www.gamingtipsbygd.com Open in urlscan Pro
2a00:1450:4001:824::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.gamingtipsbygd.com/
Submission: On April 17 via manual (April 17th 2020, 5:43:58 pm UTC) from IN

Summary HTTP 82 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 16 domains to perform 82 HTTP transactions. The main IP is 2a00:1450:4001:824::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.gamingtipsbygd.com.

This is the only time www.gamingtipsbygd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2a00:1450:400... 2a00:1450:4001:824::2013	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::6812:3249	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
7	206.54.165.151 206.54.165.151	35415 (WEBZILLA) (WEBZILLA)
2	188.72.202.11 188.72.202.11	35415 (WEBZILLA) (WEBZILLA)
1	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2009	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5 6	2606:4700:303... 2606:4700:3033::681f:45bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:303... 2606:4700:3034::681b:8af5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.42.160.79 188.42.160.79	35415 (WEBZILLA) (WEBZILLA)
10	2606:4700:303... 2606:4700:3035::681b:8e9c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700:303... 2606:4700:3034::681c:1321	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6		() ()
82	21

5 2a00:1450:4001:824::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gamingtipsbygd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6812:3249 (United States)

ASN13335 (CLOUDFLARENET, US)

fandmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 206.54.165.151 (Amsterdam, Netherlands)

ASN35415 (WEBZILLA, NL)

pushsar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.72.202.11 (Netherlands)

ASN35415 (WEBZILLA, NL)

ofgogoatan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh4.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3033::681f:45bf (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

kayakm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3034::681b:8af5 (United States)

ASN13335 (CLOUDFLARENET, US)

gitoku.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.42.160.79 (Amsterdam, Netherlands)

ASN35415 (WEBZILLA, NL)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3035::681b:8e9c (United States)

ASN13335 (CLOUDFLARENET, US)

cardmrket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3034::681c:1321 (United States)

ASN13335 (CLOUDFLARENET, US)

imagetot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 (None, )

ASN- ()

www.gamingtipsbygd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	imagetot.com imagetot.com	991 KB
11	googleusercontent.com lh5.googleusercontent.com lh3.googleusercontent.com lh6.googleusercontent.com lh4.googleusercontent.com	982 KB
11	gamingtipsbygd.com www.gamingtipsbygd.com	111 KB
10	cardmrket.com cardmrket.com	663 KB
10	blogspot.com 3.bp.blogspot.com 1.bp.blogspot.com	574 KB
7	pushsar.com pushsar.com	75 KB
6	kayakm.com 5 redirects kayakm.com	5 KB
5	gitoku.com gitoku.com
3	gstatic.com fonts.gstatic.com	34 KB
2	facebook.net connect.facebook.net	116 KB
2	ofgogoatan.com ofgogoatan.com	27 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com	83 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	35 KB
1	rtmark.net my.rtmark.net	779 B
1	blogger.com www.blogger.com	52 KB
1	fandmo.com fandmo.com	15 KB
82	16

	Domain	Requested by
12	imagetot.com	www.gamingtipsbygd.com
11	www.gamingtipsbygd.com	www.gamingtipsbygd.com ajax.googleapis.com fandmo.com
10	cardmrket.com	fandmo.com
9	1.bp.blogspot.com	www.gamingtipsbygd.com
7	pushsar.com	www.gamingtipsbygd.com pushsar.com
6	kayakm.com	5 redirects fandmo.com
5	gitoku.com	fandmo.com
5	lh5.googleusercontent.com	www.gamingtipsbygd.com
3	fonts.gstatic.com	www.gamingtipsbygd.com
3	lh6.googleusercontent.com	www.gamingtipsbygd.com
2	connect.facebook.net	www.gamingtipsbygd.com connect.facebook.net
2	lh3.googleusercontent.com	www.gamingtipsbygd.com
2	ofgogoatan.com	www.gamingtipsbygd.com ofgogoatan.com
2	stackpath.bootstrapcdn.com	www.gamingtipsbygd.com
1	my.rtmark.net	www.gamingtipsbygd.com
1	www.blogger.com	www.gamingtipsbygd.com
1	ajax.googleapis.com	www.gamingtipsbygd.com
1	lh4.googleusercontent.com	www.gamingtipsbygd.com
1	3.bp.blogspot.com	www.gamingtipsbygd.com
1	fonts.googleapis.com	www.gamingtipsbygd.com
1	fandmo.com	www.gamingtipsbygd.com
82	21

This site contains links to these domains. Also see Links.

Domain
kayakm.com
www.instagram.com
www.soratemplates.com
www.mybloggerthemes.com
www.blogger.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-04` - `2020-10-09`	a year	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
pushsar.com Sectigo RSA Domain Validation Secure Server CA	`2019-07-26` - `2020-08-10`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
*.blogger.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-05-30`	3 months	crt.sh
*.rtmark.net Let's Encrypt Authority X3	`2020-03-12` - `2020-06-10`	3 months	crt.sh

This page contains 18 frames:

Primary Page: http://www.gamingtipsbygd.com/
Frame ID: 764E85DC9E4D4140E6CD644F67F72D99
Requests: 66 HTTP requests in this frame

Frame: http://ofgogoatan.com/fac.php
Frame ID: 3C564B5245E8226FBCD745E5829D0178
Requests: 1 HTTP requests in this frame

Frame: https://gitoku.com/register/_fa7cdd4c68507744/ZiOuu1cEzHvET4TCLXmxH6N84tWy3g/w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi.html
Frame ID: 183FAFAC17FEBE1E181D802A548B7840
Requests: 1 HTTP requests in this frame

Frame: https://gitoku.com/re/469c8f7116171953fa45f6a0b0e45922/511d7163.html
Frame ID: 151BD3549B0518ABDB54C932F2583485
Requests: 1 HTTP requests in this frame

Frame: https://gitoku.com/fg/469c8f7116171953fa45f6a0b0e45922/bb8386e1.html
Frame ID: 4341CFE6AA9AAD961836DD27D12A6018
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: AEC4239A0A9A36BAF1840A7981F7884A
Requests: 1 HTTP requests in this frame

Frame: blob://http://www.gamingtipsbygd.com/a75c27e6-d5c3-4d8c-bc28-3c9026775dba
Frame ID: BA25F8FEDE32BF3F76A9603956953CEB
Requests: 1 HTTP requests in this frame

Frame: blob://http://www.gamingtipsbygd.com/d0273435-b32f-4792-ad6f-7a9845156f6c
Frame ID: 5016FA767C162C9BD43D0F8E253B8B03
Requests: 1 HTTP requests in this frame

Frame: blob://http://www.gamingtipsbygd.com/c946bcd2-2e2f-405e-a36d-85d0b36a1364
Frame ID: 9EAB02071E97BF0CF214EAB4D40AE61C
Requests: 1 HTTP requests in this frame

Frame: blob://http://www.gamingtipsbygd.com/f64d78c4-2a1a-4e18-be31-ff21706d67a1
Frame ID: 41F8702C3210631D47224B71E4EBE46B
Requests: 8 HTTP requests in this frame

Frame: blob://http://www.gamingtipsbygd.com/c21be7c7-a68c-47c8-9afe-74dac1597d60
Frame ID: 04D8A0598F7761A0FC25DF8A2D303F96
Requests: 8 HTTP requests in this frame

Frame: blob://http://www.gamingtipsbygd.com/549e7322-a855-4cc9-87e9-6191de87dd47
Frame ID: 0997A4B3EB513403890B291219306932
Requests: 8 HTTP requests in this frame

Frame: https://cardmrket.com/view/8cbf77f80777482789ce0ccd91de44a9?cid=224caaf2bac1812cfe6b93983fcca400&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJdzdfRG54RER1WGtSd29yRGxNS1B3cmJDbzNnQUZ4WWkNMQkwDTIJMTYwMA0zCTEyMDANNAlodHRwOi8vd3d3LmdhbWluZ3RpcHNieWdkLmNvbS8NNQkNNgkNNwkwDTgJZmVkOGNjYTRhMmE2NGZlZWE0Nzk5ZmJmOTAxM2IyNGU&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi&pto=0001-00000028-3E05&pid=db5861273c2e476bab814461d2335686&eid=224caaf2bac1812cfe6b93983fcca402&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi
Frame ID: CB86475C1EDBCC1E7C84D04DEE762328
Requests: 1 HTTP requests in this frame

Frame: https://cardmrket.com/view/9f00dc64e8e6420fa140ccdb4e818223?cid=d6acf4cc020542c6509444fddca21e00&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJdzdfRG54RER1WGtSd29yRGxNS1B3cmJDbzNnQUZ4WWkNMQkwDTIJMTYwMA0zCTEyMDANNAlodHRwOi8vd3d3LmdhbWluZ3RpcHNieWdkLmNvbS8NNQkNNgkNNwkwDTgJZjU3M2NhYzdlODI3NGJkMWIwMjM0ZjAwOTYxMGJlYjc&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi&pto=0001-00000028-3E05&pid=db5861273c2e476bab814461d2335686&eid=d6acf4cc020542c6509444fddca21e02&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi
Frame ID: B07C5D70764BF4CDD43051DEF05C4C3D
Requests: 1 HTTP requests in this frame

Frame: https://cardmrket.com/view/3c87509a70524d1db8b50895a548dc3e?cid=53895bc70df7df8872e3cc47f1aded00&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJdzdfRG54RER1WGtSd29yRGxNS1B3cmJDbzNnQUZ4WWkNMQkwDTIJMTYwMA0zCTEyMDANNAlodHRwOi8vd3d3LmdhbWluZ3RpcHNieWdkLmNvbS8NNQkNNgkNNwkwDTgJMjRjMzZjN2EzZGQ3NGJlOWFmNzk1Yjg4NmJkODNjYjQ&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi&pto=0001-00000028-3E05&pid=db5861273c2e476bab814461d2335686&eid=53895bc70df7df8872e3cc47f1aded02&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi
Frame ID: B6727EB6FB3505D1C3D429BE239C6D33
Requests: 1 HTTP requests in this frame

Frame: https://cardmrket.com/view/9f00dc64e8e6420fa140ccdb4e818223?cid=793de31986f986db946f0d27bbe5a300&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJdzdfRG54RER1WGtSd29yRGxNS1B3cmJDbzNnQUZ4WWkNMQkwDTIJMTYwMA0zCTEyMDANNAlodHRwOi8vd3d3LmdhbWluZ3RpcHNieWdkLmNvbS8NNQkNNgkNNwkwDTgJZjU3M2NhYzdlODI3NGJkMWIwMjM0ZjAwOTYxMGJlYjc&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi&pto=0001-00000028-3E05&pid=db5861273c2e476bab814461d2335686&eid=793de31986f986db946f0d27bbe5a302&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi
Frame ID: 2B84E1B25AFA29E66C371794930F833D
Requests: 1 HTTP requests in this frame

Frame: https://gitoku.com/register/xc449bad4854773ff/DcNWIE2DJTPeEVGGN7pr6w2hlL3pxQ/w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi.html
Frame ID: 51B11981CB43DE3F8975DA19F41245D6
Requests: 1 HTTP requests in this frame

