buhitter.com Open in urlscan Pro
2606:4700:20::ac43:45d6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://buhitter.com/author/tapfantasy2021
Submission: On April 12 via manual (April 12th 2024, 10:13:18 pm UTC) from BR — Scanned from US

Summary HTTP 94 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 41 IPs in 4 countries across 20 domains to perform 94 HTTP transactions. The main IP is 2606:4700:20::ac43:45d6, located in United States and belongs to CLOUDFLARENET, US. The main domain is buhitter.com.
TLS certificate: Issued by GTS CA 1P5 on March 5th 2024. Valid for: 3 months.

This is the only time buhitter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:20:... 2606:4700:20::ac43:45d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
5	202.231.228.162 202.231.228.162	4686 (BEKKOAME ...) (BEKKOAME BEKKOAME INTERNET INC.)
2	2607:f8b0:400... 2607:f8b0:4004:c1d::9c	15169 (GOOGLE) (GOOGLE)
1	18.164.96.49 18.164.96.49	16509 (AMAZON-02) (AMAZON-02)
17	2606:2800:220... 2606:2800:220:1410:489:141e:20bb:12f6	15133 (EDGECAST) (EDGECAST)
4	2606:2800:220... 2606:2800:220:de:468:2285:c1:4a3	15133 (EDGECAST) (EDGECAST)
2	2607:f8b0:400... 2607:f8b0:4004:c07::61	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c07::65	15169 (GOOGLE) (GOOGLE)
2	52.192.231.173 52.192.231.173	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:817::200e	15169 (GOOGLE) (GOOGLE)
10	172.253.115.102 172.253.115.102	15169 (GOOGLE) (GOOGLE)
1	2600:9000:251... 2600:9000:2511:4e00:a:e047:753:eb41	16509 (AMAZON-02) (AMAZON-02)
1	2620:100:a00b::4 2620:100:a00b::4	19750 (AS-CRITEO) (AS-CRITEO)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
3	142.251.167.154 142.251.167.154	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::9d	15169 (GOOGLE) (GOOGLE)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
1	142.251.163.147 142.251.163.147	15169 (GOOGLE) (GOOGLE)
2	2620:100:a00b... 2620:100:a00b::12	19750 (AS-CRITEO) (AS-CRITEO)
4	142.250.80.98 142.250.80.98	15169 (GOOGLE) (GOOGLE)
3	108.139.47.12 108.139.47.12	16509 (AMAZON-02) (AMAZON-02)
2	44.194.254.43 44.194.254.43	14618 (AMAZON-AES) (AMAZON-AES)
1	52.69.202.8 52.69.202.8	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
2	202.210.188.70 202.210.188.70	4686 (BEKKOAME ...) (BEKKOAME BEKKOAME INTERNET INC.)
2	2600:141b:1c0... 2600:141b:1c00:19::17c8:5823	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.138.128.123 108.138.128.123	16509 (AMAZON-02) (AMAZON-02)
1	43.206.43.189 43.206.43.189	16509 (AMAZON-02) (AMAZON-02)
1	2600:141b:1c0... 2600:141b:1c00:22::1730:e06f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	3.115.171.164 3.115.171.164	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:e... 2600:1901:0:e207::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.112.148.137 3.112.148.137	16509 (AMAZON-02) (AMAZON-02)
1	142.250.72.104 142.250.72.104	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80d::2001	15169 (GOOGLE) (GOOGLE)
1	142.251.163.104 142.251.163.104	15169 (GOOGLE) (GOOGLE)
1	172.253.62.139 172.253.62.139	15169 (GOOGLE) (GOOGLE)
94	41

3 2606:4700:20::ac43:45d6 (United States)

ASN13335 (CLOUDFLARENET, US)

buhitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 202.231.228.162 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)

fam-8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1d::9c (Washington, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-49.jfk50.r.cloudfront.net

cdn-fluct.sh.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:2800:220:1410:489:141e:20bb:12f6 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:220:de:468:2285:c1:4a3 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c07::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c07::65 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.192.231.173 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-231-173.ap-northeast-1.compute.amazonaws.com

pa.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.253.115.102 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f102.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2511:4e00:a:e047:753:eb41 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.167.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f154.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::84 (Washington, United States)

ASN15169 (GOOGLE, US)

657f9fbbc6288fc2b562b47f46b6592f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (Amsterdam, Netherlands)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.163.147 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a00b::12 (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.80.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.139.47.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-12.jfk50.r.cloudfront.net

pdn.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.194.254.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-254-43.compute-1.amazonaws.com

cs.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.69.202.8 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-69-202-8.ap-northeast-1.compute.amazonaws.com

sh.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.210.188.70 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)

img.fam-8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:1c00:19::17c8:5823 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-123.jfk50.r.cloudfront.net

j.zucks.net.zimg.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.206.43.189 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-206-43-189.ap-northeast-1.compute.amazonaws.com

i.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:22::1730:e06f (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

sync6.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.115.171.164 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-115-171-164.ap-northeast-1.compute.amazonaws.com

sh.zucks.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:e207:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.112.148.137 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-112-148-137.ap-northeast-1.compute.amazonaws.com

k.zucks.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.72.104 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80d::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.163.104 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f104.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.62.139 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f139.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	twimg.com pbs.twimg.com — Cisco Umbrella Rank: 1263	1 MB
14	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 665 www.google.com — Cisco Umbrella Rank: 2	69 KB
10	adingo.jp cdn-fluct.sh.adingo.jp — Cisco Umbrella Rank: 166161 pa.adingo.jp pdn.adingo.jp — Cisco Umbrella Rank: 112727 cs.adingo.jp — Cisco Umbrella Rank: 4442 sh.adingo.jp — Cisco Umbrella Rank: 69573 i.adingo.jp — Cisco Umbrella Rank: 104630	25 KB
7	googlesyndication.com 657f9fbbc6288fc2b562b47f46b6592f.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 109 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	95 KB
7	fam-8.net fam-8.net — Cisco Umbrella Rank: 288761 img.fam-8.net — Cisco Umbrella Rank: 496643	2 MB
6	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 210 stats.g.doubleclick.net — Cisco Umbrella Rank: 87	195 KB
5	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1349 syndication.twitter.com — Cisco Umbrella Rank: 1755	31 KB
4	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 29961 sync6.im-apps.net — Cisco Umbrella Rank: 55883 audiencedata.im-apps.net — Cisco Umbrella Rank: 30412	6 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	174 KB
3	buhitter.com buhitter.com	27 KB
2	zucks.net sh.zucks.net — Cisco Umbrella Rank: 138288 k.zucks.net — Cisco Umbrella Rank: 135884	2 KB
2	criteo.com gum.criteo.com — Cisco Umbrella Rank: 465	323 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 986 id5-sync.com — Cisco Umbrella Rank: 511	27 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3025	50 KB
1	zimg.jp j.zucks.net.zimg.jp — Cisco Umbrella Rank: 129565	4 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 315	902 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 687	13 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 3302	3 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 771	30 KB
94	20

	Domain	Requested by
17	pbs.twimg.com	buhitter.com
12	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
5	securepubads.g.doubleclick.net	buhitter.com securepubads.g.doubleclick.net pagead2.googlesyndication.com
5	fam-8.net	buhitter.com fam-8.net
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	platform.twitter.com	buhitter.com platform.twitter.com
3	pdn.adingo.jp	securepubads.g.doubleclick.net pdn.adingo.jp buhitter.com
3	www.googletagmanager.com	buhitter.com www.googletagmanager.com
3	buhitter.com	buhitter.com
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	dmp.im-apps.net	pdn.adingo.jp dmp.im-apps.net
2	img.fam-8.net	buhitter.com
2	cs.adingo.jp	pdn.adingo.jp
2	gum.criteo.com	static.criteo.net pdn.adingo.jp
2	www.google.com	buhitter.com tpc.googlesyndication.com
2	pa.adingo.jp	cdn-fluct.sh.adingo.jp
2	stackpath.bootstrapcdn.com	buhitter.com
1	k.zucks.net	j.zucks.net.zimg.jp
1	audiencedata.im-apps.net	dmp.im-apps.net
1	sh.zucks.net	j.zucks.net.zimg.jp
1	sync6.im-apps.net	dmp.im-apps.net
1	i.adingo.jp	pdn.adingo.jp
1	j.zucks.net.zimg.jp	pdn.adingo.jp
1	syndication.twitter.com	buhitter.com
1	sh.adingo.jp	pdn.adingo.jp
1	id5-sync.com	cdn.id5-sync.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	657f9fbbc6288fc2b562b47f46b6592f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn-fluct.sh.adingo.jp	buhitter.com
1	code.jquery.com	buhitter.com
94	35

This site contains links to these domains. Also see Links.

Domain
twitter.com
t.me
linktr.ee
tapfantasy.io
t.co
fam-8.net

Subject Issuer	Validity	Valid
buhitter.com GTS CA 1P5	`2024-03-05` - `2024-06-03`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-03-27` - `2024-06-25`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
fam-8.net FujiSSL Public Validation Authority - G3	`2023-05-17` - `2024-06-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
cdn-fluct.sh.adingo.jp Amazon RSA 2048 M01	`2023-08-25` - `2024-09-22`	a year	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.adingo.jp Amazon RSA 2048 M02	`2024-02-29` - `2025-03-30`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2024-01-24` - `2024-04-23`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
id5-sync.com E1	`2024-04-06` - `2024-07-05`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.id5-sync.com R3	`2024-03-01` - `2024-05-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
syndication.twitter.com R3	`2024-04-06` - `2024-07-05`	3 months	crt.sh
img.fam-8.net FujiSSL Public Validation Authority - G3	`2023-05-17` - `2024-06-04`	a year	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2024-03-11` - `2025-03-11`	a year	crt.sh
j.zucks.net.zimg.jp Amazon RSA 2048 M03	`2023-09-29` - `2024-10-27`	a year	crt.sh
sh.zucks.net Amazon RSA 2048 M02	`2024-03-02` - `2025-03-31`	a year	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2024-03-31` - `2024-06-29`	3 months	crt.sh
k.zucks.net Amazon RSA 2048 M02	`2023-07-09` - `2024-08-06`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://buhitter.com/author/tapfantasy2021
Frame ID: 51F5589FD74DAAB231FDC750120A270F
Requests: 75 HTTP requests in this frame

Frame: https://657f9fbbc6288fc2b562b47f46b6592f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DA459CA3D2E25E0D04DBB8A748846AD4
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=buhitter.com
Frame ID: 0DE43F5E090805B8537490066797064F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKF64__uDS1_P3jfqqZDVba57nm3RjDVNbfBxb6dLeqcqBuGdWKv9lNRiF4XMh7061dB2AcMM0qEhhkuwUiFULUWcGt8PkFuSq-CxSWTU-8EeKZc7TgtMqk3gL20Yzg2SvrpaMI3fHYeRWtITC1AjGZ8MHPAhP2lpDUq-eVnNFgAHFq14rkNZFS17cYTxUCnB79ya8ZaHM24W1oxWFAvdK6LsPDYzpjY2NZZFe9zkRiea1R695Xs8GqmbsGeTSoOrJLUgKnHiA4RCLCm7v_rVgQ_DyDWQS9jWAgI6zNs3nCO_yrCkUzgZxmMKVZwE2VwnYoe97W40Mrg8mm0QdnMh8MAyyvzpL86JIu2xtaFDFo13u1olgU7RqKOrjWwiXS587Fb06Xo1Nzg&sai=AMfl-YTgwXJeDVf6rbzEPAtb2ETiLBQFP6BJKZCprUQkvrbPZe7qOQhi4x9InDKIVvjvnU6Mh_xZENcStK2cXZZMCPbNjm7-K-ceJRUNOh7pbROOaMu-MGgOAjP3Jf-cG1JWTVhkieKNX1dphkB__PJDc3Kv&sig=Cg0ArKJSzLlrGy_IuiN8EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: CDE86A72CC1AC5F3A20F46FE707CA9E5
Requests: 15 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fbuhitter.com
Frame ID: 33D08DAFE9412411B17E0DC81990A719
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.2f70fb173b9000da126c79afe2098f02.ja.html
Frame ID: FDA995CEC75A5F9FED39F36D3D19A149
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 26CD246343F4D57E999780D9221551A6
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8DB07E1EFF0F0485EF2C98F49484C15E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

tapfantasy2021さんのイラストまとめ

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

94
Requests

99 %
HTTPS

48 %
IPv6

20
Domains

35
Subdomains

41
IPs

4
Countries

4794 kB
Transfer

6502 kB
Size

20
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/tapfantasy2021
Title: @tapfantasy2021

