urlscan.io logo urlscan.io
SecurityTrails logo

andaru0517.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2f29  Public Scan

Go To Rescan Add Verdict Report
URL: https://andaru0517.pages.dev/
Submission: On July 18 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 18 domains to perform 28 HTTP transactions. The main IP is 2606:4700:310c::ac42:2f29, located in United States and belongs to CLOUDFLARENET, US. The main domain is andaru0517.pages.dev.
TLS certificate: Issued by WE1 on July 15th 2024. Valid for: 3 months.
This is the only time andaru0517.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:310... 13335 (CLOUDFLAR...)
1 172.240.108.76 7979 (SERVERS-COM)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.2.97.40 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2620:1ec:33:1... 8075 (MICROSOFT...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 172.240.108.84 7979 (SERVERS-COM)
1 158.69.254.144 16276 (OVH)
2 2606:4700:21:... 13335 (CLOUDFLAR...)
1 45.133.44.10 39572 (ADVANCEDH...)
1 2606:4700:21:... 13335 (CLOUDFLAR...)
2 23.48.203.100 20940 (AKAMAI-ASN1)
1 3.21.82.98 16509 (AMAZON-02)
1 104.18.34.83 13335 (CLOUDFLAR...)
2 67.202.105.33 32748 (STEADFAST)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 18.206.4.140 14618 (AMAZON-AES)
28 19
1    2606:4700:310c::ac42:2f29 (United States)

ASN13335 (CLOUDFLARENET, US)
andaru0517.pages.dev
1    172.240.108.76 (United States)

ASN7979 (SERVERS-COM, US)
restlesscompeldescend.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    52.2.97.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-97-40.compute-1.amazonaws.com
proftrafficcounter.com
1    2607:f8b0:4004:c09::65 (Washington, United States)

ASN15169 (GOOGLE, US)
suggestqueries.google.com
1    2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
tse1.mm.bing.net
2    2606:4700:10::6814:1347 (United States)

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
2    172.240.108.84 (United States)

ASN7979 (SERVERS-COM, US)
poundswarden.com
1    158.69.254.144 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns548341.ip-158-69-254.net
s4.histats.com
2    2606:4700:21::8d65:780b (United States)

ASN13335 (CLOUDFLARENET, US)
e.dtscout.com
t.dtscout.com
1    45.133.44.10 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
cdn.cloudimagesb.com
1    2606:4700:21::8d65:780a (United States)

ASN13335 (CLOUDFLARENET, US)
t.dtscout.com
2    23.48.203.100 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-203-100.deploy.static.akamaitechnologies.com
pxdrop.lijit.com
1    3.21.82.98 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-21-82-98.us-east-2.compute.amazonaws.com
pd.sharethis.com
1    104.18.34.83 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.tynt.com
2    67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
ic.tynt.com
de.tynt.com
1    2606:4700:20::ac43:4aba (United States)