Frame: https://gitoku.com/re/469c8f7116171953fa45f6a0b0e45922/4e79a7f8.html
Frame ID: 09035142160971E47A15342A37C80716
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Blogger$/i

Python (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Blogger$/i

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

OpenGSE (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

Page Statistics

82
Requests

77 %
HTTPS

80 %
IPv6

16
Domains

21
Subdomains

21
IPs

4
Countries

4061 kB
Transfer

6212 kB
Size

1
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://kayakm.com/supply/why?bid=2cd1370497ee44d1bc67ffba347dbbad&cid=53895bc70df7df8872e3cc47f1aded00&ctx=undefined&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi&url=https%3A%2F%2Fcardmrket.com%2Fserve%2Fx3c87509a70524d1db8b50895a548dc3e.doc%3Fv%3Df755

Search URL Search Domain Scan URL

URL: https://kayakm.com/supply/why?bid=5536f9ed8dd744deba0fe2e6fc7d3480&cid=224caaf2bac1812cfe6b93983fcca400&ctx=undefined&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi&url=https%3A%2F%2Fcardmrket.com%2Fserve%2Fx8cbf77f80777482789ce0ccd91de44a9.doc%3Fv%3D5637

Search URL Search Domain Scan URL

URL: https://kayakm.com/l/n/click/5536f9ed8dd744deba0fe2e6fc7d3480?r=aHR0cHM6Ly9jYXJkbXJrZXQuY29tL2NsaWNrLzhjYmY3N2Y4MDc3NzQ4Mjc4OWNlMGNjZDkxZGU0NGE5&cid=224caaf2bac1812cfe6b93983fcca400&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJdzdfRG54RER1WGtSd29yRGxNS1B3cmJDbzNnQUZ4WWkNMQkwDTIJMTYwMA0zCTEyMDANNAlodHRwOi8vd3d3LmdhbWluZ3RpcHNieWdkLmNvbS8NNQkNNgkNNwkwDTgJZmVkOGNjYTRhMmE2NGZlZWE0Nzk5ZmJmOTAxM2IyNGU&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi

Search URL Search Domain Scan URL

URL: https://kayakm.com/supply/why?bid=9a2265ac200e412ca3cce73282507634&cid=d6acf4cc020542c6509444fddca21e00&ctx=undefined&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi&url=https%3A%2F%2Fcardmrket.com%2Fserve%2Fx9f00dc64e8e6420fa140ccdb4e818223.doc%3Fv%3D223c

Search URL Search Domain Scan URL

URL: https://kayakm.com/supply/why?bid=9a2265ac200e412ca3cce73282507634&cid=793de31986f986db946f0d27bbe5a300&ctx=undefined&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi&url=https%3A%2F%2Fcardmrket.com%2Fserve%2Fx9f00dc64e8e6420fa140ccdb4e818223.doc%3Fv%3D223c

Search URL Search Domain Scan URL

URL: https://www.instagram.com/desilover003/?igshid=tjoa2idl49ej

Search URL Search Domain Scan URL

URL: http://www.soratemplates.com/
Title: SoraTemplates

Search URL Search Domain Scan URL

URL: https://www.mybloggerthemes.com/
Title: Blogspot Templates

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://kayakm.com/supply/register?iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi HTTP 302
https://gitoku.com/register/_fa7cdd4c68507744/ZiOuu1cEzHvET4TCLXmxH6N84tWy3g/w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi.html

Request Chain 96

https://kayakm.com/l/n/view/5536f9ed8dd744deba0fe2e6fc7d3480?r=aHR0cHM6Ly9jYXJkbXJrZXQuY29tL3ZpZXcvOGNiZjc3ZjgwNzc3NDgyNzg5Y2UwY2NkOTFkZTQ0YTk&cid=224caaf2bac1812cfe6b93983fcca400&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJdzdfRG54RER1WGtSd29yRGxNS1B3cmJDbzNnQUZ4WWkNMQkwDTIJMTYwMA0zCTEyMDANNAlodHRwOi8vd3d3LmdhbWluZ3RpcHNieWdkLmNvbS8NNQkNNgkNNwkwDTgJZmVkOGNjYTRhMmE2NGZlZWE0Nzk5ZmJmOTAxM2IyNGU&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi HTTP 302
https://cardmrket.com/view/8cbf77f80777482789ce0ccd91de44a9?cid=224caaf2bac1812cfe6b93983fcca400&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJdzdfRG54RER1WGtSd29yRGxNS1B3cmJDbzNnQUZ4WWkNMQkwDTIJMTYwMA0zCTEyMDANNAlodHRwOi8vd3d3LmdhbWluZ3RpcHNieWdkLmNvbS8NNQkNNgkNNwkwDTgJZmVkOGNjYTRhMmE2NGZlZWE0Nzk5ZmJmOTAxM2IyNGU&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi&pto=0001-00000028-3E05&pid=db5861273c2e476bab814461d2335686&eid=224caaf2bac1812cfe6b93983fcca402&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi

Request Chain 97

https://kayakm.com/l/n/view/9a2265ac200e412ca3cce73282507634?r=aHR0cHM6Ly9jYXJkbXJrZXQuY29tL3ZpZXcvOWYwMGRjNjRlOGU2NDIwZmExNDBjY2RiNGU4MTgyMjM&cid=d6acf4cc020542c6509444fddca21e00&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJdzdfRG54RER1WGtSd29yRGxNS1B3cmJDbzNnQUZ4WWkNMQkwDTIJMTYwMA0zCTEyMDANNAlodHRwOi8vd3d3LmdhbWluZ3RpcHNieWdkLmNvbS8NNQkNNgkNNwkwDTgJZjU3M2NhYzdlODI3NGJkMWIwMjM0ZjAwOTYxMGJlYjc&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi HTTP 302
https://cardmrket.com/view/9f00dc64e8e6420fa140ccdb4e818223?cid=d6acf4cc020542c6509444fddca21e00&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJdzdfRG54RER1WGtSd29yRGxNS1B3cmJDbzNnQUZ4WWkNMQkwDTIJMTYwMA0zCTEyMDANNAlodHRwOi8vd3d3LmdhbWluZ3RpcHNieWdkLmNvbS8NNQkNNgkNNwkwDTgJZjU3M2NhYzdlODI3NGJkMWIwMjM0ZjAwOTYxMGJlYjc&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi&pto=0001-00000028-3E05&pid=db5861273c2e476bab814461d2335686&eid=d6acf4cc020542c6509444fddca21e02&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi

Request Chain 98

https://kayakm.com/l/n/view/2cd1370497ee44d1bc67ffba347dbbad?r=aHR0cHM6Ly9jYXJkbXJrZXQuY29tL3ZpZXcvM2M4NzUwOWE3MDUyNGQxZGI4YjUwODk1YTU0OGRjM2U&cid=53895bc70df7df8872e3cc47f1aded00&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJdzdfRG54RER1WGtSd29yRGxNS1B3cmJDbzNnQUZ4WWkNMQkwDTIJMTYwMA0zCTEyMDANNAlodHRwOi8vd3d3LmdhbWluZ3RpcHNieWdkLmNvbS8NNQkNNgkNNwkwDTgJMjRjMzZjN2EzZGQ3NGJlOWFmNzk1Yjg4NmJkODNjYjQ&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi HTTP 302
https://cardmrket.com/view/3c87509a70524d1db8b50895a548dc3e?cid=53895bc70df7df8872e3cc47f1aded00&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJdzdfRG54RER1WGtSd29yRGxNS1B3cmJDbzNnQUZ4WWkNMQkwDTIJMTYwMA0zCTEyMDANNAlodHRwOi8vd3d3LmdhbWluZ3RpcHNieWdkLmNvbS8NNQkNNgkNNwkwDTgJMjRjMzZjN2EzZGQ3NGJlOWFmNzk1Yjg4NmJkODNjYjQ&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi&pto=0001-00000028-3E05&pid=db5861273c2e476bab814461d2335686&eid=53895bc70df7df8872e3cc47f1aded02&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi

Request Chain 99

https://kayakm.com/l/n/view/9a2265ac200e412ca3cce73282507634?r=aHR0cHM6Ly9jYXJkbXJrZXQuY29tL3ZpZXcvOWYwMGRjNjRlOGU2NDIwZmExNDBjY2RiNGU4MTgyMjM&cid=793de31986f986db946f0d27bbe5a300&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJdzdfRG54RER1WGtSd29yRGxNS1B3cmJDbzNnQUZ4WWkNMQkwDTIJMTYwMA0zCTEyMDANNAlodHRwOi8vd3d3LmdhbWluZ3RpcHNieWdkLmNvbS8NNQkNNgkNNwkwDTgJZjU3M2NhYzdlODI3NGJkMWIwMjM0ZjAwOTYxMGJlYjc&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi HTTP 302
https://cardmrket.com/view/9f00dc64e8e6420fa140ccdb4e818223?cid=793de31986f986db946f0d27bbe5a300&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJdzdfRG54RER1WGtSd29yRGxNS1B3cmJDbzNnQUZ4WWkNMQkwDTIJMTYwMA0zCTEyMDANNAlodHRwOi8vd3d3LmdhbWluZ3RpcHNieWdkLmNvbS8NNQkNNgkNNwkwDTgJZjU3M2NhYzdlODI3NGJkMWIwMjM0ZjAwOTYxMGJlYjc&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi&pto=0001-00000028-3E05&pid=db5861273c2e476bab814461d2335686&eid=793de31986f986db946f0d27bbe5a302&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi

82 HTTP transactions
22 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.gamingtipsbygd.com/ 217 KB
35 KB 319ms
289ms Document
text/html 2a00:1450:4001:824::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.gamingtipsbygd.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:824::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e4783f0a21975700a4d97c0881df605ce2f6a8f36947948e6cae7e0300bb37c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.gamingtipsbygd.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: text/html; charset=UTF-8
Expires: Fri, 17 Apr 2020 17:43:38 GMT
Date: Fri, 17 Apr 2020 17:43:38 GMT
Cache-Control: private, max-age=0
Last-Modified: Tue, 14 Apr 2020 07:39:22 GMT
ETag: W/"50ac8bd1ecf75891a8daff6cb65729824c13a22e32610a674ea7980b3e0b5460"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 35479
Server: GSE

GET
H2 200 main.js Show response
fandmo.com/ 43 KB
15 KB 42ms
21ms Script
text/javascript 2606:4700:3033::6812:3249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fandmo.com/main.js
Requested by: Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6812:3249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2340ac8568e61588e7b8df7f9a419d03e49edeb59a413b5d12d8ebdb22da995

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 22:14:55 GMT
server: cloudflare
age: 70123
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 5857f311a8bee00b-FRA
cf-request-id: 022ad63f050000e00b489d0200000001

GET
H/1.1 200
OK css
fonts.googleapis.com/ 15 KB
1 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

