
cdn.cloudimagesb.com
cdn.creative-bars1.com
cdn.yourwebbars.com
cdnjs.cloudflare.com
corneredsedatetedious.com
federicodigirolamoyc3ip.pages.dev
fonts.googleapis.com
fonts.gstatic.com
myads.my.id
pagead2.googlesyndication.com
proftrafficcounter.com
recordedthereby.com
s10.histats.com
s4.histats.com
shayscholz.blogspot.com
softenedcollar.com
suggestqueries.google.com
tse1.mm.bing.net
unseenreport.com
172.240.253.132
18.195.79.25
192.243.59.13
192.243.61.227
2606:4700:10::ac42:8472
2606:4700:20::681a:613
2606:4700:310c::ac42:2ccf
2606:4700::6811:180e
2620:1ec:33::10
2a00:1450:4001:80f::200a
2a00:1450:4001:811::200e
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:831::2001
2a06:98c1:3120::3
2a06:98c1:3120::9
2a06:98c1:3121::3
45.133.44.10
54.39.128.117
0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
090ccf5a3f72966a551781af55093364a34f157f0465ac249278dc1b860297b7
17f85e1d5aea1cd0ea651dc82491b7ab0a0f840390d5723fe8cd21a802ae3bb8
1c5500a9153c7d0eb092236c6ffb853342e5cc07f575c793d2a2d84a8f8ba070
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2ed241cd8ded2fab1fcb18311a5295cf0c43c60905193c3e88d95e9be0872859
388886fcc8c3db98b130b17563b7f4f81c7582b5dcaf9a534c3ce13a73b0f9f8
3f831a59615f8d5d40b4340b2836f91438c876f8dbce75f78e38360d6fe0f429
46112dbceed738f759d03f04b115d5256a7d73660b7795acb382192ad84d9f98
4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b
520a0196a18cbe656f7382a02ec828125e68bdac511b9ebe2bf27f31e262d037
5ffae3c0e627b6a2083d67639bfa32ecfe695671ee25f8e1315d2067a4e28df4
69074867c465ce372e59d204e7172f858001a054de934e26f0e7fd0c012d2918
758934b1fbbad9e578664b4efbb5ee3303482d0d37ec7837b4bb2fa4915be70f
76dc8e22c5e2dab50604fcc902e6b5579154b806c5468f82fa68e6a1727906f5
7edda2585f580c167fd4e3a6c162534548cda437f8bef67c544f3aa9c162a17c
864aad55d445c6cab1d098a3d786ed8965c164ee7d79d1d2df11f88cc486b651
879cbf0b90334918bcfc225a36fc9a16f3b63c254fd73c46d705c6b6dbbc7c65
892770f87203561e88170098d4d7bf67c604abc086e165cbe07782aab5514a38
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
92d6fd0a4f3cbf88c577416263f7011c180fe49b16589270e7109d3de4fbbdcd
939f33bd9fd32633218078f8d31ab3560adf6887ee20450bda193420889c5740
975381fd677695b4fe94a1352d347098a5acd8af613c89d28459dd8dd661b26e
a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f
a27edb907b4b9c1580815a6312982c8d6f926acb9143fd7784ffceaca42e9595
a2b1cc40143d3a9c13f5ffb5040a72ad972bc7d285c7eceef8708efe369fdeb4
a73573898a2702359d256caddc3b06a8e2f1ca74ee0b474caae8b93c13296e5f
aa0d7a47a1d6b923137aa4e069744d472504efd3bc2189f40ce64f2c51124d17
aba32ac81423e3689fb90338e51fbdf841d9aa5ddcb38f485be2fdd17efd1597
adcd019b3482529f7d5d1e10840e400ed3f5a85adde89aba34ab3f7c978b7a36
ba048f19bf3c3d408f4187dbbefc5f9ed1fda203d07fb430edf2062e02438601
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
cb63305035c57bf9d2d2cdca42c28adf15860b1807c7a40c6a1bfd72058848f1
d7222ca461c65cffd0e537018b98b0ef88eda9e0396882609f89d91252a199e3
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f53bba61704138e18c9373a89b36aa4cfc03b9db23db3d944f32cc67a11bfcff
f6bb7bab06e686c19c76b38777825f174cc6ddeeddd62b1e902137bfe512bb9a
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

federicodigirolamoyc3ip.pages.dev Open in urlscan Pro 2606:4700:310c::ac42:2ccf Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

47 Requests

94 %HTTPS

68 %IPv6

19 Domains

21 Subdomains

20 IPs

3 Countries

500 kBTransfer

934 kBSize

27 Cookies

1 Outgoing links

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

federicodigirolamoyc3ip.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2ccf Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

94 %
HTTPS

68 %
IPv6

19
Domains

21
Subdomains

20
IPs

3
Countries

500 kB
Transfer

934 kB
Size

27
Cookies

47 HTTP transactions
1 data transactions