Search URL Search Domain Scan URL

URL: https://t.me/TapFantasyGameBot
Title: t.me/TapFantasyGame…

Search URL Search Domain Scan URL

URL: http://linktr.ee/tapfantasy
Title: linktr.ee/tapfantasy

Search URL Search Domain Scan URL

URL: http://t.me/tap_fantasy
Title: t.me/tap_fantasy

Search URL Search Domain Scan URL

URL: https://tapfantasy.io/#/
Title: tapfantasy.io/#/

Search URL Search Domain Scan URL

URL: https://twitter.com/tapfantasy2021/status/1561917422575431686

Search URL Search Domain Scan URL

URL: https://t.co/CxtGSrswcd
Title: https://t.co/CxtGSrswcd

Search URL Search Domain Scan URL

URL: https://twitter.com/tapfantasy2021/status/1559137669527277568

Search URL Search Domain Scan URL

URL: https://twitter.com/tapfantasy2021/status/1556896652149272576

Search URL Search Domain Scan URL

URL: https://t.co/mxOKLO1ecq
Title: https://t.co/mxOKLO1ecq

Search URL Search Domain Scan URL

URL: https://twitter.com/tapfantasy2021/status/1505031318199017472

Search URL Search Domain Scan URL

URL: https://t.co/PqRq1qzjKP
Title: https://t.co/PqRq1qzjKP

Search URL Search Domain Scan URL

URL: https://twitter.com/tapfantasy2021/status/1499272518560931841

Search URL Search Domain Scan URL

URL: https://t.co/a2U2O4KLiq
Title: https://t.co/a2U2O4KLiq

Search URL Search Domain Scan URL

URL: https://twitter.com/tapfantasy2021/status/1483725027174653958

Search URL Search Domain Scan URL

URL: https://t.co/Byq0xOOkQu
Title: https://t.co/Byq0xOOkQu

Search URL Search Domain Scan URL

URL: https://t.co/JXb1vtnbFf
Title: https://t.co/JXb1vtnbFf

Search URL Search Domain Scan URL

URL: https://twitter.com/tapfantasy2021/status/1478251056417370113

Search URL Search Domain Scan URL

URL: https://twitter.com/tapfantasy2021/status/1476455696690737154

Search URL Search Domain Scan URL

URL: https://twitter.com/tapfantasy2021/status/1475739324255961089

Search URL Search Domain Scan URL

URL: https://twitter.com/tapfantasy2021/status/1474253014256947200

Search URL Search Domain Scan URL

URL: https://fam-8.net/ad/p/r?_site=7444&_loc=35110&_campaign=1530&_article=13900&_link=145105&_mstype=4&_deliver=1

Search URL Search Domain Scan URL

URL: https://fam-8.net/ad/p/r?_site=7444&_loc=35111&_campaign=1530&_article=13894&_link=145075&_mstype=4&_deliver=1

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

94 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request tapfantasy2021 Show response
buhitter.com/author/ 128 KB
22 KB 1160ms
1002ms Document
text/html 2606:4700:20::ac43:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buhitter.com/author/tapfantasy2021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb4a74e29ce3f2b79bc52bb09421f350bb2caaa9b8abe92b92bbaabc9ce68410

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 87368fcffa017421-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 12 Apr 2024 22:13:08 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L6kvY6qZgQe2BPJNJye1K2F3Ob5W8O2U5kTMtE%2FBIJAcJGdHDa12iC1ubgQ4ewA8%2BSufq5YmiAkiZwmu2Wxm3aWCQbAbkzoao65V48%2B%2FLZ0Hid%2F86mFhGJMp8kZtjnpUMjLYxQm4EqxPqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN

GET
H3 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
27 KB 154ms
52ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Origin: https://buhitter.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 878
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 224954
cdn-cachedat: 03/18/2024 12:53:29
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"a15c2ac3234aa8f6064ef9c1f7383c37"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: ac5ddacb160452a29a342f28c2f84b36
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 87368fd6fdcb5c69-MIA
cdn-requestpullsuccess: True

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 136ms
34ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Origin: https://buhitter.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:08 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2916830
x-cache: HIT, HIT
content-length: 30879
x-served-by: cache-lga21981-LGA, cache-mia-kmia1760078-MIA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1712959988.317678,VS0,VE0
etag: W/"28feccc0-15d84"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 31, 97472

GET
H3 200 bootstrap.bundle.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 77 KB
23 KB 257ms
157ms Script
application/javascript 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.bundle.min.js

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Origin: https://buhitter.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 878
age: 3898379
cdn-cachedat: 09/04/2022 07:27:08
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"a454220fc07088bf1fdd19313b6bfd50"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 6b105eeb30d0f0a0d7549ab4bd4e83f8
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 87368fd6fdd05c69-MIA
cdn-requestpullsuccess: True

GET
H/1.1 200
OK fam8-tagify.min.js Show response
fam-8.net/ad/js/ 2 KB
3 KB 915ms
200ms Script
application/javascript 202.231.228.162
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to

Full URL: https://fam-8.net/ad/js/fam8-tagify.min.js
Requested by: Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.231.228.162 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software: /
Resource Hash: 4bd55f89acdfd8dda416b2e6e81c302be408e8a03b9ff2f5b43f1262604cf395

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 22:13:09 GMT
Last-Modified: Sat, 12 Jan 2019 00:17:54 GMT
ETag: W/"2306-1547252274000"
Content-Type: application/javascript
Access-Control-Allow-Credentials: true
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 2306

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
30 KB 275ms
127ms Script
text/javascript 2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0b8a30a607a371a8f449eb9fb3257896abda2f1eec2b6dd521bea8e9b17ff90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29700
x-xss-protection: 0
server: cafe
etag: 273 / 19825 / 31082679 / config-hash: 10044149075479355345
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 Apr 2024 22:13:08 GMT

GET
H2 200 kv.js Show response
cdn-fluct.sh.adingo.jp/ts/ 4 KB
2 KB 213ms
62ms Script
application/javascript 18.164.96.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fluct.sh.adingo.jp/ts/kv.js
Requested by: Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.96.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-49.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe17e70b190a001b79a66fa7b55d2dbac42a25b2fd575f72cf3e1470a9c40161

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Jan 2024 05:57:37 GMT
content-encoding: gzip
via: 1.1 eb2e4893b47f0d155cd51b82c2a8d596.cloudfront.net (CloudFront)
last-modified: Tue, 10 Nov 2020 02:43:11 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
age: 7402532
etag: W/"556934705e12b655011cd42324d63d74"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: no-cache
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: cLiDvmZHn-o9PLzRA7i8XFIhS4HSAV92UdNyUvISWGdLeNf3lDlyvw==

GET
H2 200 oCp2wGbN.jpg
pbs.twimg.com/profile_images/1610119721285996544/ 42 KB
42 KB 294ms
151ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1610119721285996544/oCp2wGbN.jpg

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mic/9B12) /

Resource Hash

af76304e8c2f6cb158291d8cceec670c4d1b0fbb99ff8d3533f88642f879f2a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:08 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length: 42497
x-response-time: 18
surrogate-key: profile_images profile_images/bucket/1 profile_images/1610119721285996544
last-modified: Tue, 03 Jan 2023 03:41:50 GMT
server: ECS (mic/9B12)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: b0394910b6f1f488
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 6c09a97d6f7e271f6d817e764a7d0ff284ae23b35d34df6e8435da3167c3f170
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 203ms
34ms Script
application/javascript 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mic/9B5D) /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 22:13:08 GMT
Content-Encoding: gzip
Age: 899
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27597
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
Server: ECS (mic/9B5D)
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 pre-loader.gif
buhitter.com/img/ 4 KB
4 KB 56ms
55ms Image
image/gif 2606:4700:20::ac43:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buhitter.com/img/pre-loader.gif

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07eff9d9f81261e700e6812c2a47f189153f25c1d5bbc8c78af811e4d567a10f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/author/tapfantasy2021
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 269695
content-length: 3649
last-modified: Sun, 21 Jan 2024 10:27:19 GMT
server: cloudflare
etag: "65acf187-e41"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5vXXWINva8CEiN7xAcc7DUOUSZj6kRYdjq7j2hUQXPIAqqj8cW5Pgq1XHDjK7TZxQ7nQ7wLLIYUd0Tcecx%2FCaZV8AydB0J4ia2WiZ%2FtHZt3hwJC25M66ewrksMhqJsWXcqtef4R8FcZ3%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 87368fd65e2d7421-MIA
expires: Tue, 16 Apr 2024 19:18:13 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 217 KB
78 KB 211ms
77ms Script
application/javascript 2607:f8b0:4004:c07::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WH4L999

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2462a17ca3eeea7ab9eaed50eaa069a5f632c6238ba46194a790454283ae0e91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79722
x-xss-protection: 0
last-modified: Fri, 12 Apr 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Apr 2024 22:13:08 GMT

GET
DATA 200
OK truncated
/ 198 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e833c2bb524b75edd90f3203dca8b9ccad32cd0c897b397bcee372728046a05

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404090101/ 445 KB
139 KB 61ms
59ms Script
text/javascript 2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404090101/pubads_impl.js?cb=31082679

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af1756f799fa1cf1e916300956ffdf5702fa3c5abc2c420d12fbe249b2362bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 21:47:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1560
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142404
x-xss-protection: 0
server: cafe
etag: 14799552697149998396
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 12 Apr 2025 21:47:08 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 282 KB
96 KB 80ms
79ms Script
application/javascript 2607:f8b0:4004:c07::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-74YKYKK7PB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WH4L999

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ee3a9ac32738ca953e7782d30e93ccb6ae2fb36db13e56e9bbf05598823a62a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97985
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 Apr 2024 22:13:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 199ms
58ms Script
text/javascript 2607:f8b0:4004:c07::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WH4L999

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 12 Apr 2024 20:48:27 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5082
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 12 Apr 2024 22:48:27 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
159 B 72ms
71ms Ping
text/plain 2607:f8b0:4004:c07::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-74YKYKK7PB&gtm=45je44a0v886998702z8811964994za200&_p=1712959988465&gcd=13l3l3l3l1&npa=0&dma=0&cid=89834220.1712959989&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712959989&sct=1&seg=0&dl=https%3A%2F%2Fbuhitter.com%2Fauthor%2Ftapfantasy2021&dt=tapfantasy2021%E3%81%95%E3%82%93%E3%81%AE%E3%82%A4%E3%83%A9%E3%82%B9%E3%83%88%E3%81%BE%E3%81%A8%E3%82%81&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2040
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-74YKYKK7PB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c07::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 22:13:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhitter.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 kv
pa.adingo.jp/ Frame 0
0 648ms
205ms Preflight 52.192.231.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.adingo.jp/kv
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.192.231.173 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-231-173.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://buhitter.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, Authorization, Accept, Content-Type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Fri, 12 Apr 2024 22:13:09 GMT
server: nginx

POST
H2 200 kv Show response
pa.adingo.jp/ 408 B
638 B 206ms
206ms XHR
application/json 52.192.231.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.adingo.jp/kv
Requested by: Host: cdn-fluct.sh.adingo.jp
URL: https://cdn-fluct.sh.adingo.jp/ts/kv.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.192.231.173 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-231-173.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8fa4744814b9ea3f31015b20d557d4c678538cc4e076c874b17ba5f9ea2f4c07

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 12 Apr 2024 22:13:09 GMT
server: nginx
access-control-allow-methods: POST, GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Origin, Authorization, Accept, Content-Type
content-length: 408

GET
H2 200 9176203 Show response
fundingchoicesmessages.google.com/i/ 180 KB
60 KB 284ms
110ms Script
application/javascript 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/9176203?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404090101/pubads_impl.js?cb=31082679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