28089df4b6ae9f4840fc111293d0da19c2d3d41567c4171adafb89f3b0653fec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 17:43:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 17 Apr 2020 17:43:38 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Fri, 17 Apr 2020 17:43:38 GMT

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 80ms
50ms Stylesheet
text/css 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
status: 200
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H/1.1 200
OK tag.min.js Show response
pushsar.com/pfe/current/ 37 KB
12 KB 120ms
25ms Script
application/javascript 206.54.165.151
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://pushsar.com/pfe/current/tag.min.js?z=2975885
Requested by: Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 206.54.165.151 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4fa2673bad8c14580d8218b346538f3c27c93e73d2cec7739372e54eb260fd2e

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Apr 2020 17:43:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Apr 2020 20:15:29 GMT
Server: nginx
ETag: W/"5e976b61-952a"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK apu.php Show response
ofgogoatan.com/ 78 KB
27 KB 69ms
54ms Script
application/javascript 188.72.202.11
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

http://ofgogoatan.com/apu.php?zoneid=3181695

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

HTTP/1.1

Server

188.72.202.11 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

1ba20954ef2936639088b13565a13c6c994e945b82432403ba45b94984d76535

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 17:43:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 28eac2642102619680a1562dbe31e394
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK Bollyflix-1.png
3.bp.blogspot.com/-oYe4xM5OP8k/XoNCRUasR2I/AAAAAAAACZU/HF0S7LUxaUUbUfaJLX879_WC-CFYWi0OQCK4BGAYYCw/s1600/ 8 KB
9 KB 34ms
22ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://3.bp.blogspot.com/-oYe4xM5OP8k/XoNCRUasR2I/AAAAAAAACZU/HF0S7LUxaUUbUfaJLX879_WC-CFYWi0OQCK4BGAYYCw/s1600/Bollyflix-1.png

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5d29379ba363bab3385aae2bd131ea4b4d9e2e47ad29f4a9bde1a2d38ed2b657

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 17:43:39 GMT
X-Content-Type-Options: nosniff
Server: fife
ETag: "v996"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Bollyflix-1.png"
Timing-Allow-Origin: *
Content-Length: 8345
X-XSS-Protection: 0
Expires: Sat, 18 Apr 2020 17:43:39 GMT

GET
H2 200 IMG_20200414_130751.jpg
1.bp.blogspot.com/-tK0suS58Ni4/XpVodClSICI/AAAAAAAACeY/xp14iRuZR9EsoxkyUV101bGbqpw3khDXACNcBGAsYHQ/w680/ 43 KB
43 KB 68ms
38ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-tK0suS58Ni4/XpVodClSICI/AAAAAAAACeY/xp14iRuZR9EsoxkyUV101bGbqpw3khDXACNcBGAsYHQ/w680/IMG_20200414_130751.jpg

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

81474970153bc7255df64b7734eee57b44ec4de38b9504fb72c9db3d5c338dbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="IMG_20200414_130751.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 43591
x-xss-protection: 0
server: fife
etag: "v9eb"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 18 Apr 2020 17:43:39 GMT

GET
H2 200 K-EboneAzqxDKkD94CRsXOqVA2Pt7u-lofzg-MUPscAZvxkHq_8AI4W4N-COvH35y7aCHVFKdH8LRkB3i2VfisoEPpFpmXjnGMddQLqLes3iRTY7f6EqjNg_XTbhXLo=w680
lh5.googleusercontent.com/proxy/ 60 KB
61 KB 98ms
71ms Image
image/jpeg 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/proxy/K-EboneAzqxDKkD94CRsXOqVA2Pt7u-lofzg-MUPscAZvxkHq_8AI4W4N-COvH35y7aCHVFKdH8LRkB3i2VfisoEPpFpmXjnGMddQLqLes3iRTY7f6EqjNg_XTbhXLo=w680

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

283862a031276b7003e2e72ae99495cd2b4e75117f53cd4cd39ab65e715f31aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 61843
x-xss-protection: 0
pragma: no-cache
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: no-cache, must-revalidate, no-transform
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 TcIzA-_qPlxcHC2HmwNL4txFpraZD7WkwRhDgRLOAZmpAUrBjtAKn99S4-MUDotCJWB6GrJ_hZk8vGo5NzsJ4fWhgGusr78F6gQzNlegywchVQSrCLzeRmOAwKuAGwE=w680
lh3.googleusercontent.com/proxy/ 68 KB
68 KB 77ms
58ms Image
image/jpeg 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/TcIzA-_qPlxcHC2HmwNL4txFpraZD7WkwRhDgRLOAZmpAUrBjtAKn99S4-MUDotCJWB6GrJ_hZk8vGo5NzsJ4fWhgGusr78F6gQzNlegywchVQSrCLzeRmOAwKuAGwE=w680

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0559e69db8a1712f85416241bf01f8956870cda3f70b7124a6149e1ace15f947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 69208
x-xss-protection: 0
pragma: no-cache
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: no-cache, must-revalidate, no-transform
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 eR2MoJw9joWHTpxSCt4H6JhoXnQZREdwvRiv-Q_M5Ogj5U9WEHsyjDiEJdTqX2w5EOLBTMxpP8fppo7ir1U_10e_3T5m6OkGrX7CGM6JinOnDcYrVJHUgrUTn_w01Zv-=w680
lh6.googleusercontent.com/proxy/ 246 KB
247 KB 105ms
80ms Image
image/png 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/proxy/eR2MoJw9joWHTpxSCt4H6JhoXnQZREdwvRiv-Q_M5Ogj5U9WEHsyjDiEJdTqX2w5EOLBTMxpP8fppo7ir1U_10e_3T5m6OkGrX7CGM6JinOnDcYrVJHUgrUTn_w01Zv-=w680

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

97308b6f9fbc1a26f245bba3e4157ec2bb386fad4433d668cce015a950a7286c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
x-content-type-options: nosniff
server: fife
status: 200
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 252297
x-xss-protection: 0
expires: Sat, 18 Apr 2020 17:43:39 GMT

GET
H2 200 imBmunwInfSlOuUsuNqss8J3dM-2QgobFAwx7XI8ROwVKOl2bNeTWhiD2t-HhHGrPcTogB9bdyn41f3EUztBYF_WvvgrAokrMA86v07PhUqvqtlaD0eYUB2xGueWwpII6g=w680
lh5.googleusercontent.com/proxy/ 41 KB
42 KB 67ms
40ms Image
image/jpeg 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/proxy/imBmunwInfSlOuUsuNqss8J3dM-2QgobFAwx7XI8ROwVKOl2bNeTWhiD2t-HhHGrPcTogB9bdyn41f3EUztBYF_WvvgrAokrMA86v07PhUqvqtlaD0eYUB2xGueWwpII6g=w680

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

467e02bdd26ed2a96a542942f5697918ab5b5abd00fbf7ddfee2d27fd13410e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
x-content-type-options: nosniff
server: fife
status: 200
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42182
x-xss-protection: 0
expires: Sat, 18 Apr 2020 17:43:39 GMT

GET
H2 200 aNHJZSijBqCqde7hMRO_1ocJjXYgTq8IzW0Rg6ouSD4IWE0LSR1NCLL5TeR6l585Jw5uEkM-27ajMJ9C9aQFhyUyWrg2OZFFc7OEei61xGnmGCxTHC4i4qnOyKMxg7U=w680
lh5.googleusercontent.com/proxy/ 90 KB
90 KB 137ms
111ms Image
image/jpeg 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/proxy/aNHJZSijBqCqde7hMRO_1ocJjXYgTq8IzW0Rg6ouSD4IWE0LSR1NCLL5TeR6l585Jw5uEkM-27ajMJ9C9aQFhyUyWrg2OZFFc7OEei61xGnmGCxTHC4i4qnOyKMxg7U=w680

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ae8ba1ca6c2d8b204851857114f054648f4bcd08d50c51de7f6753de14ece855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 92476
x-xss-protection: 0
pragma: no-cache
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: no-cache, must-revalidate, no-transform
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 XVR_GEVlPBbu67rshFRsbyneJqbMezAwTdT3p_6cmX5tnJXBU-uZBku2EX353YIr0rs98vWad95OUIABkzzf0pbRsWt8SSFvbaNvK4wrKJ3JrpXoRjZ8hJHoH3VVmQc=w680
lh6.googleusercontent.com/proxy/ 57 KB
57 KB 88ms
64ms Image
image/jpeg 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/proxy/XVR_GEVlPBbu67rshFRsbyneJqbMezAwTdT3p_6cmX5tnJXBU-uZBku2EX353YIr0rs98vWad95OUIABkzzf0pbRsWt8SSFvbaNvK4wrKJ3JrpXoRjZ8hJHoH3VVmQc=w680

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d1fd81e577ac169f81cef77ca1332869d79d52dd406ea343e16d10f822341651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 58007
x-xss-protection: 0
pragma: no-cache
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: no-cache, must-revalidate, no-transform
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 VZ2mkzC-yFpf9x8BnfKzbfkgWXzfNaxNZFyZ4pmKmV3Ps7EWoYF0y5j-JV59Y-sXDqveVG3ecn4ZjRdWM5pMVyBmOnolcq0HpWhVg0wsQSh_183YeRoYpphhyDqtFbJz=w680
lh5.googleusercontent.com/proxy/ 59 KB
59 KB 24ms
20ms Image
image/jpeg 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/proxy/VZ2mkzC-yFpf9x8BnfKzbfkgWXzfNaxNZFyZ4pmKmV3Ps7EWoYF0y5j-JV59Y-sXDqveVG3ecn4ZjRdWM5pMVyBmOnolcq0HpWhVg0wsQSh_183YeRoYpphhyDqtFbJz=w680

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cbaefa8b6a943ae0c69d9abf66f05a0c210344483540f6968ad9602f7519490e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
x-content-type-options: nosniff
server: fife
status: 200
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 59936
x-xss-protection: 0
expires: Sat, 18 Apr 2020 17:43:39 GMT

GET
H2 200 images.jpeg
1.bp.blogspot.com/-vTlnXD8kjQE/XoNRk8L5iqI/AAAAAAAACZc/Ub3XpTlaKqwDg2fSQHmkEnCm_ATjct2LQCNcBGAsYHQ/w680/ 32 KB
32 KB 21ms
16ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-vTlnXD8kjQE/XoNRk8L5iqI/AAAAAAAACZc/Ub3XpTlaKqwDg2fSQHmkEnCm_ATjct2LQCNcBGAsYHQ/w680/images.jpeg

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

771dc532bc0607e271f98e031360d13a6002d0eba6202aaad8b0fda537525f62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="images.jpeg"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 32399
x-xss-protection: 0
server: fife
etag: "v998"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 18 Apr 2020 17:43:39 GMT