ASN13335 (CLOUDFLARENET, US)
t.dtscdn.com
2    18.206.4.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-206-4-140.compute-1.amazonaws.com
bcp.crwdcntrl.net
Apex Domain
Subdomains		 Transfer
3 tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 18487
ic.tynt.com — Cisco Umbrella Rank: 15045
de.tynt.com — Cisco Umbrella Rank: 2349
9 KB
3 dtscout.com
e.dtscout.com — Cisco Umbrella Rank: 8004
t.dtscout.com — Cisco Umbrella Rank: 6811
4 KB
3 histats.com
s10.histats.com — Cisco Umbrella Rank: 6836
s4.histats.com — Cisco Umbrella Rank: 6819
12 KB
2 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1296
836 B
2 lijit.com
pxdrop.lijit.com — Cisco Umbrella Rank: 6153
2 KB
2 poundswarden.com
poundswarden.com — Cisco Umbrella Rank: 55842
6 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
26 KB
1 dtscdn.com
t.dtscdn.com — Cisco Umbrella Rank: 7251
604 B
1 sharethis.com
pd.sharethis.com — Cisco Umbrella Rank: 30000
197 B
1 cloudimagesb.com
cdn.cloudimagesb.com — Cisco Umbrella Rank: 13358
141 KB
1 bing.net
tse1.mm.bing.net — Cisco Umbrella Rank: 3687
1 KB
1 google.com
suggestqueries.google.com — Cisco Umbrella Rank: 923
758 B
1 proftrafficcounter.com
proftrafficcounter.com — Cisco Umbrella Rank: 8770
304 B
1 restlesscompeldescend.com
restlesscompeldescend.com — Cisco Umbrella Rank: 920987
12 KB
1 pages.dev
andaru0517.pages.dev
6 KB
0 simpli.fi Failed
i.simpli.fi Failed
0 33across.com Failed
cdn-tc.33across.com Failed
lex.33across.com Failed
0 bluekai.com Failed
tags.bluekai.com Failed
28 18
Domain Requested by
2 bcp.crwdcntrl.net 1 redirects andaru0517.pages.dev
2 pxdrop.lijit.com e.dtscout.com
pxdrop.lijit.com
2 t.dtscout.com e.dtscout.com
2 poundswarden.com 1 redirects andaru0517.pages.dev
2 s10.histats.com andaru0517.pages.dev
s10.histats.com
2 cdnjs.cloudflare.com andaru0517.pages.dev
1 de.tynt.com cdn.tynt.com
1 t.dtscdn.com e.dtscout.com
1 ic.tynt.com andaru0517.pages.dev
1 cdn.tynt.com e.dtscout.com
1 pd.sharethis.com e.dtscout.com
1 cdn.cloudimagesb.com andaru0517.pages.dev
1 e.dtscout.com s4.histats.com
1 s4.histats.com s10.histats.com
1 tse1.mm.bing.net andaru0517.pages.dev
1 suggestqueries.google.com andaru0517.pages.dev
1 proftrafficcounter.com restlesscompeldescend.com
1 restlesscompeldescend.com andaru0517.pages.dev
1 andaru0517.pages.dev
0 i.simpli.fi Failed andaru0517.pages.dev
0 lex.33across.com Failed andaru0517.pages.dev
0 cdn-tc.33across.com Failed de.tynt.com
0 tags.bluekai.com Failed andaru0517.pages.dev
28 23

This site contains links to these domains. Also see Links.

Domain
restlesscompeldescend.com
Subject Issuer Validity Valid
andaru0517.pages.dev
WE1		 2024-07-15 -
2024-10-13		 3 months crt.sh
*.restlesscompeldescend.com
R3		 2024-06-04 -
2024-09-02		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
proftrafficcounter.com
Amazon RSA 2048 M02		 2023-11-21 -
2024-12-19		 a year crt.sh
*.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.mm.bing.net
Microsoft Azure RSA TLS Issuing CA 03		 2024-05-02 -
2024-10-29		 6 months crt.sh
s10.histats.com
E5		 2024-06-09 -
2024-09-07		 3 months crt.sh
histats.com
R3		 2024-05-13 -
2024-08-11		 3 months crt.sh
dtscout.com
WE1		 2024-07-13 -
2024-10-11		 3 months crt.sh
cdn.cloudimagesb.com
R3		 2024-05-21 -
2024-08-19		 3 months crt.sh
cert2-prod.aut.a24365.net
R11		 2024-06-24 -
2024-09-22		 3 months crt.sh
sharethis.com
Amazon RSA 2048 M03		 2024-04-21 -
2025-05-20		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-05 -
2024-09-30		 a year crt.sh
dtscdn.com
WE1		 2024-07-09 -
2024-10-07		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://andaru0517.pages.dev/
Frame ID: 6154FA96181447EF963AF2104AD5FB0A
Requests: 24 HTTP requests in this frame

Frame: https://cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
Frame ID: BD30D075DEF28C1C61CC214F92BA08A8
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=51A01721287593DB5C91A165D53F6518
Frame ID: AB57D644FC71F703F390898407D561F7
Requests: 1 HTTP requests in this frame

Frame: https://pxdrop.lijit.com/a/t_.htm?ver=1.1466.770&cid=c026&cls=sync
Frame ID: 06CBD44B5B090B89F5EF53E2C9E6F467
Requests: 1 HTTP requests in this frame

Frame: https://cdn-tc.33across.com/lotame-sync.html
Frame ID: BDAFB75CCB84D28E4FB7DA8E97B5EF18
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