95c10c2438d1a4bbd006158af7cd0ee59862d45f62f67afe882f9e70e80d3964

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-_oFSMMGTaHaL3kq-e9KZSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:09 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-_oFSMMGTaHaL3kq-e9KZSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmLw0pBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxYQxzyfzpoCxE7pM1hDgNinfgZrHBC33jzHOh2ITy44z3oRiJP_nWctBWIhHo6vj59tYBPYsHLbDkYAA-wrqw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK latest-version Show response
fam-8.net/ad/p/ 41 B
494 B 822ms
204ms XHR
text/html 202.231.228.162
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to

Full URL: https://fam-8.net/ad/p/latest-version
Requested by: Host: fam-8.net
URL: https://fam-8.net/ad/js/fam8-tagify.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.231.228.162 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software: /
Resource Hash: 001fca0c70a55362c8ae8e33ac675fe8e5054439537b10ae75de374cd5a68f07

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 22:11:32 GMT
Content-Type: text/html
Access-Control-Allow-Origin: https://buhitter.com
P3P: CP='CAO PSA CONi OTR OUR DEM ONL'
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 41

GET
H/1.1 200
OK pjs-1.0.3.min.js Show response
fam-8.net/ad/js/ 15 KB
15 KB 816ms
204ms Script
application/javascript 202.231.228.162
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to

Full URL: https://fam-8.net/ad/js/pjs-1.0.3.min.js
Requested by: Host: fam-8.net
URL: https://fam-8.net/ad/js/fam8-tagify.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.231.228.162 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software: /
Resource Hash: 3486e75cbcec83fac64b744262840c0cf45746e11e15b158b652bc451c849ab7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 22:13:10 GMT
Last-Modified: Wed, 14 Oct 2020 06:13:36 GMT
ETag: W/"14916-1602656016000"
Content-Type: application/javascript
Access-Control-Allow-Credentials: true
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 14916

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
94 B 67ms
66ms XHR
text/plain 2607:f8b0:4004:c07::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1505920646&t=pageview&_s=1&dl=https%3A%2F%2Fbuhitter.com%2Fauthor%2Ftapfantasy2021&ul=en-us&de=UTF-8&dt=tapfantasy2021%E3%81%95%E3%82%93%E3%81%AE%E3%82%A4%E3%83%A9%E3%82%B9%E3%83%88%E3%81%BE%E3%81%A8%E3%82%81&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1728246895&gjid=1806184362&cid=89834220.1712959989&tid=UA-115935434-1&_gid=22488436.1712959990&_r=1&_slc=1&gtm=45He44a0n81WH4L999v811964994za200&gcd=13l3l3l3l1&dma=0&z=237764650

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::65 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 22:13:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhitter.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVSBjbJD3iVC4luYx0fJ-Z8HAh_f-KwL8wjTZOiU7SfmC0II9rPXSFfCgvZvDE9DaCktFP9W2Zz-Ye-jpa74CnkKuoJMSYF4PZNVxTH3qvqppJdW7y8YPAF9jrLxx7-cI4D3NBwIA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 194ms
77ms XHR
text/html 172.253.115.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVSBjbJD3iVC4luYx0fJ-Z8HAh_f-KwL8wjTZOiU7SfmC0II9rPXSFfCgvZvDE9DaCktFP9W2Zz-Ye-jpa74CnkKuoJMSYF4PZNVxTH3qvqppJdW7y8YPAF9jrLxx7-cI4D3NBwIA==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.gtxvHVrsAtw.es5.O/am=wA/d=1/rs=AJlcJMxdQ9PS5_VTfREj_WTz4wHQE0TUEA/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zV9zhCOB8P0jlFsNr-SsaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Apr 2024 22:13:10 GMT
content-security-policy: script-src 'report-sample' 'nonce-zV9zhCOB8P0jlFsNr-SsaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0pBiqGV4xtQKxE7pM1iDgFiIm-Pb42cb2AQ-vLhaBgDA-A04"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://buhitter.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxUUQQ2gOvaAh-HizKFXU9qvqH_OrTaOYdlJNflHX-1sENpRShr7or72wHS831BL6eoq19sbZVCQB9pb8XQH1Cfrc-6Tcw3xJ4i9XxytBLRNm73D-E0qlh8rH838mdZBkFiwEOxTow== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 114ms
113ms Script
application/javascript 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUUQQ2gOvaAh-HizKFXU9qvqH_OrTaOYdlJNflHX-1sENpRShr7or72wHS831BL6eoq19sbZVCQB9pb8XQH1Cfrc-6Tcw3xJ4i9XxytBLRNm73D-E0qlh8rH838mdZBkFiwEOxTow==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEyOTU5OTkwLDk1MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2J1aGl0dGVyLmNvbS9hdXRob3IvdGFwZmFudGFzeTIwMjEiLG51bGwsW1s4LCJndHh2SFZyc0F0dyJdLFs5LCJlbi1VUyJdLFsxNiwiWzEsMSwxXSJdLFs3LCIxIl0sWzExLCJbXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

281c48aadf7418c3bcea2472a4f8b7d54f75ed7a07202a289bb0442cbb0652f3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jc-2LPAQ5d-hakb--vvSYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:10 GMT
content-security-policy: script-src 'report-sample' 'nonce-jc-2LPAQ5d-hakb--vvSYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw0pBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxYQxzyfzpoCxE7pM1hDgNinfgZrHBC33jzHOh2ITy44z3oRiJP-nWctAWIhbo5vj59tYBPoWPHMFwDXXCtE"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 268ms
65ms Script
text/javascript 2600:9000:2511:4e00:a:e047:753:eb41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404090101/pubads_impl.js?cb=31082679
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:4e00:a:e047:753:eb41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Fri, 12 Apr 2024 08:27:56 GMT
Via: 1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P6
Age: 49515
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: IYieoKpv2gw9CvDgT3NldI_eXbP_TgQIAlp8iOrq_5ir2pLRX5StNg==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 41 KB
13 KB 261ms
114ms Script
text/javascript 2620:100:a00b::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404090101/pubads_impl.js?cb=31082679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

16eef82325d88bccb3f09d34d6155a3ee890edfdb479d44264212b5d5eca1af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Apr 2024 12:20:57 GMT
server: nginx
etag: W/"661532a9-a5c1"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 Apr 2024 22:13:10 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 93 KB
27 KB 175ms
79ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404090101/pubads_impl.js?cb=31082679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ce36a5c23014e57122d7997692e9863b532d08d7e21d227e1184099a5666be2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 20 Mar 2024 11:38:58 GMT
server: cloudflare
x-amz-request-id: 49F294GCGYSPNTPY
age: 764
etag: W/"7ceb45871763bd74cf4140e0b5fe846a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 87368fe30e50a4c8-MIA
x-amz-id-2: uSUHkV5SoIAANN/OXxqSBxVoiWAh4UytkqRSZGOVRTkp+Y63RPtbCuLrCcH/r5DS4QImzJ+MQ4o=

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
902 B 129ms
34ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404090101/pubads_impl.js?cb=31082679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 12 Apr 2024 22:13:10 GMT
x-content-type-options: nosniff
content-encoding: br
age: 20561
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-mia-kmia1760095-MIA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 133 KB
26 KB 573ms
573ms Fetch
text/plain 142.251.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3796427455065397&correlator=694656101874329&eid=31079956%2C31082679%2C95330209%2C21065724&output=ldjh&gdfp_req=1&vrg=202404090101&ptt=17&impl=fifs&iu_parts=62532913%3A22479333033%2Cp_buhitter_970x250_title_28273%2Cp_buhitter_300x250_kensaku-1_28273%2Cp_buhitter_300x250_kensaku-2_28273%2Cp_buhitter_300x250_footer-1_28273%2Cp_buhitter_728x90_overlay_28273&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=970x250%2C300x250%7C336x280%2C300x250%7C336x280%2C300x250%7C336x280%2C728x90&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1712959990116&lmt=1712959990&adxs=-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTIyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEyMiJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTIyIl1dLDBd&url=https%3A%2F%2Fbuhitter.com%2Fauthor%2Ftapfantasy2021&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0&ga_vid=89834220.1712959989&ga_sid=1712959990&ga_hid=1505920646&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRje0vyi7TFIAFICCGQSGQoKcHViY2lkLm9yZxje0vyi7TFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y3tL8ou0xSABSAghkEhkKCnVpZGFwaS5jb20Y3dL8ou0xSABSAghk&dlt=1712959988193&idt=894&prev_scp=pa%3Dok%7Cpa%3Dok%7Cpa%3Dok%7Cpa%3Dok%7Cpa%3Dok&adks=1724631948%2C403046175%2C1878229315%2C3801214374%2C3238850784&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404090101/pubads_impl.js?cb=31082679

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f154.1e100.net

Software

cafe /

Resource Hash

baa0c25300b8db270e586913b57e51bcf0a699ee181260e98b813dc19a80abc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:10 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26800
x-xss-protection: 0
google-lineitem-id: -2,5734155481,5734821323,-1,5734823039
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138355405894,138355406017,-1,138355061403
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://buhitter.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
657f9fbbc6288fc2b562b47f46b6592f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DA45 0
0 206ms
61ms Document
text/html 2607:f8b0:4004:c17::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://657f9fbbc6288fc2b562b47f46b6592f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404090101/pubads_impl.js?cb=31082679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://buhitter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Apr 2024 22:13:10 GMT
expires: Sat, 12 Apr 2025 22:13:10 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
344 B 202ms
68ms XHR
text/plain 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-115935434-1&cid=89834220.1712959989&jid=1728246895&gjid=1806184362&_gid=22488436.1712959990&_u=YADAAEAAAAAAACAAI~&z=1186815636

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 12 Apr 2024 22:13:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhitter.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
228 B 446ms
144ms XHR
text/plain 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://buhitter.com
date: Fri, 12 Apr 2024 22:13:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 581ms
448ms Image
image/gif 142.251.163.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-115935434-1&cid=89834220.1712959989&jid=1728246895&_u=YADAAEAAAAAAACAAI~&z=948757547

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.147 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 22:13:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe
gum.criteo.com/ Frame 0DE4 0
0 198ms
59ms Document
text/html 2620:100:a00b::12
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=buhitter.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://buhitter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 12 Apr 2024 22:13:09 GMT
server: Kestrel
server-processing-duration-in-ticks: 333764
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H3 200 __load_ad Show response
fundingchoicesmessages.google.com/f/AGSKWxUlAx1UDUrhoz-zVF6ScFlDSJJLl4_ubUley6eDyQlgG1Rp5Fcz2LaANyigL1k_nPCiBV8WRHAeIfruuRf5Ji-X4-qsNk2OQkvTOQ5uTDpMqCJoZYLIQZUI0aJBA2kPHSAFP-DhXncAfI1SxU7v5ZVIOK_CT... 54 B
110 B 80ms
80ms Script
application/javascript 172.253.115.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUlAx1UDUrhoz-zVF6ScFlDSJJLl4_ubUley6eDyQlgG1Rp5Fcz2LaANyigL1k_nPCiBV8WRHAeIfruuRf5Ji-X4-qsNk2OQkvTOQ5uTDpMqCJoZYLIQZUI0aJBA2kPHSAFP-DhXncAfI1SxU7v5ZVIOK_CTQYEBrpt87DKnPGiWJ_0V9Luz9NaV9KO/__load_ad?_images/ad..480x60-/davad_ad_/ad3.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.gtxvHVrsAtw.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyBxmp7JA_YqEpeY2I7xSTHeKI8yg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f102.1e100.net

Software

ESF /

Resource Hash

fcc2733b5755b770b14adf00b06fc30a08cb9d562e3329dd895dc2b47e057783

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-idPaffTWJyT-a-udRmEKZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:10 GMT
content-security-policy: script-src 'report-sample' 'nonce-idPaffTWJyT-a-udRmEKZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmJw1JBiOHnrNtNFID7vdIfpOhDXMjxjagViA43nTBZALPH1JZMaEMc8n86aAsRO6TNYA4DYp34GaxQQt948xzoZiE8uOM96EYiT_p1nLQBiIR6Ob4-fbWAT-HG6Yy0zAP1yMNA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 30 KB
11 KB 204ms
62ms Script
text/javascript 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