GET
H2 200 sv1LBkiE6M0uHYiwM3MuIzo0mbQ73c2X0QSV9GL6WcV4UEXtSIbZITntF4AbgdyoS1Y826Lp5AF01RwtfC8gWwzPR8NJg2Pfbaw61_xKhkuIt-3Yn60NilA0d6oooJU=w680
lh6.googleusercontent.com/proxy/ 46 KB
46 KB 55ms
50ms Image
image/jpeg 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/proxy/sv1LBkiE6M0uHYiwM3MuIzo0mbQ73c2X0QSV9GL6WcV4UEXtSIbZITntF4AbgdyoS1Y826Lp5AF01RwtfC8gWwzPR8NJg2Pfbaw61_xKhkuIt-3Yn60NilA0d6oooJU=w680

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6e1f2648dbd60da62cbeb04ca705f5205bea5b31321fc22aeeb498efb8d46f50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="unnamed.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 47045
x-xss-protection: 0
pragma: no-cache
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: no-cache, must-revalidate, no-transform
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 g9b-DvN2osL7Da0kP3BchmPtRvbpy8Qsj-0-c5b9fz7E4Iv9hQeJ7VxtOM6ZMKGWT1vnYn6lbQ5lBA7KW0EVNtBjVNxuGZMWWQmH0IpMms5ax1zcDERyJ6ZpG1P2QRii=w680
lh3.googleusercontent.com/proxy/ 228 KB
229 KB 26ms
21ms Image
image/png 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/g9b-DvN2osL7Da0kP3BchmPtRvbpy8Qsj-0-c5b9fz7E4Iv9hQeJ7VxtOM6ZMKGWT1vnYn6lbQ5lBA7KW0EVNtBjVNxuGZMWWQmH0IpMms5ax1zcDERyJ6ZpG1P2QRii=w680

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

64b43642fedd5bf2967cc0a023b980069dc635501c3b8b27faa787e9b18c4d91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
x-content-type-options: nosniff
server: fife
status: 200
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 233760
x-xss-protection: 0
expires: Sat, 18 Apr 2020 17:43:39 GMT

GET
H2 200 ndyQTeL1Z23oMgbWxIvpoZ05inNhHprx-XAB96s4_EtcDHegm7Cu8Uefj6h3u6ySdfMKa4nXWjAu-iUb_wbOVNpxBAYfXJryZ0vHlbvAHaEPKbax7qFnVe7dCWAL7wwqvQ=w680
lh4.googleusercontent.com/proxy/ 55 KB
55 KB 32ms
26ms Image
image/jpeg 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/proxy/ndyQTeL1Z23oMgbWxIvpoZ05inNhHprx-XAB96s4_EtcDHegm7Cu8Uefj6h3u6ySdfMKa4nXWjAu-iUb_wbOVNpxBAYfXJryZ0vHlbvAHaEPKbax7qFnVe7dCWAL7wwqvQ=w680

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cdfaba9cd1117145af22c9666dcdbbfd7dd3ab2b4c16801a7e374662680fdba2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
x-content-type-options: nosniff
server: fife
status: 200
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 56056
x-xss-protection: 0
expires: Sat, 18 Apr 2020 17:43:39 GMT

GET
H2 200 zXfg4hXMjdr58Hv6pd1k23XmFtf248VSV_Pfry2Kt1OWFW6b3vbgVnJzw8CvDrBaVqB4PajpqcC3xsvpUCYT0p8i=w680
lh5.googleusercontent.com/proxy/ 29 KB
30 KB 21ms
18ms Image
image/jpeg 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/proxy/zXfg4hXMjdr58Hv6pd1k23XmFtf248VSV_Pfry2Kt1OWFW6b3vbgVnJzw8CvDrBaVqB4PajpqcC3xsvpUCYT0p8i=w680

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

71eaa76eae5c239baef17964a14c0163eddfa8fd057e77db3a3ed2d757bdbf7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
x-content-type-options: nosniff
server: fife
status: 200
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 30180
x-xss-protection: 0
expires: Sat, 18 Apr 2020 17:43:39 GMT

GET
H2 200 1581142129079627300_73.webp
1.bp.blogspot.com/-zmmDTLpIfGs/XoLO1Vk0dMI/AAAAAAAACWA/k_k8g5fqSPsIOiE3qIYJ3krlE0_JicstgCNcBGAsYHQ/w680/ 29 KB
29 KB 23ms
19ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-zmmDTLpIfGs/XoLO1Vk0dMI/AAAAAAAACWA/k_k8g5fqSPsIOiE3qIYJ3krlE0_JicstgCNcBGAsYHQ/w680/1581142129079627300_73.webp

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7836e524ef863316c883bc19d703a7ff3211a549297e9fdd6dd1f16f2633da95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="1581142129079627300_73.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 29956
x-xss-protection: 0
server: fife
etag: "v961"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 18 Apr 2020 17:43:39 GMT

GET
H2 200 follow-us-on-instagram-for-all-the-latest-news-774801.png
1.bp.blogspot.com/-0x9cPMuoHvI/XoSNnkrfSDI/AAAAAAAACaY/fMEElSKo_PU_wnAWz8DZnak9_Lm4l8K4wCNcBGAsYHQ/s1600/ 115 KB
116 KB 175ms
171ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-0x9cPMuoHvI/XoSNnkrfSDI/AAAAAAAACaY/fMEElSKo_PU_wnAWz8DZnak9_Lm4l8K4wCNcBGAsYHQ/s1600/follow-us-on-instagram-for-all-the-latest-news-774801.png

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bce953a937de74c5d3cf3735e4265af835bd09246677b608797bbf35224f91ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="follow-us-on-instagram-for-all-the-latest-news-774801.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 118179
x-xss-protection: 0
server: fife
etag: "v9a7"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 18 Apr 2020 17:43:39 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
33 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Mar 2020 08:36:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1760849
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Mar 2021 08:36:09 GMT

GET
H/1.1 200
OK cookienotice.js Show response
www.gamingtipsbygd.com/js/ 6 KB
2 KB 14ms
6ms Script
text/javascript 2a00:1450:4001:824::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.gamingtipsbygd.com/js/cookienotice.js

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:824::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 04:06:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 16 Apr 2020 23:23:40 GMT
Server: sffe
Age: 49017
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Content-Length: 2026
X-XSS-Protection: 0
Expires: Fri, 24 Apr 2020 04:06:42 GMT

GET
H2 200 2033457468-widgets.js Show response
www.blogger.com/static/v1/widgets/ 141 KB
52 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:81d::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2033457468-widgets.js

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4888cd9cafc5f8610410a59dccba5deb4461ba3fce4f6afbbbda0206519b4fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 04:56:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 Apr 2020 04:20:55 GMT
server: sffe
age: 46052
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 53112
x-xss-protection: 0
expires: Sat, 17 Apr 2021 04:56:07 GMT

GET
H/1.1 200
OK /
www.gamingtipsbygd.com/ 64 KB
64 KB 172ms
170ms Image
text/html 2a00:1450:4001:824::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.gamingtipsbygd.com/

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:824::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 17:43:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 14 Apr 2020 07:39:22 GMT
Server: GSE
ETag: W/"50ac8bd1ecf75891a8daff6cb65729824c13a22e32610a674ea7980b3e0b5460"
Content-Type: text/html; charset=UTF-8
Cache-Control: private, max-age=0
Content-Length: 35479
X-XSS-Protection: 1; mode=block
Expires: Fri, 17 Apr 2020 17:43:39 GMT

GET
H2 200 fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 11ms
7ms Font
font/woff2 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: http://www.gamingtipsbygd.com

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
status: 200
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 77171

GET
H/1.1 200
OK mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 10ms
5ms Font
font/woff2 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i
Origin: http://www.gamingtipsbygd.com

Response headers

Date: Fri, 03 Apr 2020 02:38:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Jul 2019 19:31:11 GMT
Server: sffe
Age: 1263882
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 9080
X-XSS-Protection: 0
Expires: Sat, 03 Apr 2021 02:38:57 GMT

GET
H/1.1 200
OK mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v17/ 14 KB
14 KB 46ms
35ms Font
font/woff2 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.gamingtipsbygd.com/
Origin: http://www.gamingtipsbygd.com

Response headers

Date: Sat, 04 Apr 2020 11:58:52 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Jul 2019 19:30:45 GMT
Server: sffe
Age: 1143887
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 14380
X-XSS-Protection: 0
Expires: Sun, 04 Apr 2021 11:58:52 GMT

GET
H/1.1 200
OK mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
fonts.gstatic.com/s/opensans/v17/ 10 KB
10 KB 45ms
35ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v17/mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i
Origin: http://www.gamingtipsbygd.com

Response headers

Date: Sat, 28 Mar 2020 03:05:25 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Jul 2019 19:31:02 GMT
Server: sffe
Age: 1780694
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 9728
X-XSS-Protection: 0
Expires: Sun, 28 Mar 2021 03:05:25 GMT

GET
H/1.1 200
OK summary Show response
www.gamingtipsbygd.com/feeds/posts/ 4 KB
2 KB 177ms
176ms Script
text/javascript 2a00:1450:4001:824::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.gamingtipsbygd.com/feeds/posts/summary?max-results=1&alt=json-in-script&callback=dataFeed

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:824::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

425a13710d7c6d1299d63a0cbe90a569d2b292c6befea7b45b8c374115605d87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 17:43:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 14 Apr 2020 07:39:22 GMT
Server: blogger-renderd
Age: 0
ETag: W/"9d27ea6737684b979c13473241c4eb65c72840fcc015e6f41be2accc1e3cbfaf"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
Content-Length: 1545
X-XSS-Protection: 0
Expires: Fri, 17 Apr 2020 17:43:40 GMT

GET
H/1.1 200
OK fac.php
ofgogoatan.com/ Frame 3C56 0
0 32ms
31ms Document
text/html 188.72.202.11
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

http://ofgogoatan.com/fac.php

Requested by

Host: ofgogoatan.com
URL: http://ofgogoatan.com/apu.php?zoneid=3181695

Protocol

HTTP/1.1

Server

188.72.202.11 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Host: ofgogoatan.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.gamingtipsbygd.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: OAID=6d364863baca4d5b919b9a9b079500d4; oaidts=1587145419
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.gamingtipsbygd.com/

Response headers

Server: nginx
Date: Fri, 17 Apr 2020 17:43:39 GMT
Content-Type: text/html; charset=utf8
Content-Length: 203
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: * *
X-Trace-Id: 54f0de1bc2036fed5ccd07990f84c550
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK zone Show response
pushsar.com/ 666 B
1 KB 28ms
27ms Fetch
application/json 206.54.165.151
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://pushsar.com/zone?pub=0&zone_id=2975885&is_mobile=false&domain=www.gamingtipsbygd.com&var=&ymid=

Requested by

Host: pushsar.com
URL: https://pushsar.com/pfe/current/tag.min.js?z=2975885

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

206.54.165.151 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

65055aa0d502b4e436a24db4a0c896650bbddaf5e0abdf2511b2b81b91842732

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Trace-Id: 63587883d039daabb3a240038601fcd7
Date: Fri, 17 Apr 2020 17:43:39 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://www.gamingtipsbygd.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 666

