ptlofentertainment-bg.fun Open in urlscan Pro
94.46.171.91  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response ptlofentertainment-bg.fun/	284 KB 91 KB	276ms 172ms	Document text/html	94.46.171.91 ALMOUROLTEC
General Check archive.org Show headers Download Go to Full URL https://ptlofentertainment-bg.fun/?hash=a447-6209-dc7c-0cbd&gclid=testfreelancer2808 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 94.46.171.91 , Portugal, ASN24768 (ALMOUROLTEC, PT), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash e79afd015da61f726c324f9ee3135684b2772e3c7f92e4bb9bec66afad6be6e5 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Wed, 28 Aug 2024 15:39:46 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Apache/2.4.41 (Ubuntu) Transfer-Encoding chunked Vary Accept-Encoding
GET H2	200	css2 fonts.googleapis.com/	7 KB 1 KB	256ms 89ms	Stylesheet text/css	172.217.23.106 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Inter:wght@400;700;900&display=swap Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.106 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f10.1e100.net Software ESF / Resource Hash 5a0362536f9d15b3a844618848255e30c2c78cd7455a61df49a5cde08a27efcc Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://ptlofentertainment-bg.fun/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 28 Aug 2024 15:39:46 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 28 Aug 2024 13:54:37 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 28 Aug 2024 15:39:46 GMT
GET H2	200	loading.svg storage.googleapis.com/creativities_assets/ptlofentertainment-bg.fun/a447-6209-dc7c-0cbd/images/	3 KB 4 KB	406ms 228ms	Image image/svg+xml	142.250.184.251 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/creativities_assets/ptlofentertainment-bg.fun/a447-6209-dc7c-0cbd/images/loading.svg Requested by Host: ptlofentertainment-bg.fun URL: https://ptlofentertainment-bg.fun/?hash=a447-6209-dc7c-0cbd&gclid=testfreelancer2808 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.251 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f27.1e100.net Software UploadServer / Resource Hash 0dfecf019f6a9aa84780099d0bd9a2d1d2979da473d7f1b9879c7b07c67f56fa Request headers Referer https://ptlofentertainment-bg.fun/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 28 Aug 2024 15:39:46 GMT x-guploader-uploadid AHxI1nN36O71WkTd-dzMOSQp4k7UKN6zP8fmpbJMT_kxjmi1X-Xky7JBLsbjIEjd8Q17gAtNZK9SFqffPA x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3314 last-modified Fri, 21 Jun 2024 12:30:50 GMT server UploadServer etag "6b8c91d8ace20ab65ace7070d025e4a3" x-goog-generation 1718973050942778 content-type image/svg+xml x-goog-hash crc32c=K47ntQ==, md5=a4yR2KziCrZaznBw0CXkow== cache-control public, max-age=3600 x-goog-stored-content-length 3314 accept-ranges bytes expires Wed, 28 Aug 2024 16:39:46 GMT
POST H/1.1	200 OK	m.php ptlofentertainment-bg.fun/p/	4 KB 4 KB	149ms 149ms	Ping application/json	94.46.171.91 ALMOUROLTEC
General Check archive.org Show headers Download Go to Full URL https://ptlofentertainment-bg.fun/p/m.php Requested by Host: ptlofentertainment-bg.fun URL: https://ptlofentertainment-bg.fun/?hash=a447-6209-dc7c-0cbd&gclid=testfreelancer2808 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 94.46.171.91 , Portugal, ASN24768 (ALMOUROLTEC, PT), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash 0f85db33482dd25dc87df2e8f3d037a28f40b62d253a8e8983b2b919baa91606 Request headers Referer https://ptlofentertainment-bg.fun/?hash=a447-6209-dc7c-0cbd&gclid=testfreelancer2808 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundaryYTpacnsJrH5eYEAj Response headers Pragma no-cache Date Wed, 28 Aug 2024 15:39:46 GMT Server Apache/2.4.41 (Ubuntu) Transfer-Encoding chunked Content-Type application/json Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Keep-Alive timeout=5, max=99 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	hotjar-3915799.js Show response static.hotjar.com/c/	11 KB 5 KB	283ms 118ms	Script application/javascript	18.239.94.