75 %
HTTPS

44 %
IPv6

18
Domains

23
Subdomains

19
IPs

4
Countries

219 kB
Transfer

327 kB
Size

30
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://poundswarden.com/watch.93708534201.js?key=50a9bbd8cc622d9f4f8c9125aa08fd11&kw=%5B%5D&refer=https%3A%2F%2Fandaru0517.pages.dev%2F&tz=-10&dev=r&res=14.31&uuid=0229e8d2-f17f-4c16-8801-90af44bfe0db%3A1%3A1 HTTP 307
  • https://poundswarden.com/watch.93708534201.js?dev=r&key=50a9bbd8cc622d9f4f8c9125aa08fd11&kw=%5B%5D&pst=1721287652&refer=https%3A%2F%2Fandaru0517.pages.dev%2F&res=14.31&rmtc=t&shu=90831144c886637d8bee50b10910675c277226fcfae0a5b3126997bfadb7221299dec91b0f868ecd0d3048ce81fe4ca0746cebd2fe60e19ae7179a980b05620592c93b93e8e7775eee8e7a987f85beb1e712027574155be3b75cf4&tz=-10&uuid=0229e8d2-f17f-4c16-8801-90af44bfe0db%3A1%3A1
Request Chain 20
  • https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=51A01721287593DB5C91A165D53F6518 HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=51A01721287593DB5C91A165D53F6518
Request Chain 21
  • https://pixel.onaudience.com/?partner=137085098&mapped=51A01721287593DB5C91A165D53F6518 HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=319bc75da4ddc109

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
andaru0517.pages.dev/ 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://andaru0517.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2f29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ed283562f7237ecd13e35b48e8e493d5cd289db2334877db0b93cd70c3704d6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
8a50be6beb474cb2-PHL
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 18 Jul 2024 07:26:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Ba9yuqwJo4VsmbHrj%2FYQsD%2Bftg9bnhKHIecvc%2Bun9zyogo5x37BR%2FMMteeA6zE%2Fl5YTBxcG63ebxMZLW%2FLxJbClW2hJEcJ0wnK1kfvi68wfs4v%2Fmju%2FAqV2VHEGQ%2BGTULxIKGUNbcc7VqonLbYFEWBEBqw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
invoke.js
restlesscompeldescend.com/50a9bbd8cc622d9f4f8c9125aa08fd11/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://restlesscompeldescend.com/50a9bbd8cc622d9f4f8c9125aa08fd11/invoke.js
Requested by
Host: andaru0517.pages.dev
URL: https://andaru0517.pages.dev/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.76 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
31a362d6cccf1a2681d6c2887df7e3a878de6c2e31f50466b4c0cd240b6cb768
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://andaru0517.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Jul 2024 07:26:31 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache, max-age=0, private, no-cache
Connection
keep-alive
X-Request-ID
5ecaf4343b71598a3c3a183ba366a687
Expires
Thu, 01 Jan 1970 00:00:01 GMT
jquery.slim.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		71 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.slim.min.js
Requested by
Host: andaru0517.pages.dev
URL: https://andaru0517.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://andaru0517.pages.dev/
Origin
https://andaru0517.pages.dev
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 07:26:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
498002
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
22329
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-11ab4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q0xgrHW2WoSig2z7pVwlPwDgKyRsQToAgpbf2cmifbG9XzJ0P6lUOHYaGfNW2ubZ56Wh3kAZJOn3C%2BMXr8XO%2F6U%2FghyHy0NeAXyGYWn6EpMIxdl1hROdx3%2FrGfsYR2gaT6zo3gm1wbpdAEo2DUIwzBG6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a50be6f4d687281-EWR
expires
Tue, 08 Jul 2025 07:26:30 GMT
lazysizes.min.js
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.0/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.0/lazysizes.min.js
Requested by
Host: andaru0517.pages.dev
URL: https://andaru0517.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46112dbceed738f759d03f04b115d5256a7d73660b7795acb382192ad84d9f98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://andaru0517.pages.dev/
Origin
https://andaru0517.pages.dev
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 07:26:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
353089
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3150
last-modified
Sat, 02 Jan 2021 18:12:41 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ff0b799-1ed1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wjRY4%2BeCfatGtYak0HKYWaxyn8xoRSBt374piPQ5CS4in%2FTd2EI7R9K82BFEApHIRW2sJ991lhgiYhodqr4tNDcnus1xfibw73ANvRBQsZdePgWdepzI8FVXYzCD%2FYfOxFsfIom8MP4C9MQ2Mca6cRfM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a50be6f4d677281-EWR
expires
Tue, 08 Jul 2025 07:26:30 GMT
stats
proftrafficcounter.com/ 		40 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proftrafficcounter.com/stats
Requested by
Host: restlesscompeldescend.com
URL: https://restlesscompeldescend.com/50a9bbd8cc622d9f4f8c9125aa08fd11/invoke.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.97.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-97-40.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
8a33044a9a9eca3e9178dc0d491232b57640e253b37722dd1490214ec84c2374