83c5190536a91c27cb47ff9d671f0e992cd9328ed13913920653a9c65140d580

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 21:30:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2585
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11532
x-xss-protection: 0
server: cafe
etag: 5275273590851134888
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 12 Apr 2024 22:30:06 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVSBjbJD3iVC4luYx0fJ-Z8HAh_f-KwL8wjTZOiU7SfmC0II9rPXSFfCgvZvDE9DaCktFP9W2Zz-Ye-jpa74CnkKuoJMSYF4PZNVxTH3qvqppJdW7y8YPAF9jrLxx7-cI4D3NBwIA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yri9WOHgFMSQAFtwSWkz9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Apr 2024 22:13:10 GMT
content-security-policy: script-src 'report-sample' 'nonce-yri9WOHgFMSQAFtwSWkz9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1pBiqGV4xtQKxE7pM1iDgFiIh-Pb42cb2ARunLu8hhkAzNgNNw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://buhitter.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVSBjbJD3iVC4luYx0fJ-Z8HAh_f-KwL8wjTZOiU7SfmC0II9rPXSFfCgvZvDE9DaCktFP9W2Zz-Ye-jpa74CnkKuoJMSYF4PZNVxTH3qvqppJdW7y8YPAF9jrLxx7-cI4D3NBwIA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uP8BFZf5ogwbUuCMNNWRFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Apr 2024 22:13:10 GMT
content-security-policy: script-src 'report-sample' 'nonce-uP8BFZf5ogwbUuCMNNWRFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0pBiqGV4xtQKxE7pM1iDgFiIh-Pb42cb2AQe3JxyiRkAzakNOA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://buhitter.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK js Show response
fam-8.net/ad/p/ 633 B
1 KB 615ms
207ms XHR
text/javascript 202.231.228.162
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to

Full URL: https://fam-8.net/ad/p/js?_site=7444&_mloc=35206&_jsasync=1&_ref=&_nocache=1712959991018655110
Requested by: Host: fam-8.net
URL: https://fam-8.net/ad/js/pjs-1.0.3.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.231.228.162 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software: /
Resource Hash: fc2794671f0e81bf218b0f513ebf416057e6255e3e510e7cbfdc8ea591618f95

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 22:13:11 GMT
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: https://buhitter.com
P3P: CP='CAO PSA CONi OTR OUR DEM ONL'
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 633

GET
H/1.1 200
OK js Show response
fam-8.net/ad/p/ 630 B
1 KB 823ms
207ms XHR
text/javascript 202.231.228.162
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to

Full URL: https://fam-8.net/ad/p/js?_site=7444&_mloc=35207&_jsasync=1&_ref=&_nocache=1712959991020694969
Requested by: Host: fam-8.net
URL: https://fam-8.net/ad/js/pjs-1.0.3.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.231.228.162 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software: /
Resource Hash: 7a05f4196ba06d48b47b4241117ad1c3f87551581248a97e32c7d1ca8e49f9b1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 22:11:34 GMT
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: https://buhitter.com
P3P: CP='CAO PSA CONi OTR OUR DEM ONL'
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 630

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CDE8 0
0 116ms
116ms Fetch
image/gif 142.251.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKF64__uDS1_P3jfqqZDVba57nm3RjDVNbfBxb6dLeqcqBuGdWKv9lNRiF4XMh7061dB2AcMM0qEhhkuwUiFULUWcGt8PkFuSq-CxSWTU-8EeKZc7TgtMqk3gL20Yzg2SvrpaMI3fHYeRWtITC1AjGZ8MHPAhP2lpDUq-eVnNFgAHFq14rkNZFS17cYTxUCnB79ya8ZaHM24W1oxWFAvdK6LsPDYzpjY2NZZFe9zkRiea1R695Xs8GqmbsGeTSoOrJLUgKnHiA4RCLCm7v_rVgQ_DyDWQS9jWAgI6zNs3nCO_yrCkUzgZxmMKVZwE2VwnYoe97W40Mrg8mm0QdnMh8MAyyvzpL86JIu2xtaFDFo13u1olgU7RqKOrjWwiXS587Fb06Xo1Nzg&sai=AMfl-YTgwXJeDVf6rbzEPAtb2ETiLBQFP6BJKZCprUQkvrbPZe7qOQhi4x9InDKIVvjvnU6Mh_xZENcStK2cXZZMCPbNjm7-K-ceJRUNOh7pbROOaMu-MGgOAjP3Jf-cG1JWTVhkieKNX1dphkB__PJDc3Kv&sig=Cg0ArKJSzLlrGy_IuiN8EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Apr 2024 22:13:11 GMT

GET
H2 200 p.js Show response
pdn.adingo.jp/ Frame CDE8 69 KB
17 KB 224ms
73ms Script
application/javascript 108.139.47.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pdn.adingo.jp/p.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404090101/pubads_impl.js?cb=31082679
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-12.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f28454ecc4cd5778641a83872fbb4563ebb174e86c5a5581d0dd6e7b1c0d523c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:51 GMT
content-encoding: br
via: 1.1 dedf8f82a63be28fe4cc799f6c4bfc08.cloudfront.net (CloudFront)
x-amz-version-id: UlaQDUunxdjz6OFewMD_De60PaTsjK._
x-amz-cf-pop: JFK50-P1
age: 81
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 16795
last-modified: Mon, 19 Feb 2024 05:05:12 GMT
server: AmazonS3
etag: "d309e1378bbeaa67d8df089b89647344"
content-type: application/javascript; charset=utf-8
cache-control: max-age=600, s-maxage=600, immutable
accept-ranges: bytes
x-amz-cf-id: pakzKLzID08GMJ3IZogi1B_s7MvVbrVT34wJ1Hvugo3mFjrjHiRMqw==

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame CDE8 214 KB
65 KB 63ms
63ms Script
text/javascript 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404090101/pubads_impl.js?cb=31082679

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

d6d0cdd93a3211b3770f16ed7a3a70cfe1aa1fd67f50f50bf64a1014abe9efb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:03:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 606
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66580
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 Apr 2024 23:03:05 GMT

GET
DATA 200
OK truncated
/ 266 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34ec28d4a67e1e34f833bc05f45967c00703513aa17e10d3dc2cbe29bc6f3e7c

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 33D0 0
0 133ms
35ms Document
text/html 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fbuhitter.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mic/9B22) /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://buhitter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1609724
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Fri, 12 Apr 2024 22:13:11 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mic/9B22)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVSBjbJD3iVC4luYx0fJ-Z8HAh_f-KwL8wjTZOiU7SfmC0II9rPXSFfCgvZvDE9DaCktFP9W2Zz-Ye-jpa74CnkKuoJMSYF4PZNVxTH3qvqppJdW7y8YPAF9jrLxx7-cI4D3NBwIA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gSOWFhwR3I5tGCunrABSkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Apr 2024 22:13:11 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gSOWFhwR3I5tGCunrABSkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw15BiqGV4xtQKxE7pM1iDgFiIm-P742cb2AQunL_uDQC_rQzU"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://buhitter.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVSBjbJD3iVC4luYx0fJ-Z8HAh_f-KwL8wjTZOiU7SfmC0II9rPXSFfCgvZvDE9DaCktFP9W2Zz-Ye-jpa74CnkKuoJMSYF4PZNVxTH3qvqppJdW7y8YPAF9jrLxx7-cI4D3NBwIA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rFNXQTh3O5FuaqjzBohVLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Apr 2024 22:13:11 GMT
content-security-policy: script-src 'report-sample' 'nonce-rFNXQTh3O5FuaqjzBohVLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII1pBiqGV4xtQKxE7pM1iDgFiIm-P742cb2AQOzD_rDQDAVQyW"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://buhitter.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxW7LRhnnlLwsyQk3cMpq89ucteOyH2FEl--3YV-PfjvEoPMYz_LzzhrVogrwFbWgHwHWxpHokjhhV2zJJJXdd73-aX4gXj-6s-VzwQRYUVjRE6TEh_Si2ejcNQIMC0Sc6kANemauA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 95ms
94ms Script
application/javascript 172.253.115.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW7LRhnnlLwsyQk3cMpq89ucteOyH2FEl--3YV-PfjvEoPMYz_LzzhrVogrwFbWgHwHWxpHokjhhV2zJJJXdd73-aX4gXj-6s-VzwQRYUVjRE6TEh_Si2ejcNQIMC0Sc6kANemauA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEyOTU5OTkxLDEyNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYnVoaXR0ZXIuY29tL2F1dGhvci90YXBmYW50YXN5MjAyMSIsbnVsbCxbWzgsImd0eHZIVnJzQXR3Il0sWzksImVuLVVTIl0sWzE2LCJbMSwxLDFdIl0sWzcsIjEiXSxbMTEsIltdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f102.1e100.net

Software

ESF /

Resource Hash

ef12a23dc3bbbaa9c5f6eebd72c63b5d37a345b118ad3eaca646c9fc4c549991

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aG411Mpv3WZneqlh2OTjMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:11 GMT
content-security-policy: script-src 'report-sample' 'nonce-aG411Mpv3WZneqlh2OTjMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmII1JBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxoQxzyfzpoCxE7pM1gDgNinfgZrFBC33jzHOhmITy44z3oRiJP-nWctAGIhbo7vj59tYBO4sG53BADXwCtm"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 oCp2wGbN_normal.jpg
pbs.twimg.com/profile_images/1610119721285996544/ 2 KB
2 KB 41ms
33ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1610119721285996544/oCp2wGbN_normal.jpg

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mic/9ACD) /

Resource Hash

ad01ddd67a80bc0e796393526298c69c2c38fbe1ede7bb1bb5cd4849d7f914b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:11 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 476431
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 2339
x-response-time: 8
surrogate-key: profile_images profile_images/bucket/1 profile_images/1610119721285996544
last-modified: Tue, 03 Jan 2023 03:41:50 GMT
server: ECS (mic/9ACD)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 42e2ec618929d030
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 224efdfaa2554c01b8f8ed15e7726445eedbe27fc82b569430bc1749677ae056
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Fa0Lmp3aIAA_ohP.png:small
pbs.twimg.com/media/ 604 KB
605 KB 710ms
703ms Image
image/png 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Fa0Lmp3aIAA_ohP.png:small

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mic/9B4F) /

Resource Hash

04b9e1a2ef56744437270b940a845670b47b4c7cf98727e7e686bfb3563ffaba

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:11 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length: 618960
x-response-time: 650
surrogate-key: media media/bucket/9 media/1561917404468617216
last-modified: Tue, 23 Aug 2022 03:23:02 GMT
server: ECS (mic/9B4F)
x-tw-cdn: VZ, VZ, VZ
content-type: image/png
access-control-allow-origin: *
x-transaction-id: 3f5148ad088847f1
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 7b7608bbd32a025f93b5f61fb25de0bf15a1d6959d4f1e1a6bd624f51347b98d
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Fa0LmpuaAAA7jos.jpg:small
pbs.twimg.com/media/ 64 KB
64 KB 200ms
193ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Fa0LmpuaAAA7jos.jpg:small

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mic/9ABC) /

Resource Hash

2118fb2f05909732033e80475dd50ebcc81b3420cb49596f453734dada45c3f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:11 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length: 65729
x-response-time: 110
surrogate-key: media media/bucket/5 media/1561917404430860288
last-modified: Tue, 23 Aug 2022 03:23:02 GMT
server: ECS (mic/9ABC)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 29ee4a2e0b863ef7
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: ddefcec04800c12a804a6c4d0a4b599b062825a3524d3ecea8f9e92d5bb9a5f3
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Fa0LmpyaAAIbAwQ.jpg:small
pbs.twimg.com/media/ 52 KB
52 KB 404ms
397ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Fa0LmpyaAAIbAwQ.jpg:small