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-3915799.js?sv=6 Requested by Host: ptlofentertainment-bg.fun URL: https://ptlofentertainment-bg.fun/?hash=a447-6209-dc7c-0cbd&gclid=testfreelancer2808 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.94.121 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-94-121.ams1.r.cloudfront.net Software / Resource Hash 6d091e7ab5c64ead18017432dfaa112971288a5afe4388db89067f0442a8cfed Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://ptlofentertainment-bg.fun/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 28 Aug 2024 15:39:46 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 c00e79984dfec6a6601fb861a1d8d5e8.cloudfront.net (CloudFront) x-amz-cf-pop AMS1-P3 etag W/0ec4374364f0af51cbed132f1ed84c8f vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=60 x-cache-hit 1 cross-origin-resource-policy cross-origin x-amz-cf-id RqaAidqDvwOoVEzQ2vWzIndm8F9wDMH8G7tpZ5PCOcl1PR5H18e9Sg==
GET H2	200	arrow.png storage.googleapis.com/creativities_assets/ptlofentertainment-bg.fun/a447-6209-dc7c-0cbd/images/	1 KB 1 KB	202ms 202ms	Image image/png	142.250.184.251 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/creativities_assets/ptlofentertainment-bg.fun/a447-6209-dc7c-0cbd/images/arrow.png Requested by Host: ptlofentertainment-bg.fun URL: https://ptlofentertainment-bg.fun/?hash=a447-6209-dc7c-0cbd&gclid=testfreelancer2808 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.251 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f27.1e100.net Software UploadServer / Resource Hash 3cf4de33a19fd7f034f51f4518d46c308ef453ca2cb9958484b74939b6df3326 Request headers Referer https://ptlofentertainment-bg.fun/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 28 Aug 2024 15:39:46 GMT x-guploader-uploadid AHxI1nO9UbOmcmuR7PlgXmnwrWEMEsesiFWKKPcm1HHenQtXXZGR2s-fEB_QHP8z7itnV_bvKeL9MDRTww x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1122 last-modified Fri, 21 Jun 2024 12:30:50 GMT server UploadServer etag "d2e51cfa5c1bba69d33dbb59f03442da" x-goog-generation 1718973050258644 content-type image/png x-goog-hash crc32c=n/c4vg==, md5=0uUc+lwbumnTPbtZ8DRC2g== cache-control public, max-age=3600 x-goog-stored-content-length 1122 accept-ranges bytes expires Wed, 28 Aug 2024 16:39:46 GMT
GET H2	200	UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 fonts.gstatic.com/s/inter/v18/	47 KB 48 KB	244ms 78ms	Font font/woff2	142.250.185.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;700;900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f3.1e100.net Software sffe / Resource Hash f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ptlofentertainment-bg.fun User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 13:58:37 GMT x-content-type-options nosniff age 92469 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48444 x-xss-protection 0 last-modified Mon, 29 Jul 2024 22:51:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 27 Aug 2025 13:58:37 GMT
POST H/1.1	200 OK	m.php Show response ptlofentertainment-bg.fun/p/	4 KB 4 KB	693ms 606ms	XHR application/json	94.46.171.91 ALMOUROLTEC