Request headers

Referer
https://andaru0517.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://andaru0517.pages.dev
date
Thu, 18 Jul 2024 07:26:31 GMT
access-control-allow-credentials
true
server
fasthttp
content-length
40
vary
Origin
content-type
text/html; charset=UTF-8
search
suggestqueries.google.com/complete/ 		20 B
758 B 		Script
General
Check archive.org
Download Go to
Full URL
https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=
Requested by
Host: andaru0517.pages.dev
URL: https://andaru0517.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
5ffae3c0e627b6a2083d67639bfa32ecfe695671ee25f8e1315d2067a4e28df4
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-VmO8PkEoGF-8vIxfoaO7gA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://andaru0517.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 18 Jul 2024 07:26:31 GMT
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-VmO8PkEoGF-8vIxfoaO7gA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
content-encoding
br
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
server
gws
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
permissions-policy
unload=()
expires
-1
th
tse1.mm.bing.net/ 		727 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=
Requested by
Host: andaru0517.pages.dev
URL: https://andaru0517.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7edda2585f580c167fd4e3a6c162534548cda437f8bef67c544f3aa9c162a17c

Request headers

Referer
https://andaru0517.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jul 2024 07:26:31 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C5E45F0F40D1403BBC1A694CD06E0CD9 Ref B: PHL30EDGE0409 Ref C: 2024-07-18T07:26:31Z
access-control-allow-methods
GET, POST, OPTIONS
x-cache
TCP_MISS
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
cache-control
no-cache
timing-allow-origin
*
access-control-allow-headers
*
content-length
727
expires
-1
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: andaru0517.pages.dev
URL: https://andaru0517.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:1347 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer
https://andaru0517.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 07:26:32 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
44983
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
8a50be7aea5343fe-EWR
content-length
4547
watch.93708534201.js
poundswarden.com/
Redirect Chain
  • https://poundswarden.com/watch.93708534201.js?key=50a9bbd8cc622d9f4f8c9125aa08fd11&kw=%5B%5D&refer=https%3A%2F%2Fandaru0517.pages.dev%2F&tz=-10&dev=r&res=14.31&uuid=0229e8d2-f17f-4c16-8801-90af44bf...
  • https://poundswarden.com/watch.93708534201.js?dev=r&key=50a9bbd8cc622d9f4f8c9125aa08fd11&kw=%5B%5D&pst=1721287652&refer=https%3A%2F%2Fandaru0517.pages.dev%2F&res=14.31&rmtc=t&shu=90831144c886637d8b...
3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://poundswarden.com/watch.93708534201.js?dev=r&key=50a9bbd8cc622d9f4f8c9125aa08fd11&kw=%5B%5D&pst=1721287652&refer=https%3A%2F%2Fandaru0517.pages.dev%2F&res=14.31&rmtc=t&shu=90831144c886637d8bee50b10910675c277226fcfae0a5b3126997bfadb7221299dec91b0f868ecd0d3048ce81fe4ca0746cebd2fe60e19ae7179a980b05620592c93b93e8e7775eee8e7a987f85beb1e712027574155be3b75cf4&tz=-10&uuid=0229e8d2-f17f-4c16-8801-90af44bfe0db%3A1%3A1
Requested by
Host: andaru0517.pages.dev
URL: https://andaru0517.pages.dev/
Protocol
HTTP/1.1
Server
172.240.108.84 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
74bd1b7bcea34f93db4e27f0b9f015ab60275b323cdf0528dece166dca9f3f08
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://andaru0517.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 18 Jul 2024 07:26:32 GMT
Custom-Referer
https://andaru0517.pages.dev
Content-Encoding
gzip
Strict-Transport-Security
max-age=0; includeSubdomains
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
X-Request-ID
923f4fb0949a6cc0eb9128de573320b1
Pragma
no-cache
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type
text/html
Access-Control-Allow-Origin
https://andaru0517.pages.dev
Cache-Control
no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date
Thu, 18 Jul 2024 07:26:32 GMT
Custom-Referer
https://andaru0517.pages.dev
Strict-Transport-Security
max-age=0; includeSubdomains
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
Content-Length
0
X-Request-ID
5aad470bc7e8155b4ce3f15ccae83359
Pragma
no-cache
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type
text/html
Access-Control-Allow-Origin
https://andaru0517.pages.dev
Location
https://poundswarden.com/watch.93708534201.js?dev=r&key=50a9bbd8cc622d9f4f8c9125aa08fd11&kw=%5B%5D&pst=1721287652&refer=https%3A%2F%2Fandaru0517.pages.dev%2F&res=14.31&rmtc=t&shu=90831144c886637d8bee50b10910675c277226fcfae0a5b3126997bfadb7221299dec91b0f868ecd0d3048ce81fe4ca0746cebd2fe60e19ae7179a980b05620592c93b93e8e7775eee8e7a987f85beb1e712027574155be3b75cf4&tz=-10&uuid=0229e8d2-f17f-4c16-8801-90af44bfe0db%3A1%3A1
Cache-Control
no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:01 GMT
4872544.php
s4.histats.com/stats/ 		379 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/4872544.php?4872544&@f16&@g1&@h1&@i1&@j1721287592206&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s8&@ten-US&@u1600&@b1:-55662070&@b3:1721287592&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fandaru0517.pages.dev%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
b18ba82b40bfda90e5cfeaadf4338641c7bec2366309d6fc422766aaf8b4f2dd