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mic/9A9D) /

Resource Hash

5eb45395b7387746fa724be3708c89c24c68faae4d4b496c05df228d7c2d4dfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:11 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length: 52981
x-response-time: 342
surrogate-key: media media/bucket/0 media/1561917404447637506
last-modified: Tue, 23 Aug 2022 03:23:02 GMT
server: ECS (mic/9A9D)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: b6e51963b72459c9
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 9cd040f60bd013f45f5ef0191ce4b467310f216c1150e722e1d70506be688d63
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Fa0Lmp1aIAAwzYl.png:small
pbs.twimg.com/media/ 2 KB
2 KB 94ms
88ms Image
image/png 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Fa0Lmp1aIAAwzYl.png:small

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mic/9B12) /

Resource Hash

84e4c7552adf4a55c4c8fa9c54c805e0ff1ce77bf567c48e9ecb05cfb029acce

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:11 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length: 2376
x-response-time: 34
surrogate-key: media media/bucket/8 media/1561917404460228608
last-modified: Tue, 23 Aug 2022 03:23:02 GMT
server: ECS (mic/9B12)
x-tw-cdn: VZ, VZ, VZ
content-type: image/png
access-control-allow-origin: *
x-transaction-id: 346c77cb269820f2
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 7f3708d5b7ef78d0a231493832000236fa060ef52de4046b6830d4de8592f645
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FaMrOy0aQAMi4Ns.jpg:small
pbs.twimg.com/media/ 47 KB
47 KB 285ms
279ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FaMrOy0aQAMi4Ns.jpg:small

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mic/9B12) /

Resource Hash

86785598d392b7a39e2c2b357f761e46818a60af630699936b50f02df5cd6331

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:11 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length: 47988
x-response-time: 225
surrogate-key: media media/bucket/6 media/1559137429160083459
last-modified: Mon, 15 Aug 2022 11:16:25 GMT
server: ECS (mic/9B12)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 26a2d972c5ff9b97
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: ac52dd684587ecccfa2c2bf7a32ba1eaa75fddf62d4a27c43d71d52c92ce8cad
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FaMrQHxaIAEnD9a.jpg:small
pbs.twimg.com/media/ 42 KB
42 KB 287ms
281ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FaMrQHxaIAEnD9a.jpg:small

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mic/9ABC) /

Resource Hash

bee02aac0680dd00a14380f278998f7db132ce2677089d556f2b0048f4506d94

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:11 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length: 42742
x-response-time: 225
surrogate-key: media media/bucket/6 media/1559137451964506113
last-modified: Mon, 15 Aug 2022 11:16:30 GMT
server: ECS (mic/9ABC)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: acfb4c28ee9ec08a
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 3cfcf3de605ed431b472f97cd57fe89a3ba291cd1b663b1facb54b241be47bff
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FaMrSA4agAA8Mq9.jpg:small
pbs.twimg.com/media/ 44 KB
45 KB 283ms
277ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FaMrSA4agAA8Mq9.jpg:small

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mic/9B4A) /

Resource Hash

34d95e4dcbbfb3cad000498a264a8b43139df66add80e8c3dd8ecb528598f2a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:11 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length: 45378
x-response-time: 221
surrogate-key: media media/bucket/7 media/1559137484474580992
last-modified: Mon, 15 Aug 2022 11:16:38 GMT
server: ECS (mic/9B4A)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: daedc7930f221898
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 467fdf3afac3911c528bc013710ac7f0c31cae055022a4bf15c0aea750a2b124
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FaMrShqacAITs6W.jpg:small
pbs.twimg.com/media/ 79 KB
79 KB 372ms
366ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FaMrShqacAITs6W.jpg:small

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mic/9ABD) /

Resource Hash

5bbab6fe881d24cb23d6a752456c99dbefaf2a70271643cadcae675f954d31af

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:11 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length: 80561
x-response-time: 312
surrogate-key: media media/bucket/7 media/1559137493274226690
last-modified: Mon, 15 Aug 2022 11:16:40 GMT
server: ECS (mic/9ABD)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: bc62a97d6d6bb482
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 30c8301bf4231067de097e88baf68b03afe629bfff9e72e898e3299b3596b57c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FZs0NY5aMAAWH9-.jpg:small
pbs.twimg.com/media/ 37 KB
37 KB 407ms
402ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FZs0NY5aMAAWH9-.jpg:small

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mic/9B61) /

Resource Hash

61efc1491b680ee5e010e68ed2aad215ded25c971dbf33aaa9b2bf185c665294

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:11 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length: 37657
x-response-time: 344
surrogate-key: media media/bucket/1 media/1556895500812824576
last-modified: Tue, 09 Aug 2022 06:47:47 GMT
server: ECS (mic/9B61)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 5181fb073c23aaa4
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: bfd7fae1a50e0dcc9fcc2618ce8a623a477f9eff07363dd64a146a5a349d1e02
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FZs0OzuagAE1XZH.jpg:small
pbs.twimg.com/media/ 41 KB
41 KB 542ms
536ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FZs0OzuagAE1XZH.jpg:small

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mic/9ABD) /

Resource Hash

96de07008c0ca2aed243c22da32f3c2f9c52e639185532415e7e28bea101b598

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:11 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length: 41745
x-response-time: 451
surrogate-key: media media/bucket/6 media/1556895525194334209
last-modified: Tue, 09 Aug 2022 06:47:53 GMT
server: ECS (mic/9ABD)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 23d0358016b20a56
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 67bb560b704012df1d2ed4e8242457bf40260236dbb14aa115ae04a36fef77a6
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FZs0QAEagAAWMEC.jpg:small
pbs.twimg.com/media/ 91 KB
92 KB 208ms
203ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FZs0QAEagAAWMEC.jpg:small

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mic/9A89) /

Resource Hash

b2d13203aa68df6fe5ff66a22d425616d1938aff5ccb21cc989057982c445ebe

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:11 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length: 93521
x-response-time: 117
surrogate-key: media media/bucket/2 media/1556895545687703552
last-modified: Tue, 09 Aug 2022 06:47:58 GMT
server: ECS (mic/9A89)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: ea120074ebf11f4d
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 430d0200d224197d59eee72d0f9146f7d94576e1925a6dc7636e1c63181a7972
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FZs0_dBagAUk5Qk.jpg:small
pbs.twimg.com/media/ 107 KB
107 KB 234ms
230ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FZs0_dBagAUk5Qk.jpg:small

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mic/9AF8) /

Resource Hash

17dea17b56145e2aa33bc06e9344a16f4542b39c1d9dc9fa5cd1b74a030eaa12

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:11 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length: 109402
x-response-time: 118
surrogate-key: media media/bucket/5 media/1556896360913600517
last-modified: Tue, 09 Aug 2022 06:51:12 GMT
server: ECS (mic/9AF8)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 54fccb12c478e638
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 9bd49de36314b4f52a7a10fc69f8710b9087f383fa0adf5e98838106d83cee41
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 PD7F9kxjyLI-0I2j.jpg:small
pbs.twimg.com/ext_tw_video_thumb/1505030162726932483/pu/img/ 80 KB
80 KB 161ms
156ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1505030162726932483/pu/img/PD7F9kxjyLI-0I2j.jpg:small

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mic/9AE3) /

Resource Hash

8e6ecb3407a8c377b1f33624297fbf26411570e968e5baee9a80bb9bebd59673

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:11 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length: 81838
x-response-time: 71
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/1 ext_tw_video_thumb/1505030162726932483
last-modified: Sat, 19 Mar 2022 03:53:27 GMT
server: ECS (mic/9AE3)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 5aaab9b478c613ca
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 00c0cd1bf9cf52e7bde092c7d8049c86363af17adf5f59a7a0ce1f829d32ad32
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 kXYzoXw-lptfSBuE.jpg:small
pbs.twimg.com/ext_tw_video_thumb/1499272024073465856/pu/img/ 80 KB
80 KB 430ms
426ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1499272024073465856/pu/img/kXYzoXw-lptfSBuE.jpg:small

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mic/9B34) /

Resource Hash

8e6ecb3407a8c377b1f33624297fbf26411570e968e5baee9a80bb9bebd59673

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:11 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length: 81838
x-response-time: 338
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/8 ext_tw_video_thumb/1499272024073465856
last-modified: Thu, 03 Mar 2022 06:32:40 GMT
server: ECS (mic/9B34)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 8557de465e5d4873
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 290c60f948fd0f69b818a9feb312b0e8bca53599f9b80f1a1f1030d33f52e636
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FJc_3cjaIAcrT69.jpg:small
pbs.twimg.com/media/ 67 KB
67 KB 237ms
233ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FJc_3cjaIAcrT69.jpg:small

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mic/9B17) /

Resource Hash

ad84d2a23089e4f99320ca315bbb2a32854eb80a908c02b44893436a46ab3f96

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:11 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length: 68455
x-response-time: 137
surrogate-key: media media/bucket/0 media/1483724824031928327
last-modified: Wed, 19 Jan 2022 08:53:38 GMT
server: ECS (mic/9B17)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 1d92f7c03ac03d7c
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7469935968
x-connection-hash: 07c88e3084fbf6a52228ea8a3d75f3cf736bfa2b999adb4165275b6f61eb4e95
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CDE8 0
0 252ms
120ms Fetch
image/gif 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 22:13:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame CDE8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe5ebf9669f439ee9e7acc611a740a48ffeadc84ab2cc02bbeee892930dbd22e

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVSBjbJD3iVC4luYx0fJ-Z8HAh_f-KwL8wjTZOiU7SfmC0II9rPXSFfCgvZvDE9DaCktFP9W2Zz-Ye-jpa74CnkKuoJMSYF4PZNVxTH3qvqppJdW7y8YPAF9jrLxx7-cI4D3NBwIA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uRWOrTvR3XkXZy8lpPPZiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Apr 2024 22:13:11 GMT
content-security-policy: script-src 'report-sample' 'nonce-uRWOrTvR3XkXZy8lpPPZiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1ZBiqGV4xtQKxE7pM1iDgFiIh-P742cb2AQ6TvTPYwQAypUMkA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://buhitter.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXoCizlG1c0ITBSeWk_EIRFjU-JlFs0N-Zh_ajILMm5CJBKKDucIXt5L_JrtPOf--6XDIRzToTluDWTilt7M_y80X4YyubwDAHkTVrbzfkPuLcnMUtmbH7YBRxhrVJLwKu5TBKgbg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 89ms
89ms Script
application/javascript 172.253.115.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXoCizlG1c0ITBSeWk_EIRFjU-JlFs0N-Zh_ajILMm5CJBKKDucIXt5L_JrtPOf--6XDIRzToTluDWTilt7M_y80X4YyubwDAHkTVrbzfkPuLcnMUtmbH7YBRxhrVJLwKu5TBKgbg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEyOTU5OTkxLDI5NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxNV0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYnVoaXR0ZXIuY29tL2F1dGhvci90YXBmYW50YXN5MjAyMSIsbnVsbCxbWzgsImd0eHZIVnJzQXR3Il0sWzksImVuLVVTIl0sWzE2LCJbMSwxLDFdIl0sWzcsIjEiXSxbMTEsIltdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXSxbMiwiW251bGwsW251bGwsMSxbMTcxMjk1OTk5MSwxNjkzNDIwMDBdXV0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f102.1e100.net