General Check archive.org Show headers Download Go to Full URL https://ptlofentertainment-bg.fun/p/m.php Requested by Host: ptlofentertainment-bg.fun URL: https://ptlofentertainment-bg.fun/?hash=a447-6209-dc7c-0cbd&gclid=testfreelancer2808 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 94.46.171.91 , Portugal, ASN24768 (ALMOUROLTEC, PT), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash 0f85db33482dd25dc87df2e8f3d037a28f40b62d253a8e8983b2b919baa91606 Request headers X-NewRelic-ID VQ8FVF5TARABUlhaBggDX1YF tracestate 1925809@nr=0-1-1925809-1835019493-fab6ddf426fb95e9----1724859586578 traceparent 00-e337a6fd6ab254e7eae10c4e52305257-fab6ddf426fb95e9-01 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 newrelic eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE5MjU4MDkiLCJhcCI6IjE4MzUwMTk0OTMiLCJpZCI6ImZhYjZkZGY0MjZmYjk1ZTkiLCJ0ciI6ImUzMzdhNmZkNmFiMjU0ZTdlYWUxMGM0ZTUyMzA1MjU3IiwidGkiOjE3MjQ4NTk1ODY1Nzh9fQ== Content-Type application/x-www-form-urlencoded; charset=UTF-8 Accept */* Referer https://ptlofentertainment-bg.fun/?hash=a447-6209-dc7c-0cbd&gclid=testfreelancer2808 X-Requested-With XMLHttpRequest Response headers Pragma no-cache Date Wed, 28 Aug 2024 15:39:46 GMT Server Apache/2.4.41 (Ubuntu) Transfer-Encoding chunked Content-Type application/json Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Keep-Alive timeout=5, max=100 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa25L7SUc.woff2 fonts.gstatic.com/s/inter/v18/	73 KB 73 KB	300ms 152ms	Font font/woff2	142.250.185.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa25L7SUc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;700;900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f3.1e100.net Software sffe / Resource Hash 48f540fb71166bf65a0fe187a71fad500c43143d3e2e42038f527e38c786e90f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ptlofentertainment-bg.fun User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 13:55:40 GMT x-content-type-options nosniff age 92646 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 74328 x-xss-protection 0 last-modified Mon, 29 Jul 2024 22:47:10 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 27 Aug 2025 13:55:40 GMT
POST H/1.1	200 OK	api.php Show response ptlofentertainment-bg.fun/libraries/EMB/APIRO/	201 B 540 B	2494ms 2407ms	XHR application/json	94.46.171.91 ALMOUROLTEC
General Check archive.org Show headers Download Go to Full URL https://ptlofentertainment-bg.fun/libraries/EMB/APIRO/api.php Requested by Host: ptlofentertainment-bg.fun URL: https://ptlofentertainment-bg.fun/?hash=a447-6209-dc7c-0cbd&gclid=testfreelancer2808 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 94.46.171.91 , Portugal, ASN24768 (ALMOUROLTEC, PT), Reverse DNS Software Apache/2.4.41 (Ubuntu) / Resource Hash e3f78466643ba4dd4af8a578f9d8bdc357365007389bc94a29005b91624e831d Request headers X-NewRelic-ID VQ8FVF5TARABUlhaBggDX1YF tracestate 1925809@nr=0-1-1925809-1835019493-fdfa577667a8eaf9----1724859586587 traceparent 00-46e4803a9a3078459ef9b7266c5275ad-fdfa577667a8eaf9-01 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 newrelic eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjE5MjU4MDkiLCJhcCI6IjE4MzUwMTk0OTMiLCJpZCI6ImZkZmE1Nzc2NjdhOGVhZjkiLCJ0ciI6IjQ2ZTQ4MDNhOWEzMDc4NDU5ZWY5YjcyNjZjNTI3NWFkIiwidGkiOjE3MjQ4NTk1ODY1ODd9fQ== Content-Type application/x-www-form-urlencoded; charset=UTF-8 Accept application/json, text/javascript, */*; q=0.01 Referer https://ptlofentertainment-bg.fun/?hash=a447-6209-dc7c-0cbd&gclid=testfreelancer2808 X-Requested-With XMLHttpRequest Response headers Pragma no-cache Date Wed, 28 Aug 2024 15:39:46 GMT Server Apache/2.4.41 (Ubuntu) Content-Type application/json Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 201 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	modules.8da33a8f469c3b5ffcec.js Show response script.hotjar.com/	223 KB 56 KB	260ms 95ms	Script application/javascript	13.33.187.92 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js Requested by Host: ptlofentertainment-bg.fun URL: https://ptlofentertainment-bg.fun/?hash=a447-6209-dc7c-0cbd&gclid=testfreelancer2808 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.187.92 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-187-92.fra60.r.cloudfront.net Software / Resource Hash 76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://ptlofentertainment-bg.fun/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 30 Jul 2024 14:23:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P9 age 2510201 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 56385 last-modified Tue, 30 Jul 2024 14:22:40 GMT etag "0728625a147ca79276a1790b9cf3175d" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id XIjFzGS5huCylbuHaARgnaCwA3SdRMp999N2NLvqQtfM9ecrKAoB5w==