Request headers

Referer
https://andaru0517.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 18 Jul 2024 07:26:32 GMT
Connection
close
Content-Length
379
Content-Type
text/html;charset=UTF-8
cc_8.js
s10.histats.com/counters/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/counters/cc_8.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:1347 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73c84bc712d3b49148b9b1bc957cee1bf5d32824ee20a11cf8dcd4f807bdc1eb

Request headers

Referer
https://andaru0517.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 07:26:32 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:45:32 GMT
server
cloudflare
age
70367
etag
"1447713063"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
8a50be7f0d4243fe-EWR
content-length
6452
/
e.dtscout.com/e/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fandaru0517.pages.dev%2F&j=
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/4872544.php?4872544&@f16&@g1&@h1&@i1&@j1721287592206&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s8&@ten-US&@u1600&@b1:-55662070&@b3:1721287592&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fandaru0517.pages.dev%2F&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba85c01e1ac6f7205f4d7613329d7a781399ce0c0bd782047832475b3347e8d4

Request headers

Referer
https://andaru0517.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 07:26:33 GMT
x-t
0.287
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H9q42SerfWhfPutqcoaeydQY0KnX8Mij3e3faliUfP4DySHGByA%2FdJ9zwE0TamrDoQokAJULEnBw3qtdqXtaNQtf9ZiiiH%2FYnTvIE62sLjk3iuaG9z%2FDMj45njx9RTVPTbb%2FI8%2Fn54%2FIz8E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
ger1
cf-ray
8a50be815c27c41d-EWR
expires
Thu, 18 Jul 2024 07:26:32 GMT
1658920033.png
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/ Frame BD30 		141 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
Requested by
Host: andaru0517.pages.dev
URL: https://andaru0517.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.10 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Sat, 20 Jul 2024 07:26:33 GMT
date
Thu, 18 Jul 2024 07:26:33 GMT
last-modified
Wed, 27 Jul 2022 11:07:21 GMT
server
nginx/1.21.6
etag
"62e11c69-233fb"
content-type
image/png
cache-control
max-age=172800
accept-ranges
bytes
content-length
144379
x-proxy-cache
HIT
/
t.dtscout.com/idg/ Frame AB57 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/idg/?su=51A01721287593DB5C91A165D53F6518
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fandaru0517.pages.dev%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://andaru0517.pages.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8a50be857eb043e6-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 18 Jul 2024 07:26:33 GMT
expires
Thu, 18 Jul 2024 07:26:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JEyQuFTAbw9RFmrNvbp5jMmCMDdcv7oU3ZhaiS1tbZmvHfFWCM%2BOYxciys%2F8IZwLmXLaJqb%2F3cj8A411P6X7v2i44InuS8fKG0vp76nlWW2UueSj8vwRHhdMgJvyJAc2AsbhJERr%2F6QAnHU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
t.dhj
pxdrop.lijit.com/1/d/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?cls=sync&dmn=andaru0517.pages.dev&GDPR_v2=&us_privacy=&pubid=dt_scout&gpp=&gpp_sid=
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fandaru0517.pages.dev%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.203.100 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-203-100.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
eeb3c5c16bf7e0baac63207dca1e3a48ede607a5e466a25ce9dc9100f70d3ad5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://andaru0517.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 18 Jul 2024 07:26:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1398
Expires
Thu, 18 Jul 2024 08:26:33 GMT
dtscout
pd.sharethis.com/pd/ 		0
197 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fandaru0517.pages.dev%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.82.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-82-98.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
https://andaru0517.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 18 Jul 2024 07:26:33 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
0
afwu.js
cdn.tynt.com/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/afwu.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fandaru0517.pages.dev%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8