Software

ESF /

Resource Hash

5ad45ed1f840eff13adb6cec6a98824f71dc479ba2770f3a3aa63b33b71416ff

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-2Vmitc8n6ow8BmGEU-P0PA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:11 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-2Vmitc8n6ow8BmGEU-P0PA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmJw1JBiUAzbyXTy1m2mi0B83ukO03UgrmV4xtQKxAYaz5ksgFji60smNSCOeT6dNQWIndJnsAYAsU_9DNYoIG69eY51MhCfXHCe9SIQJ_07z1oAxEI8HN8fP9vAJvBi57yljACAxjHx"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
cs.adingo.jp/sync/ Frame CDE8 43 B
285 B 202ms
58ms Fetch
image/gif 44.194.254.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.adingo.jp/sync/?from=fluct_uid&id=6b02324e-d678-49ee-b003-45ba93a370ac
Requested by: Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.254.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-254-43.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pragma: no-cache
date: Fri, 12 Apr 2024 22:13:11 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CDE8 0
0 232ms
118ms Fetch
image/gif 142.251.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMkjy6AAYfRlUgcGPF66Dc9cNO4X6XkiBpvHNRh09wb6JmRmK8S7S2yA_UOK8TxSuEVFiKsj6vJ2bCOvdMsR68pKZZbIkCsVAnDHFeJmDoMOhx8I0Tq3jviv3oA8CEr1uWE4iptodfwTOqBEA-L5bJic7fyEaB_SvfKakJ2SEFe_j9oLcNAKJwtqCJyDPJIT3qDfB3ySaqmhLDvLtcmUQGJLAc1l3elQAxdGVPAEISbKv0JxjtIihkOvQcnDegRth2PHES_kgRs1KmDpqZQRq7DoVlYcF_C3CkremH-v40aamVl7TWmOF-lRA1uI03CYfT7tR5XwC4sxSWqlu5MF2o1IdVjs0Sdhbxl9YW6R_U_oGUtQVAS68rDwzMKrSqQevTZf-3H3XD0NQn&sai=AMfl-YQ3MU9mgy2FfKfieRwXpDQNvSc0hO82q5SWczztHyX6pGr0qpl3whVxAptG65o-GNan9JCjxa8DDIz732cXYP-iBNnbTJ8J9xWU8FB2LAmLFvWg_cNBpeTahj2cE2sa3Kxc51geS90UEJAvSsym7qgn&sig=Cg0ArKJSzGlYyG6pFselEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTIyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEyMiJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTIyIl1dLDBd&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 12 Apr 2024 22:13:11 GMT

POST
H3 204 AGSKWxWl1L5YDjARg6XB-0dvcpntdhDXBSctyj0bIYKElOKnTZlUpP2tM7BwTUUKgAmh8nrwCbq9oMyl-VXXYbPa3Fck1Ez4x5ZS0MTJuK9iwtKjui1PLQCaI4mosDRJXc9fQ489W3-SMg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 75ms
74ms XHR
text/html 172.253.115.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWl1L5YDjARg6XB-0dvcpntdhDXBSctyj0bIYKElOKnTZlUpP2tM7BwTUUKgAmh8nrwCbq9oMyl-VXXYbPa3Fck1Ez4x5ZS0MTJuK9iwtKjui1PLQCaI4mosDRJXc9fQ489W3-SMg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zaZvEAnxInPsjK0ulokKKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 12 Apr 2024 22:13:11 GMT
content-security-policy: script-src 'report-sample' 'nonce-zaZvEAnxInPsjK0ulokKKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0JBiqGV4xtQKxE7pM1iDgFiIh-P742cb2ARWbN5ynhEAywgM7A"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://buhitter.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
sh.adingo.jp/p/ Frame CDE8 3 KB
1 KB 762ms
319ms XHR
application/json 52.69.202.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sh.adingo.jp/p/?G=1000134479&href=https%3A%2F%2Fbuhitter.com%2Fauthor%2Ftapfantasy2021&R=&serial=53638898204625&guid=ON&api=2&protocols=2%2C3%2C5%2C6&mimes=application%2Fjavascript%2Cvideo%2Fmp4%2Cvideo%2Fogg%2Cvideo%2Fwebm&fluct_uid=6b02324e-d678-49ee-b003-45ba93a370ac&ch_pv=10.0.0

Requested by

Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.69.202.8 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-69-202-8.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

02d4bcf4290f05be6fa6dce59cdaa497defee5c2d70098c8a9a815e9f8763861

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 22:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 22:13:12 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://buhitter.com
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK button.856debeac157d9669cf51e73a08fbc93.js Show response
platform.twitter.com/js/ 8 KB
3 KB 37ms
35ms Script
application/javascript 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mic/9B5D) /
Resource Hash: 426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 22:13:11 GMT
Content-Encoding: gzip
Age: 1609712
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2620
Last-Modified: Mon, 11 Dec 2023 17:19:47 GMT
Server: ECS (mic/9B5D)
Etag: "fdf02dd038ed38dbf3c240d56262af0c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK follow_button.2f70fb173b9000da126c79afe2098f02.ja.html
platform.twitter.com/widgets/ Frame FDA9 0
0 35ms
34ms Document
text/html 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.2f70fb173b9000da126c79afe2098f02.ja.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mic/9B5D) /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://buhitter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1605669
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 14249
Content-Type: text/html; charset=utf-8
Date: Fri, 12 Apr 2024 22:13:11 GMT
Etag: "c991f3ffcb9c7623e2755ad4e86921b5+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:47 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mic/9B5D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
293 B 151ms
53ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fbuhitter.com%2Fauthor%2Ftapfantasy2021%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22https%3A%2F%2Fbuhitter.com%2Fauthor%2Ftapfantasy2021%22%2C%22language%22%3A%22ja%22%2C%22message%22%3A%22l%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1712959991573%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=63d8846fd55497dcdd4fba75f32488106f192fd8

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 6
date: Fri, 12 Apr 2024 22:13:11 GMT
strict-transport-security: max-age=631138519
last-modified: Fri, 12 Apr 2024 22:13:11 GMT
server: tsa_b
vary: Origin
content-type: image/gif
x-transaction-id: 93b30473ad72d242
cache-control: must-revalidate, max-age=600
perf: 7469935968
x-connection-hash: c9b9798289c79f355705e1f3e20c34c6637210a8861a49393af7991e20f86e55
content-length: 43

GET
H/1.1 200
OK 28632_600x500_026_n8.gif
img.fam-8.net/pic/124/ 984 KB
984 KB 1242ms
206ms Image
image/gif 202.210.188.70
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.fam-8.net/pic/124/28632_600x500_026_n8.gif
Requested by: Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.210.188.70 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software: Apache /
Resource Hash: 617dcf106e75852cef1920eb1c69683b572e30586c6c642edc6fb0fb4bcee528

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 22:15:54 GMT
Last-Modified: Mon, 11 Mar 2024 07:52:37 GMT
Server: Apache
ETag: "16314c8-f60f4-6135dd33adb40"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 1007860

GET
H/1.1 200
OK 27864_600x500_019.gif
img.fam-8.net/pic/124/ 1 MB
1 MB 1018ms
203ms Image
image/gif 202.210.188.70
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.fam-8.net/pic/124/27864_600x500_019.gif
Requested by: Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.210.188.70 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software: Apache /
Resource Hash: 40cbe058a0a79b49d27391f1b0be3eda2171fae634485b294a4ffd695a26a849

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 22:15:54 GMT
Last-Modified: Tue, 26 Sep 2023 05:51:02 GMT
Server: Apache
ETag: "16313e6-17e41d-6063ca8ea5d80"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 1565725

GET
H2 200 pmt.js Show response
dmp.im-apps.net/pms/r7RdVKlj/ 6 KB
2 KB 244ms
68ms Script
application/javascript 2600:141b:1c00:19::17c8:5823
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/pms/r7RdVKlj/pmt.js
Requested by: Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:19::17c8:5823 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6c2c43612b9e53467fbe9f5ee67c29533bb78dddbd66842a01193114d1dccd65

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: .uxXyX5lCDwpBVGcpPS7Nf3Xzhh245vK
content-encoding: gzip
date: Fri, 12 Apr 2024 22:13:12 GMT
last-modified: Tue, 24 Aug 2021 11:51:36 GMT
etag: "2af1afff2612b7de3cca7767700b4b41"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=3600
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 1994
expires: Fri, 12 Apr 2024 23:13:12 GMT

GET
H2 200 sync Show response
gum.criteo.com/ Frame CDE8 83 B
323 B 173ms
57ms Script
text/javascript 2620:100:a00b::12
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=167&r=2&gdpr=0&j=fluctAdScript.rtus_cb

Requested by

Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

7c57696af20d582384167efccfd020b3b57e7beed192600ebe0114b74c063086

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:12 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 705373
expires: 60

GET
H2 200 2.js Show response
pdn.adingo.jp/p/792ea09/lib/tpl/ Frame CDE8 10 KB
3 KB 64ms
64ms Script
application/javascript 108.139.47.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pdn.adingo.jp/p/792ea09/lib/tpl/2.js
Requested by: Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-12.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ded26fd1ccaa3a4456bbdf2e2528f29d879eec99cf318b062973e7a1ecd4e36

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:05:36 GMT
content-encoding: br
via: 1.1 dedf8f82a63be28fe4cc799f6c4bfc08.cloudfront.net (CloudFront)
x-amz-version-id: qQx6d_d_3oce0FQT7rFDTC3ZDKAk6Tb9
x-amz-cf-pop: JFK50-P1
age: 457
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2521
last-modified: Mon, 19 Feb 2024 05:05:12 GMT
server: AmazonS3
etag: "ecac6ddf3848b63047e413971eeec941"
content-type: application/javascript; charset=utf-8
cache-control: max-age=600, s-maxage=600, immutable
accept-ranges: bytes
x-amz-cf-id: SfL_d9qmxPI75tIdSx8zWHyoW_-9he1kFcS5-rldVqD8mtND-vwtww==

GET
H2 200 j Show response
j.zucks.net.zimg.jp/ Frame CDE8 8 KB
4 KB 219ms
62ms Script
text/javascript 108.138.128.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://j.zucks.net.zimg.jp/j?f=512731

Requested by

Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.128.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-128-123.jfk50.r.cloudfront.net

Software

Resource Hash

fabc494f98771bc638580a4415ff3c9af16388bce34ee98a3e469764e9667ede

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Apr 2024 22:11:02 GMT
via: 1.1 7f9c24c13cc1a16d2c6ea3097e4958fa.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P4
age: 109
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
p3p: CP='NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA'
x-amz-cf-id: 1K4mIz3w-SaPJfEMv7LqcV2sdyppuEmyloZeEYixEXLeUQ8A-pxWUw==
expires: Fri, 12 Apr 2024 22:16:22 GMT

GET
H2 200 / Show response
i.adingo.jp/ Frame CDE8 43 B
408 B 641ms
206ms Fetch
image/gif 43.206.43.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.adingo.jp/?p=2kE-DxcJwvJsvtDxR-lRN5ylawXTM_TqTfuCVNJ_374Ndznb5ToSwFak9WjyPMfto25__3m1JyjRN8-Uyc_Gnbd9E_CiLFc42w-yLdY_guqJfWxUzMxVcEauikP3--jqlq3rAjZmwoLJgLzYam8Ty9_Sv1pC1GnKwI7znHaAlg9gom6bj4Ifv-ozmHS979h2S89oQn8iMJKg0gvUkYNW2E6UP_hmSvJmQEjwevunUglPGhViAI8rfq0BIhIcd_Z3nuGjrHnYw4MMqgwl1eDGMHmBIph7mPph72_kHdJsNT8JFs9YqhA_qNh8btD1rdX2dEymONDnq0_vdX6LNv80IMAAwNGHHeOrjiZcg21jrSMUGEqkJ_CX6d-fB6sbqTvFT6RxEIsR8IMeCQ..&k=3&v=Y4txrqp4mUP_H2qg
Requested by: Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.206.43.189 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-206-43-189.ap-northeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 22:13:12 GMT
server: openresty
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 43
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 close.svg
pdn.adingo.jp/asset/ 668 B
1 KB 63ms
62ms Image
image/svg+xml 108.139.47.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdn.adingo.jp/asset/close.svg
Requested by: Host: buhitter.com
URL: https://buhitter.com/author/tapfantasy2021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-12.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f49c5525fcd7050780d3286acf4fc0c1868db2543038791f7c0de838788867cf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 18:04:08 GMT
x-amz-version-id: 7qBAwFuOoHzgELydSqd2hmdq7ZZs2PZj
via: 1.1 dedf8f82a63be28fe4cc799f6c4bfc08.cloudfront.net (CloudFront)
last-modified: Mon, 19 Feb 2024 05:05:14 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
age: 14945
x-amz-server-side-encryption: AES256
etag: "2a92048396f5f7ce7cf36f6049b46107"
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 668
x-amz-cf-id: Iw97NnuhA2en5jf4vLjdGq6Y1KNWLE6Viu8rT5XTT_0t5-uE5ZhjoA==