GET
H/1.1 200
OK universal.min.js Show response
pushsar.com/pfe/current/ 138 KB
42 KB 111ms
38ms Fetch
application/javascript 206.54.165.151
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://pushsar.com/pfe/current/universal.min.js?v=3.1.209
Requested by: Host: pushsar.com
URL: https://pushsar.com/pfe/current/tag.min.js?z=2975885
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 206.54.165.151 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3dd8697d6ee4f0565a8999da1e3de67eb48faeb203feadac8fc9a9b57f8b4180

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Apr 2020 17:43:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Apr 2020 20:15:29 GMT
Server: nginx
ETag: W/"5e976b61-227cc"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: http://www.gamingtipsbygd.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

540e24a0ccdedcadf9a0d56e34ce91f07a94993a38995b9a3ea2adba1de644b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 5L0l6Yn4GmqzmfHDBIIbrw==
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 1781
etag: "f8641eb41423656b7a01ac3cbacaeec0"
x-fb-debug: gIYCKnmLTKARtNCw2FLcoZdrb0I5jCtOcibcp3IvZ5AbOXmRlg6WBFmDCzqL3qjzbYnHK6MigpPy8tIFXSW71w==
x-fb-trip-id: 420120009
x-fb-content-md5: 7f8f8eeba959e1c6d898b9adc6036b7a
x-frame-options: DENY
date: Fri, 17 Apr 2020 17:43:39 GMT, Fri, 17 Apr 2020 17:43:39 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 17 Apr 2020 17:49:35 GMT

GET
H2

200

w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi.html
gitoku.com/register/_fa7cdd4c68507744/ZiOuu1cEzHvET4TCLXmxH6N84tWy3g/ Frame 183F
Redirect Chain

https://kayakm.com/supply/register?iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi
https://gitoku.com/register/_fa7cdd4c68507744/ZiOuu1cEzHvET4TCLXmxH6N84tWy3g/w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi.html

0
0

85ms
58ms

Document
text/html

2606:4700:3034::681b:8af5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gitoku.com/register/_fa7cdd4c68507744/ZiOuu1cEzHvET4TCLXmxH6N84tWy3g/w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi.html
Requested by: Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:8af5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: gitoku.com
:scheme: https
:path: /register/_fa7cdd4c68507744/ZiOuu1cEzHvET4TCLXmxH6N84tWy3g/w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.gamingtipsbygd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.gamingtipsbygd.com/

Response headers

status: 200
date: Fri, 17 Apr 2020 17:43:39 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d806cc0734112b050fb3c29cafa184b5a1587145419; expires=Sun, 17-May-20 17:43:39 GMT; path=/; domain=.gitoku.com; HttpOnly; SameSite=Lax; Secure __au=RpyPcRYXGVP6RfagsORZIg%3D%3D; expires=Sat, 17-Apr-2021 17:43:39 GMT; Max-Age=31536000; path=/; secure; httponly; samesite=none __cf_bm=713bd27ddc007d9f63813d4b99b099d1f2980989-1587145419-1800-Ae9XyMP3VrpAhdI6PTfbdXRRdU4+VhkyWUxUzX1+V8MRC4XiYT7O6n4s2EC3NlNrOPC3IGQExftBF3afJdgVhcE=; path=/; expires=Fri, 17-Apr-20 18:13:39 GMT; domain=.gitoku.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding Accept-Encoding
cache-control: max-age=0, private, s-maxage=0
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5857f3187f501f3d-FRA
content-encoding: br
cf-request-id: 022ad6434a00001f3d7622f200000001

Redirect headers

status: 302
date: Fri, 17 Apr 2020 17:43:39 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d05280fd717b5c740a04dc5702fe5fade1587145419; expires=Sun, 17-May-20 17:43:39 GMT; path=/; domain=.kayakm.com; HttpOnly; SameSite=Lax; Secure tid=ZiOuu1cEzHvET4TCLXmxH6N84tWy3g; expires=Sun, 17-May-2020 17:43:39 GMT; Max-Age=2592000; path=/; domain=kayakm.com; secure; httponly; samesite=none __cf_bm=1db3febffd60e33007d1e7caecba14b219a71e23-1587145419-1800-AezuASIvcRNajw7YvVfzxeiYvNg8x9ahX4W4nMRWhRc+Iay9psn0AIdiFPUyioSPCKJEgglKqRjLQpBsj8yl6YI=; path=/; expires=Fri, 17-Apr-20 18:13:39 GMT; domain=.kayakm.com; HttpOnly; Secure; SameSite=None
cache-control: max-age=0, no-transform, private
p3p: CP="CAO PSA OUR"
etag: "3rLV4nyjH7F5LcKET8R7zARXu64jZg"
last-modified: Fri, 17 Apr 2020 17:43:39 GMT
location: https://gitoku.com/register/_fa7cdd4c68507744/ZiOuu1cEzHvET4TCLXmxH6N84tWy3g/w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi.html
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5857f317fa891f41-FRA
cf-request-id: 022ad642fb00001f41dab91200000001

GET
H/1.1 200
OK default Show response
www.gamingtipsbygd.com/feeds/posts/ 60 KB
8 KB 179ms
179ms XHR
text/javascript 2a00:1450:4001:824::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.gamingtipsbygd.com/feeds/posts/default?alt=json-in-script&max-results=3&callback=jQuery112405313385114691866_1587145419075&_=1587145419076

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:824::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

9e0ce22849f206c56f3b10c88d02a344ea3275133b178ff09d71effec8c243a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: http://www.gamingtipsbygd.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 17:43:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 14 Apr 2020 07:39:22 GMT
Server: blogger-renderd
ETag: W/"b7d32c946ff49beb3ea2b16c684d8852e88da5f558792b6c82c5ff83bc5d7c9c"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
Vary: Accept-Encoding
Content-Length: 7268
X-XSS-Protection: 0
Expires: Fri, 17 Apr 2020 17:43:40 GMT

GET
H2 200 find Show response
kayakm.com/supply/ 4 KB
1 KB 136ms
136ms XHR
application/json 2606:4700:3033::681f:45bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kayakm.com/supply/find?aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJdzdfRG54RER1WGtSd29yRGxNS1B3cmJDbzNnQUZ4WWkNMQkwDTIJMTYwMA0zCTEyMDANNAlodHRwOi8vd3d3LmdhbWluZ3RpcHNieWdkLmNvbS8NNQkNNgkNNwkwCjIJMzIwDTMJMTAwDTgJMjRjMzZjN2EzZGQ3NGJlOWFmNzk1Yjg4NmJkODNjYjQKMgkzMjANMwkxMDANOAkyNGMzNmM3YTNkZDc0YmU5YWY3OTViODg2YmQ4M2NiNAoyCTMyMA0zCTEwMA04CWZlZDhjY2E0YTJhNjRmZWVhNDc5OWZiZjkwMTNiMjRlCjIJMzIwDTMJNTANOAlmNTczY2FjN2U4Mjc0YmQxYjAyMzRmMDA5NjEwYmViNwoyCTMyMA0zCTUwDTgJZjU3M2NhYzdlODI3NGJkMWIwMjM0ZjAwOTYxMGJlYjcKMgk3MjgNMwk5MA04CTg5MDA1OWViODg2NDQwZjliNmZmYzhkYTQzODMwOTcw
Requested by: Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681f:45bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3760bf9588add8c22f588e07c652abb494df8cdc79a69e94784aa64f5a6d9fbb

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: http://www.gamingtipsbygd.com
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 5857f3181af71f41-FRA
cf-request-id: 022ad6431100001f41dab93200000001

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 391 KB
114 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=8a313f8f4a79c0433868cce33522697b&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d20a506ce6117a725f5cc366d97ad63557582d3c216dcc6e79cc79254f734e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.gamingtipsbygd.com/
Origin: http://www.gamingtipsbygd.com

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: pvyPDs34TJEGIG5DTT9/Tw==
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 116249
etag: "56532230f2b2c5c252817acda9374716"
x-fb-debug: dfTFoGCv5eQiKfVeJ20Z0EPnSY4+GOhymJowt55xfH+KjvO1Th1kkLdb3yvclDenY1RC/HGnFCiltBx9pnAdJw==
x-fb-trip-id: 420120009
x-fb-content-md5: 05a4c16d92939b5e404645eef38770b9
x-frame-options: DENY
date: Fri, 17 Apr 2020 17:43:39 GMT, Fri, 17 Apr 2020 17:43:39 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Sat, 17 Apr 2021 17:29:35 GMT

POST
H/1.1 200
OK custom Show response
pushsar.com/ 39 B
496 B 27ms
26ms Fetch
application/json 206.54.165.151
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://pushsar.com/custom

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

206.54.165.151 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: d6d87cd52690867b3c728630f6cc93cf
Date: Fri, 17 Apr 2020 17:43:39 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://www.gamingtipsbygd.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H/1.1 200
OK gid.js Show response
my.rtmark.net/ 65 B
779 B 29ms
29ms Fetch
application/json 188.42.160.79
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=fc4db856288442f3bcce6e99e4549528&zoneId=2975885&checkDuplicate=true&ymid=&var=

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.42.160.79 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

bcc2d213ecf5fdad199d043ef7f02caf8c45e64560ec3241b24cd6c993da07dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 17:43:39 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://www.gamingtipsbygd.com
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 65

GET
H2 200 511d7163.html
gitoku.com/re/469c8f7116171953fa45f6a0b0e45922/ Frame 151B 0
0 48ms
47ms Document
text/html 2606:4700:3034::681b:8af5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gitoku.com/re/469c8f7116171953fa45f6a0b0e45922/511d7163.html
Requested by: Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:8af5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: gitoku.com
:scheme: https
:path: /re/469c8f7116171953fa45f6a0b0e45922/511d7163.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.gamingtipsbygd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __au=RpyPcRYXGVP6RfagsORZIg%3D%3D; __cf_bm=713bd27ddc007d9f63813d4b99b099d1f2980989-1587145419-1800-Ae9XyMP3VrpAhdI6PTfbdXRRdU4+VhkyWUxUzX1+V8MRC4XiYT7O6n4s2EC3NlNrOPC3IGQExftBF3afJdgVhcE=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.gamingtipsbygd.com/

Response headers

status: 200
date: Fri, 17 Apr 2020 17:43:39 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d806cc0734112b050fb3c29cafa184b5a1587145419; expires=Sun, 17-May-20 17:43:39 GMT; path=/; domain=.gitoku.com; HttpOnly; SameSite=Lax; Secure __cf_bm=72e995e2fcb3e0660dcbf04234b1b64678408956-1587145419-1800-AX6atTXoOdo3y2T+BojohtiODQy4orkPFEJL+T8jXvZFjHa6svuJDRsYxdQu5TnoqS6LRavGcX0HxwSnHkycvlA=; path=/; expires=Fri, 17-Apr-20 18:13:39 GMT; domain=.gitoku.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding Accept-Encoding
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5857f31908bd1f3d-FRA
content-encoding: br
cf-request-id: 022ad643a200001f3d76235200000001