Request headers

Referer
https://andaru0517.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 07:26:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 15:09:01 GMT
server
cloudflare
age
136064
etag
W/"651ed18d-4c00"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8a50be8569d032b2-PHL
expires
Sun, 21 Jul 2024 07:26:33 GMT
/
t.dtscout.com/pv/ 		51 B
347 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=andaru0517.pages.dev&_ss=4mg2hixr63&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=1ab8&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fandaru0517.pages.dev%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de542f2bf5e847c1ca7bd2a584e0270190d518d3c34a30a1e886152310ed8d66

Request headers

Referer
https://andaru0517.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 07:26:33 GMT
x-t
0.127
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7tscHlcJs2Q78IZyv%2FLRbtTaJ0ZTYfQUdp5YxFbpez%2BX4lLNxkPQC9sd%2BrZ%2F6LT9G9Ah%2BIFh6Ov%2Bl4PsMal4mAqQwi8CKuvuTf82CuzD60GB%2B5Cy5RNloTnivhbIq91izyYYC3QSXjndXEM%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
8a50be838d9ec41d-EWR
expires
Thu, 18 Jul 2024 07:26:32 GMT
t_.htm
pxdrop.lijit.com/a/ Frame 06CB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/a/t_.htm?ver=1.1466.770&cid=c026&cls=sync
Requested by
Host: pxdrop.lijit.com
URL: https://pxdrop.lijit.com/1/d/t.dhj?cls=sync&dmn=andaru0517.pages.dev&GDPR_v2=&us_privacy=&pubid=dt_scout&gpp=&gpp_sid=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.203.100 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-203-100.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://andaru0517.pages.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1174
Content-Type
text/html
Date
Thu, 18 Jul 2024 07:26:34 GMT
Expires
Thu, 25 Jul 2024 07:26:34 GMT
X-Robots-Tag
noindex, nofollow
p
ic.tynt.com/b/ 		35 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1721287593939&dn=AFWU&iso=0&pu=https%3A%2F%2Fandaru0517.pages.dev%2F&t=andaru0517.pages.dev&chmob=0
Requested by
Host: andaru0517.pages.dev
URL: https://andaru0517.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://andaru0517.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 07:26:34 GMT
last-modified
Fri, 16 Apr 2010 15:38:20 GMT
server
nginx/1.16.1
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
etag
"4bc8846c-23"
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges
bytes
content-length
35
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
/
t.dtscdn.com/widget/ 		0
604 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscdn.com/widget/?d=51A01721287593DB5C91A165D53F6518&nid=300&p=2114454483&t=600&s=1600x1200x24&u=https%3A%2F%2Fandaru0517.pages.dev%2F&r=
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fandaru0517.pages.dev%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://andaru0517.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 07:26:34 GMT
x-t
1.15
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xW4tOCXtd%2B9CO4JeXpp2s82B9D4PqLGvGhDNt6LeSZJTs9Q3tr4t04wavfoiO%2F02PYdsZP%2FGXP63zl2JqsBlCVFhezWaJ%2FiUsopQNqTy0lqlMxYB%2BnILbQh%2FS9A3neaEurhhDBcZRApePQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web14.ny1.dtscdn.com
cf-ray
8a50be8969d47c96-EWR
expires
Thu, 18 Jul 2024 04:53:47 GMT
tpid=51A01721287593DB5C91A165D53F6518
bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=51A01721287593DB5C91A165D53F6518
  • https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=51A01721287593DB5C91A165D53F6518
49 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=51A01721287593DB5C91A165D53F6518
Requested by
Host: andaru0517.pages.dev
URL: https://andaru0517.pages.dev/
Protocol
H2
Server
18.206.4.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-206-4-140.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://andaru0517.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jul 2024 07:26:34 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.48.233
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 18 Jul 2024 07:26:34 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=51A01721287593DB5C91A165D53F6518
cache-control
no-cache
x-server
10.40.58.106
content-length
0
expires
0
33141
tags.bluekai.com/site/
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=51A01721287593DB5C91A165D53F6518
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=319bc75da4ddc109
0
0
v2
de.tynt.com/deb/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=&pu=https%3A%2F%2Fandaru0517.pages.dev%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
e2f74bd2d33467879f4c86aa330efa33cc0739c0b2db62e4f51910f7587236aa