GET
H2 200 / Show response
cs.adingo.jp/sync/ Frame CDE8 43 B
284 B 58ms
58ms Fetch
image/gif 44.194.254.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.adingo.jp/sync/?from=criteo_rtus&id=WKVIZlVosGGUuP0qES_QNDiLcGuWWJD3
Requested by: Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.254.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-254-43.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pragma: no-cache
date: Fri, 12 Apr 2024 22:13:12 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ 7 KB
3 KB 69ms
68ms Script
application/javascript 2600:141b:1c00:19::17c8:5823
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/pms/r7RdVKlj/pmt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:19::17c8:5823 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: af9d723d4c621600964048ddded8d311960ded0483d2293f279d708497cb6e65

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 4dMO94qwEHYQtvUAVFuyqQQu4HVB2tjC
content-encoding: gzip
date: Fri, 12 Apr 2024 22:13:12 GMT
last-modified: Thu, 11 Apr 2024 07:42:11 GMT
etag: "72e16b9479224b45c74655a798f93cb8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=2475
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2699
expires: Fri, 12 Apr 2024 22:54:27 GMT

GET
H/1.1 200
OK segment Show response
sync6.im-apps.net/ 35 B
318 B 452ms
229ms XHR
application/json 2600:141b:1c00:22::1730:e06f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sync6.im-apps.net/segment?token=X19pbV9zaWRzMg
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/pms/r7RdVKlj/pmt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:22::1730:e06f Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 16c53d5f9adafc9a00083e1cbd987e8087e7f1dcea1baf2867d9861c873bbd70

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 22:13:12 GMT
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://buhitter.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 35

GET
H/1.1 200 v1 Show response
sh.zucks.net/opt/multi/json/api/ Frame CDE8 670 B
2 KB 878ms
210ms XHR
application/json 3.115.171.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sh.zucks.net/opt/multi/json/api/v1?f=512731&rnd=641890632&sw=1600&sh=1200&touch=0&num=5&ref=https%3A%2F%2Fbuhitter.com%2Fauthor%2Ftapfantasy2021&chm=&chpv=10.0.0

Requested by

Host: j.zucks.net.zimg.jp
URL: https://j.zucks.net.zimg.jp/j?f=512731

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.115.171.164 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-115-171-164.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

5064db5bd21b03a99d31a95335d723533bf7decda7c310b41303f8e945c6b81d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
Date: Fri, 12 Apr 2024 22:13:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 12 Apr 2024 22:13:13 GMT
vary: accept-encoding
transfer-encoding: chunked
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://buhitter.com
P3P: CP='NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA'
Cache-Control: no-cache, must-revalidate, no-cache="set-cookie"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ 10 B
171 B 294ms
207ms XHR
application/json 2600:1901:0:e207::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=6837&vid=01HVA5YCP4045PJKQ1SGX5AGC9
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:e207:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://buhitter.com
date: Fri, 12 Apr 2024 22:13:12 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H/1.1 200
OK / Show response
k.zucks.net/i/ Frame CDE8 2 B
741 B 855ms
207ms XHR
application/json 3.112.148.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://k.zucks.net/i/?k=ZGOK&p=Fdinj9qm43MJhnat1QsDyCwVJqo_ESToZBLPVE_oXh4-Jqmb3jtvj3arzPgkAcXaeW9wgBOc7V5pRZO-3-sChfHhuVcotXZNsxAQSxB56EQ8kZt6dT-AoKRx0k9SdBTAwzHVsv5nlwoP0Frg8vFQseOcktQxd3L6W0oHp3giPS7zuFRzS1pcIj2OKlaSpsoDh1mJPUmHizWnvQqTr9YxSQ6SA_tGCq6kgDaTGxys3N29pTkbaDj5y1S8BO5E2DA9OI3mR5SpHXC6BarAOPdaGoIsi_eSDHCisJFJEaoG7x-EQzx7JnMnKu8k9KO8rp9naqWeEYAvPmcIRIc6HkolA6_pEvs27yCAXlYaPSXKLMRVAqZTswMiAEFaYxtWbz-aYiLND51K82p5mjqyx0JAlv-P_Bs7bALj3eSDNUxLZXgevxn2rGdchLqX_CB_BMj9HBScBV5ljgWghNm2Yunns4y1cqQQHPKDRZd7LORECFVZVRrF5he76eRaKY6CIdEdDsNLp8ms5RvElOPWjs0j5GsA9zqEXFMt_wO_xmZih5o6jwTI_sOskcAUB1eFZqxX&v=l_H5TJrVCps

Requested by

Host: j.zucks.net.zimg.jp
URL: https://j.zucks.net.zimg.jp/j?f=512731

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.112.148.137 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-112-148-137.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
Date: Fri, 12 Apr 2024 22:13:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 12 Apr 2024 22:13:14 GMT
Server: nginx
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: https://buhitter.com
P3P: CP='NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA'
Cache-Control: no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 2
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 144ms
143ms XHR
application/json 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202404090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404090101/pubads_impl.js?cb=31082679

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

5ef663028c0622e486f92146284c26dad38fea4c143854334b746f7a538f338e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12355
x-xss-protection: 0

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 92ms
92ms Image
text/html 142.250.72.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=1295294475&rv=44a0&u=AAAAAAAI&h=Ag&gtm=45He44a0v811964994za200&ccid=11964994&cid=GTM-WH4L999&l=L1441.S7.Y6.B22.E6294.I4070.EC5.TC3.HTC0~gtm.init.S0.V0.E19~gtm.js.S1.V0.E2075.TS5ua.TI1.TE3.TS5googtag.TI10.TE8.TS5lcl.TI11.TE0~gtm.dom.S0.V0.E26~gtm.load.S0.V0.E1~gtm.init_consent.S2.V1.E21

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.104 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:15 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 favicon.ico
buhitter.com/ 5 KB
956 B 47ms
47ms Other
image/x-icon 2606:4700:20::ac43:45d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buhitter.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18ec85fba587a55f802b52fd4f141f38f6683f6c456d2b0f4b5ce0292a1e3de4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/author/tapfantasy2021
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 21 Jan 2024 10:27:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4906
etag: W/"65acf187-1536"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZPB30NKkUjFB%2BamoMtRrqeu%2BZTGHtMNqgBk%2Bq6XOjIueMVs3xnDN5YpDFyvLnI0ValrYb8ehv2lqozEi4P90r2AlVKXpEqjlD5SlVCXHbhA4zEUf5%2FGGtVztkQ57LhZl89TNa%2BsS2kLoIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 87369001dab47421-MIA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 237ms
90ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404090101/pubads_impl.js?cb=31082679

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 22:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 12 Apr 2024 22:13:15 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 26CD 0
0 196ms
63ms Document
text/html 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://buhitter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 331859
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Apr 2024 02:02:16 GMT
expires: Wed, 09 Apr 2025 02:02:16 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 8DB0 0
0 184ms
73ms Document
text/html 142.251.163.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.104 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f104.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ip1W-PMcLoMc0XV9-68A_A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://buhitter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Ip1W-PMcLoMc0XV9-68A_A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 12 Apr 2024 22:13:15 GMT
expires: Fri, 12 Apr 2024 22:13:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 64ms
64ms Ping
text/plain 172.253.62.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-74YKYKK7PB&gtm=45je44a0v886998702za200&_p=1712959988465&gcd=13l3l3l3l1&npa=0&dma=0&cid=89834220.1712959989&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEI&_s=2&sid=1712959989&sct=1&seg=0&dl=https%3A%2F%2Fbuhitter.com%2Fauthor%2Ftapfantasy2021&dt=tapfantasy2021%E3%81%95%E3%82%93%E3%81%AE%E3%82%A4%E3%83%A9%E3%82%B9%E3%83%88%E3%81%BE%E3%81%A8%E3%82%81&en=ad_impression&ep.query_id=CKrC653ZvYUDFQOJywEdbd4DAQ&_et=2023&tfd=9068
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-74YKYKK7PB&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.62.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bc-in-f139.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 22:13:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhitter.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202404090101&jk=3796427455065397&bg=!BgWlBUrNAAbi8lI9wvI7ADQBe5WfOAEl7iaL8A5Y00_1oFA8_pPbo50l7WVJN5eAWBBAqDy3Vn-ZM0gT6Y4iucun0tWrAgAAAE5SAAAABWgBB34ANUZ6TLUz9vYLVjoXm_HJwzAs4P-Qej9BsyzyQcoHT7t6B3RBbw2Sk_TmVC47mJrI8nh7OMtOmQKgLd4uosQCRR6icV_lYdyItHzR1NOAuJIe9k7G_Wnq9ljpAXM6snt3t6Bi8dH3dq7LrlskTImrRh5Rf4l7Sr-EijPhHEBcv5_uuUzxnyzZ-cJz59gp0GCyuBQuh85bk3fdBrbILxdvOUtVZvsgeAkRooQrosY5SXDBMOSQvTghTm9OXN-zbbdJpWW4NZ_yQTVDdw80NTFEdayKI2zQUCNjsMf_PV114UzQylXBu-wt3u4GBluI0-RKIem7Dxg5neM1IW8rNNUasun-ovYE5HqFaXw7I3nx3KFCD5KI8BPrfl7k1JRCL4IuQX-afZDZJWkz7NaE_cTYe5ibTQACc5i1aIW4SHWeuEc6dsCbjObObmSCHRba6W-m8r6F7xuwPGSszCiOdhHnVyCFW7jCj3sCjeTnINoYbxo6_4ATiWsjSyVy2ZfdJ0-t6G1FKpE25lOkxI53zs2Th1yhFrw_1la0HJ7wWbwKr30nhl_mFOAC5x-rG1BXxu8dErKcktlmwqLDYoiigxfXQAZq-5TMcaePOIA84peUdJQbXFqfxLqi6YXtd66cYeD4Rh6AjxPK69Y5q3AhySfxI6cB9LQ5EIuScRy4wiWHS6SuJsblmsIkCJEwhczDWqbvOjOlHRTSZM25BTeI4GjsVkedCtwBRwSLz2rHY0XCpFmRbYAz-gAgb3iAbf-kV3lkRcJgv0sYd2A5sysy6MxYZpBK2rqOJiYdYSNuD9Y-JLVdTdQ53f1IxziyZMtuRl_hnrkUrTdUv1721rfUBbTCvNpw-F5FXN_aFbr3XwoV-hU7MJlVpoUB5z01o-_OfiAV7GYxTZMx053MUCxEnp2gkC9Zfc7S8H4hBTkkUj2j7RshDQhB7VNhqzbkQsmikS7vJnGXBFR1BWUg