POST H2	200	/ Show response content.hotjar.io/	56 B 171 B	305ms 98ms	XHR application/json	34.249.205.38 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://content.hotjar.io/?site_id=3915799&gzip=1 Requested by Host: ptlofentertainment-bg.fun URL: https://ptlofentertainment-bg.fun/?hash=a447-6209-dc7c-0cbd&gclid=testfreelancer2808 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.249.205.38 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-249-205-38.eu-west-1.compute.amazonaws.com Software / Resource Hash c608585fc481e80f0b4d409e6f4f2068415157c283e89b7bf79781a7801e399d Request headers Referer https://ptlofentertainment-bg.fun/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers access-control-allow-origin * date Wed, 28 Aug 2024 15:39:47 GMT content-length 56 access-control-max-age 86400 content-type application/json
GET H2	200	nr-spa-1.264.0.min.js Show response js-agent.newrelic.com/	110 KB 32 KB	136ms 42ms	Script application/javascript	162.247.243.39 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-spa-1.264.0.min.js Requested by Host: ptlofentertainment-bg.fun URL: https://ptlofentertainment-bg.fun/?hash=a447-6209-dc7c-0cbd&gclid=testfreelancer2808 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.247.243.39 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 3e1292bc5ba29cb4eedbe81561ac86bd0dce1129a3262dd7033669c42b64ef20 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers Referer https://ptlofentertainment-bg.fun/ Origin https://ptlofentertainment-bg.fun User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers x-cache-hits 38676 date Wed, 28 Aug 2024 15:39:47 GMT content-encoding br strict-transport-security max-age=300 last-modified Tue, 06 Aug 2024 22:33:26 GMT etag "d445c6ab99f8d2940df12996faeaccc0" vary Accept-Encoding x-cache HIT content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 32013 x-served-by cache-lis1490029-LIS
POST H/1.1	200	f9883053d9 Show response bam.nr-data.net/1/	151 B 613 B	246ms 147ms	XHR text/plain	162.247.243.29 FASTLY
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/1/f9883053d9?a=1698194924&v=1.264.0&to=YFMAbEUCWkFUARdeClkZN0peTF1cUQcbGRVfRg%3D%3D&rst=1483&ck=0&s=f2f249cc99c31ce0&ref=https://ptlofentertainment-bg.fun/&ptid=5087e6135ec69fdf&af=err,spa,xhr,stn,ins&ap=132&be=276&fe=998&dc=343&at=TBQDGg0YSU8%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1724859585953,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:16,%22c%22:16,%22s%22:57,%22ce%22:105,%22rq%22:105,%22rp%22:276,%22rpe%22:378,%22di%22:618,%22ds%22:618,%22de%22:619,%22dc%22:1272,%22l%22:1272,%22le%22:1274%7D,%22navigation%22:%7B%7D%7D&fp=637&fcp=637 Requested by Host: ptlofentertainment-bg.fun URL: https://ptlofentertainment-bg.fun/?hash=a447-6209-dc7c-0cbd&gclid=testfreelancer2808 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.243.29 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 443fdcb5e6864b6b7bda9cda80cc99a9f4929fdc5673ec0258aa9642404d670b Request headers Referer https://ptlofentertainment-bg.fun/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers date Wed, 28 Aug 2024 15:39:47 GMT access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS content-type text/plain access-control-allow-origin https://ptlofentertainment-bg.fun access-control-expose-headers Date access-control-allow-credentials true cross-origin-resource-policy cross-origin Connection keep-alive timing-allow-origin https://ptlofentertainment-bg.fun Content-Length 151 x-served-by cache-lis1490044-LIS