Request headers

Referer
https://andaru0517.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Thu, 18 Jul 2024 07:26:34 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
1094
expires
Sat, 26 Jul 1997 05:00:00 GMT
lotame-sync.html
cdn-tc.33across.com/ Frame BDAF 		0
0
/
lex.33across.com/ps/v1/pubtoken/ 		0
0
dpx
i.simpli.fi/ 		0
0
dpx
i.simpli.fi/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tags.bluekai.com
URL
https://tags.bluekai.com/site/33141?&id=319bc75da4ddc109
Domain
cdn-tc.33across.com
URL
https://cdn-tc.33across.com/lotame-sync.html
Domain
lex.33across.com
URL
https://lex.33across.com/ps/v1/pubtoken/?pid=128&us_privacy=&rnd=1721287594724.1&ru=https%3A%2F%2Flive.rezync.com%2Fsync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3Dcab5a4722e64fa65aba8e60b6da5d556%26pcat%3D%26pdev%3D%26pctry%3DUS%26referrer%3Dhttps%253A%252F%252Fandaru0517.pages.dev%252F%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cache_buster%3D%24%7BRANDOM%7D%26custom1%3D%24%7BPUBTOK%7D
Domain
i.simpli.fi
URL
https://i.simpli.fi/dpx?cid=11411&us_privacy=&33random=1721287594724.2&ref=
Domain
i.simpli.fi
URL
https://i.simpli.fi/dpx?cid=11411&us_privacy=&33random=1721287594724.4&ref=

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 string| baseUrl function| _0x1e60 function| _0x3c53 object| LieDetector object| atAsyncContainers function| $ function| jQuery object| lazySizes function| autoRelated function| parseSpintax object| seco object| seca object| sece object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_8_setValues function| _HistatsCounterGraphics_8 function| histats_canvascounters_base.js object| a object| cv object| Tynt object| _dtspv object| _33Across function| __uspapi number| char

30 Cookies

Domain/Path Name / Value
proftrafficcounter.com/ Name: uid_id2
Value: 0229e8d2-f17f-4c16-8801-90af44bfe0db:1:1
andaru0517.pages.dev/ Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c
Value: 0229e8d2-f17f-4c16-8801-90af44bfe0db%3A1%3A1
andaru0517.pages.dev/ Name: HstCfa4872544
Value: 1721287592206
andaru0517.pages.dev/ Name: HstCla4872544
Value: 1721287592206
andaru0517.pages.dev/ Name: HstCmu4872544
Value: 1721287592206
andaru0517.pages.dev/ Name: HstPn4872544
Value: 1
andaru0517.pages.dev/ Name: HstPt4872544
Value: 1
andaru0517.pages.dev/ Name: HstCnv4872544
Value: 1
andaru0517.pages.dev/ Name: HstCns4872544
Value: 1
poundswarden.com/ Name: u_pl
Value: 16560286
poundswarden.com/ Name: ain
Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjU2MDI4NiwiayI6IjUwYTliYmQ4Y2M2MjJkOWY0ZjhjOTEyNWFhMDhmZDExIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjQ4Mjc1LCJwaWQiOjIxNjQzMCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjo1LCJwdCI6NCwicGsiOiJrYWU5MHNjMDEiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjQ3ODQyMTQ0LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjEzMzQ2OCwiYm4iOiJDaHJvbWUiLCJidiI6IjEyNiIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjIyMywiYyI6IlVTIiwibiI6IlVuaXRlZCBTdGF0ZXMifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJWZXJpem9uIEludGVybmV0IFNlcnZpY2VzIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9hbmRhcnUwNTE3LnBhZ2VzLmRldi8iLCJhciI6W119fQ.RC57bgh4hOeCaFn4k61FsMug7An8RNV3_PM5Pq5oaWQ
poundswarden.com/ Name: uid_id2
Value: 0229e8d2-f17f-4c16-8801-90af44bfe0db:1:1
poundswarden.com/ Name: iprc9568a4bdc4cc15b16b8671e88c5a9228
Value: 3569806
poundswarden.com/ Name: pdhtkv
Value: true
poundswarden.com/ Name: uncs
Value: 1
poundswarden.com/ Name: pdhtkv5
Value: true
poundswarden.com/ Name: uncs5
Value: 1
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: st
Value: 1
.dtscout.com/ Name: df
Value: 1721287593
.dtscout.com/ Name: l
Value: 51A01721287593DB5C91A165D53F6518
.lijit.com/ Name: lijitAcc3PC
Value: 1
.andaru0517.pages.dev/ Name: __dtsu
Value: 51A01721287593DB5C91A165D53F6518
.dtscdn.com/ Name: uid
Value: 51A01721287593DB5C91A165D53F6518
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 43eeb0bc51e6521142755ee273590c18
.tynt.com/ Name: uid
Value: k3eNWWaYw6oHOLzCCpTf4A==
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%224bbb341d17%22%2C%22f%22%3A1%2C%22ts%22%3A1721287594724%7D%2C%7B%22p%22%3A%22b1b5df9b98%22%2C%22f%22%3A1%2C%22ts%22%3A1721287594724%7D%2C%7B%22p%22%3A%22e9b03986ff%22%2C%22f%22%3A2%2C%22ts%22%3A1721287594724%7D%5D
.onaudience.com/ Name: cookie
Value: f01af09edf509b75
.onaudience.com/ Name: done_redirects109
Value: 1