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
buhitter.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 09evupteeg7ol605cdc3s7u0v6
.buhitter.com/	1970-01-21 05:25:19	Name: _ga Value: GA1.2.89834220.1712959989
.buhitter.com/	1970-01-20 19:50:46	Name: _gid Value: GA1.2.22488436.1712959990
.buhitter.com/	1970-01-20 19:49:20	Name: _gat_UA-115935434-1 Value: 1
.criteo.com/	1970-01-21 05:10:55	Name: uid Value: d4d24ee4-1250-4bc0-8402-7f0971e88ea8
.criteo.com/	1970-01-21 05:10:55	Name: receive-cookie-deprecation Value: 1
.buhitter.com/	1970-01-21 05:10:55	Name: __gads Value: ID=f1d9584962bd92d3:T=1712959990:RT=1712959990:S=ALNI_MZHhuBBc0ddMQdy-ENamhVCj8elMA
.buhitter.com/	1970-01-21 05:10:55	Name: __gpi Value: UID=00000ddd9b4d6430:T=1712959990:RT=1712959990:S=ALNI_Mbu8cbHb5Ud9vYe3lkDuBSFzFs-XQ
.buhitter.com/	1970-01-21 00:08:31	Name: __eoi Value: ID=29c1a55e756c0bc9:T=1712959990:RT=1712959990:S=AA-AfjZqDiaH-Yr62bfd5e7dCK3p
.buhitter.com/	1970-01-21 05:10:55	Name: cto_bundle Value: w9gBLF9mOUs5RjRtbDgzUHhYV1FudXglMkZ5ckxxdVZaM3F0T3VlUHNUT2Q0c29EcCUyRkhyR3dKdTJVYVRkSUFYQzl1eEdRekh1OEV0NktNJTJCMFplVzVIJTJGRDE0QkJrc096ZmQlMkZtSDBlVm1IVVdlRThPWDN1V0V5ZWpub0NaQW1qOHFJJTJCRzh2TENBcTFTTWd5djdNODV5eFN4VXRYRnclM0QlM0Q
.buhitter.com/	1970-01-21 05:25:19	Name: _ga_74YKYKK7PB Value: GS1.1.1712959989.1.0.1712959991.0.0.0
.doubleclick.net/	1970-01-21 05:25:19	Name: IDE Value: AHWqTUmxoL500WfsTygXMXTCI-WSPuUgGS01W6vETKqePE390ZYFO6rHX1ZA4W-3VPw
.buhitter.com/	1970-01-21 04:34:55	Name: FCNEC Value: %5B%5B%22AKsRol9ya04F3cO_YWLCTlTu8-kfEOQygRQFdDhkTBX0YXmACsIbBG1WKQI9bflETfeujUz2lgBY76G-mBwyt8iJf-CfanR0nUoLp1w5XTukAFMmpPxz-U9X7_-jHLlIssm85ClbiwIZ3859zsKJ36UtLz62nitlHQ%3D%3D%22%5D%2Cnull%2C%5B%5B5%2C%22259%22%5D%2C%5B2%2C%22%5Bnull%2C%5Bnull%2C1%2C%5B1712959991%2C169342000%5D%5D%5D%22%5D%5D%5D
.fam-8.net/	1970-01-20 21:58:55	Name: uid Value: admx8ed45db3b6x00a
fam-8.net/	1970-01-20 21:58:55	Name: _imps Value: 35111%2C7444%2C0%2C35111%2C13894%2C145075%2C0%2C0%2C1530%2C1712959894%2C%2C%2C%2C0%2C%2C%2C0
sh.adingo.jp/	1970-01-21 00:08:31	Name: receive-cookie-deprecation Value: 1
.buhitter.com/	1970-01-20 20:32:31	Name: _im_vid Value: 01HVA5YCP4045PJKQ1SGX5AGC9
.adingo.jp/	1970-01-21 04:34:55	Name: ID Value: a9b77915a8380a17ea519523f0afe1e8
sh.zucks.net/	1970-01-20 19:49:23	Name: AWSELBCORS Value: 41A171131E9B8C939F7087DC96908658B57851A86484F8DD0F0ED9CABA7F99F6ED1A8F8B6D3D3DA96CA147FD9413E530BD856ABCD3E98CDDF7244862B1D94364484DF66193
.zucks.net/	1970-01-21 04:34:55	Name: ID Value: 6b53da09a1a56c80f6bd79de5374eee8

21 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://fam-8.net/ad/js/fam8-tagify.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://fam-8.net/ad/js/pjs-1.0.3.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://fam-8.net/ad/js/fam8-tagify.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://fam-8.net/ad/js/pjs-1.0.3.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://buhitter.com/author/tapfantasy2021 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/tapfantasy2021 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/tapfantasy2021 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/tapfantasy2021 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/tapfantasy2021 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/tapfantasy2021 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/tapfantasy2021 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/tapfantasy2021 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/tapfantasy2021 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/tapfantasy2021 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/tapfantasy2021 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/tapfantasy2021 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	URL: https://pdn.adingo.jp/p.js(Line 14) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://buhitter.com/author/tapfantasy2021 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/tapfantasy2021 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/tapfantasy2021 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/tapfantasy2021 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/tapfantasy2021 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/tapfantasy2021 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

657f9fbbc6288fc2b562b47f46b6592f.safeframe.googlesyndication.com
audiencedata.im-apps.net
buhitter.com
cdn-fluct.sh.adingo.jp
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
code.jquery.com
cs.adingo.jp
dmp.im-apps.net
fam-8.net
fundingchoicesmessages.google.com
gum.criteo.com
i.adingo.jp
id5-sync.com
img.fam-8.net
j.zucks.net.zimg.jp
k.zucks.net
pa.adingo.jp
pagead2.googlesyndication.com
pbs.twimg.com
pdn.adingo.jp
platform.twitter.com
securepubads.g.doubleclick.net
sh.adingo.jp
sh.zucks.net
stackpath.bootstrapcdn.com
static.criteo.net
stats.g.doubleclick.net
sync6.im-apps.net
syndication.twitter.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
pagead2.googlesyndication.com
104.18.10.207
104.244.42.136
108.138.128.123
108.139.47.12
142.250.72.104
142.250.80.98
142.251.163.104
142.251.163.147
142.251.167.154
162.19.138.120
172.253.115.102
172.253.62.139
18.164.96.49
202.210.188.70
202.231.228.162
2600:141b:1c00:19::17c8:5823
2600:141b:1c00:22::1730:e06f
2600:1901:0:e207::
2600:9000:2511:4e00:a:e047:753:eb41
2606:2800:220:1410:489:141e:20bb:12f6
2606:2800:220:de:468:2285:c1:4a3
2606:4700:10::6816:3456
2606:4700:20::ac43:45d6
2607:f8b0:4004:c07::61
2607:f8b0:4004:c07::65
2607:f8b0:4004:c17::84
2607:f8b0:4004:c1b::9d
2607:f8b0:4004:c1d::9c
2607:f8b0:4006:80d::2001
2607:f8b0:4006:817::200e
2620:100:a00b::12
2620:100:a00b::4
2a04:4e42::485
2a04:4e42::649
3.112.148.137
3.115.171.164
43.206.43.189
44.194.254.43
52.192.231.173
52.69.202.8
001fca0c70a55362c8ae8e33ac675fe8e5054439537b10ae75de374cd5a68f07
02d4bcf4290f05be6fa6dce59cdaa497defee5c2d70098c8a9a815e9f8763861
04b9e1a2ef56744437270b940a845670b47b4c7cf98727e7e686bfb3563ffaba
07eff9d9f81261e700e6812c2a47f189153f25c1d5bbc8c78af811e4d567a10f
0ded26fd1ccaa3a4456bbdf2e2528f29d879eec99cf318b062973e7a1ecd4e36
16c53d5f9adafc9a00083e1cbd987e8087e7f1dcea1baf2867d9861c873bbd70
16eef82325d88bccb3f09d34d6155a3ee890edfdb479d44264212b5d5eca1af9
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
17dea17b56145e2aa33bc06e9344a16f4542b39c1d9dc9fa5cd1b74a030eaa12
18ec85fba587a55f802b52fd4f141f38f6683f6c456d2b0f4b5ce0292a1e3de4
2118fb2f05909732033e80475dd50ebcc81b3420cb49596f453734dada45c3f4
2462a17ca3eeea7ab9eaed50eaa069a5f632c6238ba46194a790454283ae0e91
281c48aadf7418c3bcea2472a4f8b7d54f75ed7a07202a289bb0442cbb0652f3
3486e75cbcec83fac64b744262840c0cf45746e11e15b158b652bc451c849ab7
34d95e4dcbbfb3cad000498a264a8b43139df66add80e8c3dd8ecb528598f2a7
34ec28d4a67e1e34f833bc05f45967c00703513aa17e10d3dc2cbe29bc6f3e7c
40cbe058a0a79b49d27391f1b0be3eda2171fae634485b294a4ffd695a26a849
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4bd55f89acdfd8dda416b2e6e81c302be408e8a03b9ff2f5b43f1262604cf395
5064db5bd21b03a99d31a95335d723533bf7decda7c310b41303f8e945c6b81d
5ad45ed1f840eff13adb6cec6a98824f71dc479ba2770f3a3aa63b33b71416ff
5bbab6fe881d24cb23d6a752456c99dbefaf2a70271643cadcae675f954d31af
5eb45395b7387746fa724be3708c89c24c68faae4d4b496c05df228d7c2d4dfd
5ef663028c0622e486f92146284c26dad38fea4c143854334b746f7a538f338e
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
617dcf106e75852cef1920eb1c69683b572e30586c6c642edc6fb0fb4bcee528
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61efc1491b680ee5e010e68ed2aad215ded25c971dbf33aaa9b2bf185c665294
6c2c43612b9e53467fbe9f5ee67c29533bb78dddbd66842a01193114d1dccd65
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
7a05f4196ba06d48b47b4241117ad1c3f87551581248a97e32c7d1ca8e49f9b1
7c57696af20d582384167efccfd020b3b57e7beed192600ebe0114b74c063086
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
83c5190536a91c27cb47ff9d671f0e992cd9328ed13913920653a9c65140d580
84e4c7552adf4a55c4c8fa9c54c805e0ff1ce77bf567c48e9ecb05cfb029acce
86785598d392b7a39e2c2b357f761e46818a60af630699936b50f02df5cd6331
8e6ecb3407a8c377b1f33624297fbf26411570e968e5baee9a80bb9bebd59673
8fa4744814b9ea3f31015b20d557d4c678538cc4e076c874b17ba5f9ea2f4c07
95c10c2438d1a4bbd006158af7cd0ee59862d45f62f67afe882f9e70e80d3964
96de07008c0ca2aed243c22da32f3c2f9c52e639185532415e7e28bea101b598
9ce36a5c23014e57122d7997692e9863b532d08d7e21d227e1184099a5666be2
9e833c2bb524b75edd90f3203dca8b9ccad32cd0c897b397bcee372728046a05
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad01ddd67a80bc0e796393526298c69c2c38fbe1ede7bb1bb5cd4849d7f914b2
ad84d2a23089e4f99320ca315bbb2a32854eb80a908c02b44893436a46ab3f96
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af1756f799fa1cf1e916300956ffdf5702fa3c5abc2c420d12fbe249b2362bd6
af76304e8c2f6cb158291d8cceec670c4d1b0fbb99ff8d3533f88642f879f2a4
af9d723d4c621600964048ddded8d311960ded0483d2293f279d708497cb6e65
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d13203aa68df6fe5ff66a22d425616d1938aff5ccb21cc989057982c445ebe
baa0c25300b8db270e586913b57e51bcf0a699ee181260e98b813dc19a80abc2
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bee02aac0680dd00a14380f278998f7db132ce2677089d556f2b0048f4506d94
cb4a74e29ce3f2b79bc52bb09421f350bb2caaa9b8abe92b92bbaabc9ce68410
d6d0cdd93a3211b3770f16ed7a3a70cfe1aa1fd67f50f50bf64a1014abe9efb3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3a9ac32738ca953e7782d30e93ccb6ae2fb36db13e56e9bbf05598823a62a2
ef12a23dc3bbbaa9c5f6eebd72c63b5d37a345b118ad3eaca646c9fc4c549991
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b8a30a607a371a8f449eb9fb3257896abda2f1eec2b6dd521bea8e9b17ff90
f28454ecc4cd5778641a83872fbb4563ebb174e86c5a5581d0dd6e7b1c0d523c
f49c5525fcd7050780d3286acf4fc0c1868db2543038791f7c0de838788867cf
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fabc494f98771bc638580a4415ff3c9af16388bce34ee98a3e469764e9667ede
fc2794671f0e81bf218b0f513ebf416057e6255e3e510e7cbfdc8ea591618f95
fcc2733b5755b770b14adf00b06fc30a08cb9d562e3329dd895dc2b47e057783
fe17e70b190a001b79a66fa7b55d2dbac42a25b2fd575f72cf3e1470a9c40161
fe5ebf9669f439ee9e7acc611a740a48ffeadc84ab2cc02bbeee892930dbd22e

buhitter.com Open in urlscan Pro 2606:4700:20::ac43:45d6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

94 Requests

99 %HTTPS

48 %IPv6

20 Domains

35 Subdomains

41 IPs

4 Countries

4794 kBTransfer

6502 kBSize

20 Cookies

23 Outgoing links

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

buhitter.com Open in urlscan Pro
2606:4700:20::ac43:45d6 Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

99 %
HTTPS

48 %
IPv6

20
Domains

35
Subdomains

41
IPs

4
Countries

4794 kB
Transfer

6502 kB
Size

20
Cookies

94 HTTP transactions
3 data transactions