POST H/1.1	200	f9883053d9 Show response bam.nr-data.net/events/1/	24 B 347 B	146ms 145ms	XHR image/gif	162.247.243.29 FASTLY
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/events/1/f9883053d9?a=1698194924&v=1.264.0&to=YFMAbEUCWkFUARdeClkZN0peTF1cUQcbGRVfRg%3D%3D&rst=1741&ck=0&s=f2f249cc99c31ce0&ref=https://ptlofentertainment-bg.fun/&ptid=5087e6135ec69fdf Requested by Host: ptlofentertainment-bg.fun URL: https://ptlofentertainment-bg.fun/?hash=a447-6209-dc7c-0cbd&gclid=testfreelancer2808 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.243.29 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300 Request headers Referer https://ptlofentertainment-bg.fun/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 content-type text/plain Response headers date Wed, 28 Aug 2024 15:39:47 GMT access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS content-type image/gif access-control-allow-origin https://ptlofentertainment-bg.fun access-control-allow-credentials true Connection keep-alive Content-Length 24 x-served-by cache-lis1490058-LIS

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| NREUM object| webpackChunk:NRBA-1.264.0.PROD object| newrelic function| p_old function| hj object| _hjSettings object| settings object| events object| trans function| redirectToContent string| lang number| step function| updateMessageInfo function| loading function| translate function| translateElement function| p function| checkLanguageFromUrl function| querySelectorAll_do function| getCookie function| setCookie function| $ function| jQuery function| Inputmask function| default object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ptlofentertainment-bg.fun/	1969-12-31 23:59:59	Name: PHPSESSID Value: j87utkjv06v4tpgovhd26om68f
			.ptlofentertainment-bg.fun/	1970-01-21 07:53:15	Name: _hjSessionUser_3915799 Value: eyJpZCI6ImUwYzYzZTc1LWUxYTctNTZjZC04ZGEzLTRhZjY3NTVhZTkxMiIsImNyZWF0ZWQiOjE3MjQ4NTk1ODcyMDIsImV4aXN0aW5nIjp0cnVlfQ==
			.ptlofentertainment-bg.fun/	1970-01-20 23:07:41	Name: _hjSession_3915799 Value: eyJpZCI6ImNlYmRhZDYwLWJiMTYtNGYxZi05NjYzLTZmZTJlNWY0MTc3YSIsImMiOjE3MjQ4NTk1ODcyMDMsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
			ptlofentertainment-bg.fun/	1969-12-31 23:59:59	Name: keyword Value: OK FPH
			ptlofentertainment-bg.fun/	1969-12-31 23:59:59	Name: shortcode Value: 1252
			ptlofentertainment-bg.fun/	1970-01-20 23:07:39	Name: step Value: 2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
content.hotjar.io
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
ptlofentertainment-bg.fun
script.hotjar.com
static.hotjar.com
storage.googleapis.com
13.33.187.92
142.250.184.251
142.250.185.163
162.247.243.29
162.247.243.39
172.217.23.106
18.239.94.121
34.249.205.38
94.46.171.91
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0dfecf019f6a9aa84780099d0bd9a2d1d2979da473d7f1b9879c7b07c67f56fa
0f85db33482dd25dc87df2e8f3d037a28f40b62d253a8e8983b2b919baa91606
3cf4de33a19fd7f034f51f4518d46c308ef453ca2cb9958484b74939b6df3326
3e1292bc5ba29cb4eedbe81561ac86bd0dce1129a3262dd7033669c42b64ef20
443fdcb5e6864b6b7bda9cda80cc99a9f4929fdc5673ec0258aa9642404d670b
48f540fb71166bf65a0fe187a71fad500c43143d3e2e42038f527e38c786e90f
5a0362536f9d15b3a844618848255e30c2c78cd7455a61df49a5cde08a27efcc
6d091e7ab5c64ead18017432dfaa112971288a5afe4388db89067f0442a8cfed
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
c608585fc481e80f0b4d409e6f4f2068415157c283e89b7bf79781a7801e399d
e3f78466643ba4dd4af8a578f9d8bdc357365007389bc94a29005b91624e831d
e79afd015da61f726c324f9ee3135684b2772e3c7f92e4bb9bec66afad6be6e5
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af