3 Console Messages

Source Level URL
Text
javascript warning URL: https://andaru0517.pages.dev/(Line 152)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://andaru0517.pages.dev/(Line 152)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://tse1.mm.bing.net/th?q=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

andaru0517.pages.dev
bcp.crwdcntrl.net
cdn-tc.33across.com
cdn.cloudimagesb.com
cdn.tynt.com
cdnjs.cloudflare.com
de.tynt.com
e.dtscout.com
i.simpli.fi
ic.tynt.com
lex.33across.com
pd.sharethis.com
poundswarden.com
proftrafficcounter.com
pxdrop.lijit.com
restlesscompeldescend.com
s10.histats.com
s4.histats.com
suggestqueries.google.com
t.dtscdn.com
t.dtscout.com
tags.bluekai.com
tse1.mm.bing.net
cdn-tc.33across.com
i.simpli.fi
lex.33across.com
tags.bluekai.com
104.18.34.83
158.69.254.144
172.240.108.76
172.240.108.84
18.206.4.140
23.48.203.100
2606:4700:10::6814:1347
2606:4700:20::ac43:4aba
2606:4700:21::8d65:780a
2606:4700:21::8d65:780b
2606:4700:310c::ac42:2f29
2606:4700::6811:190e
2607:f8b0:4004:c09::65
2620:1ec:33:1::10
3.21.82.98
45.133.44.10
52.2.97.40
67.202.105.33
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
31a362d6cccf1a2681d6c2887df7e3a878de6c2e31f50466b4c0cd240b6cb768
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8
46112dbceed738f759d03f04b115d5256a7d73660b7795acb382192ad84d9f98
5ed283562f7237ecd13e35b48e8e493d5cd289db2334877db0b93cd70c3704d6
5ffae3c0e627b6a2083d67639bfa32ecfe695671ee25f8e1315d2067a4e28df4
73c84bc712d3b49148b9b1bc957cee1bf5d32824ee20a11cf8dcd4f807bdc1eb
74bd1b7bcea34f93db4e27f0b9f015ab60275b323cdf0528dece166dca9f3f08
7edda2585f580c167fd4e3a6c162534548cda437f8bef67c544f3aa9c162a17c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a33044a9a9eca3e9178dc0d491232b57640e253b37722dd1490214ec84c2374
b18ba82b40bfda90e5cfeaadf4338641c7bec2366309d6fc422766aaf8b4f2dd
ba85c01e1ac6f7205f4d7613329d7a781399ce0c0bd782047832475b3347e8d4
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314
de542f2bf5e847c1ca7bd2a584e0270190d518d3c34a30a1e886152310ed8d66
e2f74bd2d33467879f4c86aa330efa33cc0739c0b2db62e4f51910f7587236aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeb3c5c16bf7e0baac63207dca1e3a48ede607a5e466a25ce9dc9100f70d3ad5