GET
H2 200 bb8386e1.html
gitoku.com/fg/469c8f7116171953fa45f6a0b0e45922/ Frame 4341 0
0 40ms
38ms Document
text/html 2606:4700:3034::681b:8af5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gitoku.com/fg/469c8f7116171953fa45f6a0b0e45922/bb8386e1.html
Requested by: Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:8af5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: gitoku.com
:scheme: https
:path: /fg/469c8f7116171953fa45f6a0b0e45922/bb8386e1.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.gamingtipsbygd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __au=RpyPcRYXGVP6RfagsORZIg%3D%3D; __cf_bm=713bd27ddc007d9f63813d4b99b099d1f2980989-1587145419-1800-Ae9XyMP3VrpAhdI6PTfbdXRRdU4+VhkyWUxUzX1+V8MRC4XiYT7O6n4s2EC3NlNrOPC3IGQExftBF3afJdgVhcE=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.gamingtipsbygd.com/

Response headers

status: 200
date: Fri, 17 Apr 2020 17:43:39 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d806cc0734112b050fb3c29cafa184b5a1587145419; expires=Sun, 17-May-20 17:43:39 GMT; path=/; domain=.gitoku.com; HttpOnly; SameSite=Lax; Secure __cf_bm=298ab7739a30d30ef41d220b87fbddea308b818b-1587145419-1800-ARrALUaZLMWcU9PmuYrb6PjjBccyvhz7DcxIZq9UTLa3bNLGYxmLgB9TrC6tGhI7xAMulsuJtFuMfk5x2Vx7dMQ=; path=/; expires=Fri, 17-Apr-20 18:13:39 GMT; domain=.gitoku.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding Accept-Encoding
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5857f31908c81f3d-FRA
content-encoding: br
cf-request-id: 022ad643a600001f3d76237200000001

GET
H/1.1 200
OK defaultSkin.min.js Show response
pushsar.com/pfe/current/ 56 KB
19 KB 29ms
27ms Fetch
application/javascript 206.54.165.151
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://pushsar.com/pfe/current/defaultSkin.min.js
Requested by: Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 206.54.165.151 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: c357f597ae58b89b41335942c7de0b7082db6f6807e4f49c54def56673155488

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Apr 2020 17:43:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Apr 2020 20:15:29 GMT
Server: nginx
ETag: W/"5e976b61-de6b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: http://www.gamingtipsbygd.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 x3c87509a70524d1db8b50895a548dc3e.doc Show response
cardmrket.com/serve/ 252 KB
187 KB 111ms
85ms XHR
text/html 2606:4700:3035::681b:8e9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cardmrket.com/serve/x3c87509a70524d1db8b50895a548dc3e.doc?v=f755
Requested by: Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8e9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94b9479669d060f66998cca860c2633803225dcf5d0841f49347cb81b08d0678

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 06 Dec 2019 13:25:39 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=2592000, no-transform, s-maxage=2592000
accept-ranges: bytes
cf-ray: 5857f3193b1b1f2d-FRA
content-length: 191214
cf-request-id: 022ad643bf00001f2dc68f0200000001

GET
H2 200 x8cbf77f80777482789ce0ccd91de44a9.doc Show response
cardmrket.com/serve/ 40 KB
41 KB 96ms
70ms XHR
image/png 2606:4700:3035::681b:8e9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cardmrket.com/serve/x8cbf77f80777482789ce0ccd91de44a9.doc?v=5637
Requested by: Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8e9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d5d98c8ae7a86dd2748bc3a24caaa674bbd80f5766bbe2ed74cb51adeb73bb4

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 16 Apr 2020 15:58:48 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, no-transform, s-maxage=2592000
accept-ranges: bytes
cf-ray: 5857f3193b1f1f2d-FRA
content-length: 41213
cf-request-id: 022ad643bf00001f2dc68f1200000001

GET
H2 200 x8cbf77f80777482789ce0ccd91de44a9.doc Show response
cardmrket.com/serve/ 40 KB
41 KB 101ms
76ms XHR
image/png 2606:4700:3035::681b:8e9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cardmrket.com/serve/x8cbf77f80777482789ce0ccd91de44a9.doc?v=5637
Requested by: Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8e9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d5d98c8ae7a86dd2748bc3a24caaa674bbd80f5766bbe2ed74cb51adeb73bb4

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 16 Apr 2020 15:58:48 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, no-transform, s-maxage=2592000
accept-ranges: bytes
cf-ray: 5857f3193b221f2d-FRA
content-length: 41213
cf-request-id: 022ad643bf00001f2dc68f2200000001

GET
H2 200 x9f00dc64e8e6420fa140ccdb4e818223.doc Show response
cardmrket.com/serve/ 247 KB
184 KB 105ms
80ms XHR
text/html 2606:4700:3035::681b:8e9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cardmrket.com/serve/x9f00dc64e8e6420fa140ccdb4e818223.doc?v=223c
Requested by: Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8e9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40037dd6093f9d425231c53be986827b4bb0757e55fc6af88f81fa6dce2883c2

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 08 Oct 2019 11:52:01 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=2592000, no-transform, s-maxage=2592000
accept-ranges: bytes
cf-ray: 5857f3193b271f2d-FRA
content-length: 187683
cf-request-id: 022ad643bf00001f2dc68f3200000001

GET
H2 200 x9f00dc64e8e6420fa140ccdb4e818223.doc Show response
cardmrket.com/serve/ 247 KB
184 KB 173ms
148ms XHR
text/html 2606:4700:3035::681b:8e9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cardmrket.com/serve/x9f00dc64e8e6420fa140ccdb4e818223.doc?v=223c
Requested by: Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8e9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40037dd6093f9d425231c53be986827b4bb0757e55fc6af88f81fa6dce2883c2

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 08 Oct 2019 11:52:01 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=2592000, no-transform, s-maxage=2592000
accept-ranges: bytes
cf-ray: 5857f3193b2a1f2d-FRA
content-length: 187683
cf-request-id: 022ad643bf00001f2dc68f4200000001

GET
H2 200 xa8b2c1a7c0554a4b8d088712f0849c17.doc Show response
cardmrket.com/serve/ 27 KB
27 KB 170ms
145ms XHR
image/png 2606:4700:3035::681b:8e9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cardmrket.com/serve/xa8b2c1a7c0554a4b8d088712f0849c17.doc?v=ca17
Requested by: Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8e9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13659d00e02eacd3c9426e52e21eee62b72321514a4bd31e306f5400f423ed5d

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 16 Apr 2020 15:58:48 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, no-transform, s-maxage=2592000
accept-ranges: bytes
cf-ray: 5857f3193b301f2d-FRA
content-length: 27423
cf-request-id: 022ad643bf00001f2dc68f5200000001

GET
H2 200 IMG_20200414_130751.jpg
1.bp.blogspot.com/-tK0suS58Ni4/XpVodClSICI/AAAAAAAACeY/xp14iRuZR9EsoxkyUV101bGbqpw3khDXACNcBGAsYHQ/s320/ 21 KB
21 KB 45ms
38ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-tK0suS58Ni4/XpVodClSICI/AAAAAAAACeY/xp14iRuZR9EsoxkyUV101bGbqpw3khDXACNcBGAsYHQ/s320/IMG_20200414_130751.jpg

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f22483d990c92212018604aaa8c3696ed523caa7a299fd4254f7e2443cf74b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="IMG_20200414_130751.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 21825
x-xss-protection: 0
server: fife
etag: "v9eb"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 18 Apr 2020 17:43:39 GMT

GET
H2 200 Screenshot_2020-04-14-13-05-07-501_com.mxtech.videoplayer.ad.png
1.bp.blogspot.com/-wmunGpHKl1U/XpVodl4RFII/AAAAAAAACec/veGDYcVk7qgOQ_prkN2Ek1yXJXXGlvxbQCEwYBhgLKs4DAMBZVoBfkflRJ-DAopBeSyeuLn4Q5FmSpBC3t-qDPhsMibFR4GZRBFmnRAD0jdgkP1nPneS8scY0k0QtgStoBkTzDp-2srTHN... 68 KB
68 KB 25ms
18ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-wmunGpHKl1U/XpVodl4RFII/AAAAAAAACec/veGDYcVk7qgOQ_prkN2Ek1yXJXXGlvxbQCEwYBhgLKs4DAMBZVoBfkflRJ-DAopBeSyeuLn4Q5FmSpBC3t-qDPhsMibFR4GZRBFmnRAD0jdgkP1nPneS8scY0k0QtgStoBkTzDp-2srTHNtHLybd8eYZxy8xSSLFoh4BYFebmNFdtO-3B6zzsq1I2HuF2pgzq0t2dKwH6ST86Ysgd6ba-jwGfA0gpE0DhGBBtoQbkhlJ0PzWHRb8IV4Xj8Ue9IwjuP-9ZNGJMJtNIuKePt10PQQ4eK4axPpcv6LSrIf7Tq0gpnPXt6KJojucgCV-6f-FAopInlvZTB9GXg4tuIjcylykSoH11CdvoxC61A9gOP5xD2MgTs0v44VJxT77-Jbg2_BIWkUca7CRA_J4ioI0BUhz-MWlK_hTVio6E-0or0LXM6KTgjo2PJdx7OHgmv8LTuFpCW559sZJmmaAJ2HCto3xTy6J0Ozb9eLQP-_shx5yvQ2kHg5oJZLPKeFsSy7Chc_zCCiyzuCmZZhY_TVY2TLmv7zwFWrlkg-3GAnhQBXsYHRb2SIwlWxVmTDjXzzfszeFF_ekyP6iHeXONGRPg6aVVMyKJ021DC1VCer3sDx6hSba_utTnZi7kuNiWsCWx6I0x25vHBTqe3ETdgQgCMPTV1fQF/s320/Screenshot_2020-04-14-13-05-07-501_com.mxtech.videoplayer.ad.png

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a201fda6b533eef374bd64e68d4ebe14390b3267312d60cafbb1876dcab60a8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="Screenshot_2020-04-14-13-05-07-501_com.mxtech.videoplayer.ad.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 69814
x-xss-protection: 0
server: fife
etag: "v9ec"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 18 Apr 2020 17:43:39 GMT

GET
H2 200 Screenshot_2020-04-14-13-05-30-404_com.mxtech.videoplayer.ad.png
1.bp.blogspot.com/-LEZLiKRGDg0/XpVodvntZ_I/AAAAAAAACeg/ZSZMu2yVJVwPy1Z6ThfmO2_0QF6SMAdSQCEwYBhgLKs4DAMBZVoBfkflRJ-DAopBeSyeuLn4Q5FmSpBC3t-qDPhsMibFR4GZRBFmnRAD0jdgkP1nPneS8scY0k0QtgStoBkTzDp-2srTHN... 71 KB
71 KB 52ms
45ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-LEZLiKRGDg0/XpVodvntZ_I/AAAAAAAACeg/ZSZMu2yVJVwPy1Z6ThfmO2_0QF6SMAdSQCEwYBhgLKs4DAMBZVoBfkflRJ-DAopBeSyeuLn4Q5FmSpBC3t-qDPhsMibFR4GZRBFmnRAD0jdgkP1nPneS8scY0k0QtgStoBkTzDp-2srTHNtHLybd8eYZxy8xSSLFoh4BYFebmNFdtO-3B6zzsq1I2HuF2pgzq0t2dKwH6ST86Ysgd6ba-jwGfA0gpE0DhGBBtoQbkhlJ0PzWHRb8IV4Xj8Ue9IwjuP-9ZNGJMJtNIuKePt10PQQ4eK4axPpcv6LSrIf7Tq0gpnPXt6KJojucgCV-6f-FAopInlvZTB9GXg4tuIjcylykSoH11CdvoxC61A9gOP5xD2MgTs0v44VJxT77-Jbg2_BIWkUca7CRA_J4ioI0BUhz-MWlK_hTVio6E-0or0LXM6KTgjo2PJdx7OHgmv8LTuFpCW559sZJmmaAJ2HCto3xTy6J0Ozb9eLQP-_shx5yvQ2kHg5oJZLPKeFsSy7Chc_zCCiyzuCmZZhY_TVY2TLmv7zwFWrlkg-3GAnhQBXsYHRb2SIwlWxVmTDjXzzfszeFF_ekyP6iHeXONGRPg6aVVMyKJ021DC1VCer3sDx6hSba_utTnZi7kuNiWsCWx6I0x25vHBTqe3ETdgQgCMPTV1fQF/s320/Screenshot_2020-04-14-13-05-30-404_com.mxtech.videoplayer.ad.png

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3ff059ce12ff130a0abe617bea2b8fd6cac7554f7631b04ac4d919d4acb511da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="Screenshot_2020-04-14-13-05-30-404_com.mxtech.videoplayer.ad.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 73014
x-xss-protection: 0
server: fife
etag: "v9ed"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 18 Apr 2020 17:43:39 GMT

GET
H2 200 Screenshot_2020-04-14-13-06-05-712_com.mxtech.videoplayer.ad.png
1.bp.blogspot.com/-qqXsSQ3h5u8/XpVoeWNFrTI/AAAAAAAACek/a3xnCu8eOH4QxhRUv24U_NV9j4G0Pp-HgCEwYBhgLKs4DAMBZVoBfkflRJ-DAopBeSyeuLn4Q5FmSpBC3t-qDPhsMibFR4GZRBFmnRAD0jdgkP1nPneS8scY0k0QtgStoBkTzDp-2srTHN... 92 KB
92 KB 46ms
39ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-qqXsSQ3h5u8/XpVoeWNFrTI/AAAAAAAACek/a3xnCu8eOH4QxhRUv24U_NV9j4G0Pp-HgCEwYBhgLKs4DAMBZVoBfkflRJ-DAopBeSyeuLn4Q5FmSpBC3t-qDPhsMibFR4GZRBFmnRAD0jdgkP1nPneS8scY0k0QtgStoBkTzDp-2srTHNtHLybd8eYZxy8xSSLFoh4BYFebmNFdtO-3B6zzsq1I2HuF2pgzq0t2dKwH6ST86Ysgd6ba-jwGfA0gpE0DhGBBtoQbkhlJ0PzWHRb8IV4Xj8Ue9IwjuP-9ZNGJMJtNIuKePt10PQQ4eK4axPpcv6LSrIf7Tq0gpnPXt6KJojucgCV-6f-FAopInlvZTB9GXg4tuIjcylykSoH11CdvoxC61A9gOP5xD2MgTs0v44VJxT77-Jbg2_BIWkUca7CRA_J4ioI0BUhz-MWlK_hTVio6E-0or0LXM6KTgjo2PJdx7OHgmv8LTuFpCW559sZJmmaAJ2HCto3xTy6J0Ozb9eLQP-_shx5yvQ2kHg5oJZLPKeFsSy7Chc_zCCiyzuCmZZhY_TVY2TLmv7zwFWrlkg-3GAnhQBXsYHRb2SIwlWxVmTDjXzzfszeFF_ekyP6iHeXONGRPg6aVVMyKJ021DC1VCer3sDx6hSba_utTnZi7kuNiWsCWx6I0x25vHBTqe3ETdgQgCMPTV1fQF/s320/Screenshot_2020-04-14-13-06-05-712_com.mxtech.videoplayer.ad.png

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f51482c15752224512158a60cbeaf7dc513737ece2d43bcae4361895b1e22fb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="Screenshot_2020-04-14-13-06-05-712_com.mxtech.videoplayer.ad.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 94402
x-xss-protection: 0
server: fife
etag: "v9ed"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 16 Apr 2020 14:24:32 GMT

GET
H2 200 Screenshot_2020-04-14-13-06-15-616_com.mxtech.videoplayer.ad.png
1.bp.blogspot.com/-0eOvAc7ZIjE/XpVoeylH27I/AAAAAAAACeo/hGZMicoBwlEYAwFyCWVu2_n1hmN2_GjjgCEwYBhgLKs4DAMBZVoBfkflRJ-DAopBeSyeuLn4Q5FmSpBC3t-qDPhsMibFR4GZRBFmnRAD0jdgkP1nPneS8scY0k0QtgStoBkTzDp-2srTHN... 92 KB
92 KB 26ms
20ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-0eOvAc7ZIjE/XpVoeylH27I/AAAAAAAACeo/hGZMicoBwlEYAwFyCWVu2_n1hmN2_GjjgCEwYBhgLKs4DAMBZVoBfkflRJ-DAopBeSyeuLn4Q5FmSpBC3t-qDPhsMibFR4GZRBFmnRAD0jdgkP1nPneS8scY0k0QtgStoBkTzDp-2srTHNtHLybd8eYZxy8xSSLFoh4BYFebmNFdtO-3B6zzsq1I2HuF2pgzq0t2dKwH6ST86Ysgd6ba-jwGfA0gpE0DhGBBtoQbkhlJ0PzWHRb8IV4Xj8Ue9IwjuP-9ZNGJMJtNIuKePt10PQQ4eK4axPpcv6LSrIf7Tq0gpnPXt6KJojucgCV-6f-FAopInlvZTB9GXg4tuIjcylykSoH11CdvoxC61A9gOP5xD2MgTs0v44VJxT77-Jbg2_BIWkUca7CRA_J4ioI0BUhz-MWlK_hTVio6E-0or0LXM6KTgjo2PJdx7OHgmv8LTuFpCW559sZJmmaAJ2HCto3xTy6J0Ozb9eLQP-_shx5yvQ2kHg5oJZLPKeFsSy7Chc_zCCiyzuCmZZhY_TVY2TLmv7zwFWrlkg-3GAnhQBXsYHRb2SIwlWxVmTDjXzzfszeFF_ekyP6iHeXONGRPg6aVVMyKJ021DC1VCer3sDx6hSba_utTnZi7kuNiWsCWx6I0x25vHBTqe3ETdgQgCMPTV1fQF/s320/Screenshot_2020-04-14-13-06-15-616_com.mxtech.videoplayer.ad.png

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

058e37c736af261163691e659b78e91f6ed9ec1feb9ba2d6ed483bda305b698a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: inline;filename="Screenshot_2020-04-14-13-06-15-616_com.mxtech.videoplayer.ad.png"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 94115
x-xss-protection: 0
server: fife
etag: "v9ee"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 16 Apr 2020 14:24:33 GMT

GET
H2 200 ccd4d7587df035bda3ba5770b6310373.jpg
imagetot.com/images/2020/04/07/ 123 KB
123 KB 96ms
29ms Image
image/jpeg 2606:4700:3034::681c:1321
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagetot.com/images/2020/04/07/ccd4d7587df035bda3ba5770b6310373.jpg
Requested by: Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1321 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b56f4c1f76ee19cd82ae6c2d79330ddb70e0ca3c87d051453107762eabeb928c

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
cf-cache-status: HIT
age: 833659
status: 200
content-length: 126159
cf-request-id: 022ad643fc00000eb74ab9c200000001
pragma: public
last-modified: Wed, 08 Apr 2020 02:03:46 GMT
server: cloudflare
etag: "5e8d3102-1eccf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5857f3199efe0eb7-FRA
expires: Fri, 08 May 2020 02:09:20 GMT

GET
H2 200 59096172112ac8d0a77d043a87fd56c2.jpg
imagetot.com/images/2020/04/07/ 68 KB
68 KB 160ms
94ms Image
image/jpeg 2606:4700:3034::681c:1321
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagetot.com/images/2020/04/07/59096172112ac8d0a77d043a87fd56c2.jpg
Requested by: Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1321 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ecb38f448a3719e9f2374aa89ac8c7d57103441326167995768a5e09277bbd9

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
cf-cache-status: HIT
age: 70716
status: 200
content-length: 69747
cf-request-id: 022ad643fc00000eb74ab9d200000001
pragma: public
last-modified: Wed, 08 Apr 2020 02:00:46 GMT
server: cloudflare
etag: "5e8d304e-11073"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5857f3199f050eb7-FRA
expires: Sat, 16 May 2020 22:05:03 GMT

GET
H2 200 350c9b0a16282dfa916917356dc29c3f.jpg
imagetot.com/images/2020/04/07/ 54 KB
55 KB 85ms
19ms Image
image/jpeg 2606:4700:3034::681c:1321
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagetot.com/images/2020/04/07/350c9b0a16282dfa916917356dc29c3f.jpg
Requested by: Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1321 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5806870ad5cc460470b6529465b5ec73f2b01f2ade876f96b6e9a2db7bcc7e8

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
cf-cache-status: HIT
age: 53041
status: 200
content-length: 55435
cf-request-id: 022ad643fc00000eb74ab9e200000001
pragma: public
last-modified: Wed, 08 Apr 2020 02:00:46 GMT
server: cloudflare
etag: "5e8d304e-d88b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5857f3199f0a0eb7-FRA
expires: Sun, 17 May 2020 02:59:38 GMT

GET
H2 200 4144f4433af4b1550f5085576c51f237.jpg
imagetot.com/images/2020/04/07/ 57 KB
57 KB 94ms
28ms Image
image/jpeg 2606:4700:3034::681c:1321
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagetot.com/images/2020/04/07/4144f4433af4b1550f5085576c51f237.jpg
Requested by: Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1321 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88f033bf3b5adc786a3ec2b2184c26c57b76653b03d1f67b3a2a26d6a2dcda81

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
cf-cache-status: HIT
age: 53041
status: 200
content-length: 58237
cf-request-id: 022ad643fc00000eb74ab9f200000001
pragma: public
last-modified: Wed, 08 Apr 2020 02:00:46 GMT
server: cloudflare
etag: "5e8d304e-e37d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5857f3199f0d0eb7-FRA
expires: Sun, 17 May 2020 02:59:38 GMT

GET
H2 200 5bb3f9c34801e3df6bf023a43f720370.jpg
imagetot.com/images/2020/04/07/ 57 KB
57 KB 143ms
78ms Image
image/jpeg 2606:4700:3034::681c:1321
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagetot.com/images/2020/04/07/5bb3f9c34801e3df6bf023a43f720370.jpg
Requested by: Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1321 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1a6c18762e27a0036a2b528db2bb07293f800a0670984a5a1cc4778bce39523

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
cf-cache-status: HIT
age: 53041
status: 200
content-length: 58226
cf-request-id: 022ad643fc00000eb74aba0200000001
pragma: public
last-modified: Wed, 08 Apr 2020 02:00:47 GMT
server: cloudflare
etag: "5e8d304f-e372"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5857f3199f110eb7-FRA
expires: Sun, 17 May 2020 02:59:38 GMT

GET
H2 200 47d3e693ad6cefb30829cb4f1b7fd517.jpg
imagetot.com/images/2020/04/07/ 81 KB
81 KB 98ms
32ms Image
image/jpeg 2606:4700:3034::681c:1321
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagetot.com/images/2020/04/07/47d3e693ad6cefb30829cb4f1b7fd517.jpg
Requested by: Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1321 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54b8c7d104b455576a7e61973d2a6096e9d5e81b1f32a901b8df28ddf3a0bd80

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
cf-cache-status: HIT
age: 53041
status: 200
content-length: 82472
cf-request-id: 022ad643fc00000eb74aba1200000001
pragma: public
last-modified: Wed, 08 Apr 2020 02:00:47 GMT
server: cloudflare
etag: "5e8d304f-14228"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5857f3199f150eb7-FRA
expires: Sun, 17 May 2020 02:59:38 GMT

GET
H2 200 197767ac9a9e17109eef868ce7f22ab1.jpg
imagetot.com/images/2020/04/06/ 169 KB
169 KB 88ms
77ms Image
image/jpeg 2606:4700:3034::681c:1321
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagetot.com/images/2020/04/06/197767ac9a9e17109eef868ce7f22ab1.jpg
Requested by: Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1321 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c55339e457dc9b6ab2231bd49fe751a69f1143f51804f20b4c5441ed127769d4

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
cf-cache-status: HIT
age: 916634
status: 200
content-length: 172975
cf-request-id: 022ad643fc00000eb74ab9b200000001
pragma: public
last-modified: Tue, 07 Apr 2020 02:55:14 GMT
server: cloudflare
etag: "5e8beb92-2a3af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5857f3199ef90eb7-FRA
expires: Thu, 07 May 2020 03:06:25 GMT

GET
H2 200 345ed90102518a2f03f230a63ec811a2.jpg
imagetot.com/images/2020/04/06/ 39 KB
39 KB 76ms
75ms Image
image/jpeg 2606:4700:3034::681c:1321
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagetot.com/images/2020/04/06/345ed90102518a2f03f230a63ec811a2.jpg
Requested by: Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1321 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a24a3e95979d2bb524efb4890e4964b62e6e8908df46492369a8e0573188d12e

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
cf-cache-status: MISS
status: 200
content-length: 39528
cf-request-id: 022ad6440c00000eb74aba7200000001
pragma: public
last-modified: Tue, 07 Apr 2020 03:02:17 GMT
server: cloudflare
etag: "5e8bed39-9a68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5857f319af540eb7-FRA
expires: Sun, 17 May 2020 17:43:39 GMT

GET
H2 200 133e4e64d3868d58f414de8172d7ef12.jpg
imagetot.com/images/2020/04/06/ 56 KB
56 KB 67ms
66ms Image
image/jpeg 2606:4700:3034::681c:1321
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagetot.com/images/2020/04/06/133e4e64d3868d58f414de8172d7ef12.jpg
Requested by: Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1321 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffc6153a7d037c0a5fdb30a2ef380eba84576daed6d3e94b37dbaf293c557a3d

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
cf-cache-status: HIT
age: 916634
status: 200
content-length: 56891
cf-request-id: 022ad6440c00000eb74aba8200000001
pragma: public
last-modified: Tue, 07 Apr 2020 03:02:17 GMT
server: cloudflare
etag: "5e8bed39-de3b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5857f319af550eb7-FRA
expires: Thu, 07 May 2020 03:06:25 GMT

GET
H2 200 98a80c93d2fd9cee4182c895df34a588.jpg
imagetot.com/images/2020/04/06/ 88 KB
88 KB 82ms
81ms Image
image/jpeg 2606:4700:3034::681c:1321
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagetot.com/images/2020/04/06/98a80c93d2fd9cee4182c895df34a588.jpg
Requested by: Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1321 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c749b1b3aec467717beaa35555d368a3cdf50831b2fae15855e5282d6ed1de50

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
cf-cache-status: MISS
status: 200
content-length: 89880
cf-request-id: 022ad6440c00000eb74aba9200000001
pragma: public
last-modified: Tue, 07 Apr 2020 03:02:17 GMT
server: cloudflare
etag: "5e8bed39-15f18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5857f319af590eb7-FRA
expires: Sun, 17 May 2020 17:43:39 GMT

GET
H2 200 91bb0a9efb10042d3a631343a81cd101.jpg
imagetot.com/images/2020/04/06/ 72 KB
72 KB 64ms
63ms Image
image/jpeg 2606:4700:3034::681c:1321
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagetot.com/images/2020/04/06/91bb0a9efb10042d3a631343a81cd101.jpg
Requested by: Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1321 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 353147a820c25c1acc8bfa830ec8ecaade5d65d043230ba2c26393a528b4e1c1

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
cf-cache-status: HIT
age: 916634
status: 200
content-length: 73319
cf-request-id: 022ad6440c00000eb74abaa200000001
pragma: public
last-modified: Tue, 07 Apr 2020 03:02:17 GMT
server: cloudflare
etag: "5e8bed39-11e67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5857f319af5c0eb7-FRA
expires: Thu, 07 May 2020 03:06:25 GMT

GET
H2 200 9ee9a6e37053b1d05ab4c9c79056eb1d.jpg
imagetot.com/images/2020/04/06/ 125 KB
126 KB 76ms
74ms Image
image/jpeg 2606:4700:3034::681c:1321
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagetot.com/images/2020/04/06/9ee9a6e37053b1d05ab4c9c79056eb1d.jpg
Requested by: Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681c:1321 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea5cc6a4a2e5050c8bfa13b742348efbb1be09ba0c510106364bf707ba4f5124

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 17:43:39 GMT
cf-cache-status: HIT
age: 916634
status: 200
content-length: 128456
cf-request-id: 022ad6440c00000eb74abab200000001
pragma: public
last-modified: Tue, 07 Apr 2020 03:02:17 GMT
server: cloudflare
etag: "5e8bed39-1f5c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 5857f319af5f0eb7-FRA
expires: Thu, 07 May 2020 03:06:25 GMT

GET
DATA 200
OK truncated
/ Frame AEC4 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H/1.1 200
OK custom Show response
pushsar.com/ 39 B
496 B 53ms
53ms Fetch
application/json 206.54.165.151
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://pushsar.com/custom

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

206.54.165.151 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: ac40a0b7ee5df544359f5925ed0e0f81
Date: Fri, 17 Apr 2020 17:43:39 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://www.gamingtipsbygd.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
BLOB 200
OK b654ed23-cd49-4e3d-99fd-fd9f8c1f5739
http://www.gamingtipsbygd.com/ 40 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:http://www.gamingtipsbygd.com/b654ed23-cd49-4e3d-99fd-fd9f8c1f5739
Requested by: Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d5d98c8ae7a86dd2748bc3a24caaa674bbd80f5766bbe2ed74cb51adeb73bb4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length: 41423
Content-Type: image/png

GET
BLOB 200
OK a75c27e6-d5c3-4d8c-bc28-3c9026775dba Show response
http://www.gamingtipsbygd.com/ Frame BA25 2 KB
0 Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://www.gamingtipsbygd.com/a75c27e6-d5c3-4d8c-bc28-3c9026775dba
Requested by: Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f90773c1845f50f79a9e1d395c0ae7a4c1c5687c53679bb781feb304fad49af9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length: 1904
Content-Type: text/html

GET
BLOB 200
OK d0273435-b32f-4792-ad6f-7a9845156f6c Show response
http://www.gamingtipsbygd.com/ Frame 5016 2 KB
0 Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://www.gamingtipsbygd.com/d0273435-b32f-4792-ad6f-7a9845156f6c
Requested by: Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d30373346a5677932f0772d396a3d34a459fe6eaba4ae0a3ea6faa17d3f4e63

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length: 1904
Content-Type: text/html

GET
BLOB 200
OK c946bcd2-2e2f-405e-a36d-85d0b36a1364 Show response
http://www.gamingtipsbygd.com/ Frame 9EAB 2 KB
0 Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://www.gamingtipsbygd.com/c946bcd2-2e2f-405e-a36d-85d0b36a1364
Requested by: Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 259bfd901885de1031276f471fabbea544f9cd93a895d02e5588d7fd0e1ef077

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length: 1904
Content-Type: text/html

GET
BLOB 200
OK f64d78c4-2a1a-4e18-be31-ff21706d67a1 Show response
http://www.gamingtipsbygd.com/ Frame 41F8 247 KB
0 Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://www.gamingtipsbygd.com/f64d78c4-2a1a-4e18-be31-ff21706d67a1
Requested by: Host: www.gamingtipsbygd.com
URL: blob:http://www.gamingtipsbygd.com/a75c27e6-d5c3-4d8c-bc28-3c9026775dba
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40037dd6093f9d425231c53be986827b4bb0757e55fc6af88f81fa6dce2883c2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length: 253001
Content-Type: text/html

GET
BLOB 200
OK c21be7c7-a68c-47c8-9afe-74dac1597d60 Show response
http://www.gamingtipsbygd.com/ Frame 04D8 252 KB
0 Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://www.gamingtipsbygd.com/c21be7c7-a68c-47c8-9afe-74dac1597d60
Requested by: Host: www.gamingtipsbygd.com
URL: blob:http://www.gamingtipsbygd.com/d0273435-b32f-4792-ad6f-7a9845156f6c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94b9479669d060f66998cca860c2633803225dcf5d0841f49347cb81b08d0678

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length: 257634
Content-Type: text/html

GET
BLOB 200
OK 549e7322-a855-4cc9-87e9-6191de87dd47 Show response
http://www.gamingtipsbygd.com/ Frame 0997 247 KB
0 Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://www.gamingtipsbygd.com/549e7322-a855-4cc9-87e9-6191de87dd47
Requested by: Host: www.gamingtipsbygd.com
URL: blob:http://www.gamingtipsbygd.com/c946bcd2-2e2f-405e-a36d-85d0b36a1364
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40037dd6093f9d425231c53be986827b4bb0757e55fc6af88f81fa6dce2883c2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length: 253001
Content-Type: text/html

GET
DATA 200
OK truncated
/ Frame 41F8 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b2bce75ccde2bc29eb4dad97f433b00236cf53660eef2b13cbfe5d340aea349

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 41F8 717 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b534fff8035d232ecaec3ca6ad67df6d37786fefef47a61f100ac6ff44bb5d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 04D8 12 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 054ba0ae61f2bd947939853f0ff95b7fef9010ef96fb612b1815af660aac5550

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 04D8 804 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f33d29d9902742a08fe6956fc3aa9b6945ef105671d33eae6ba5793f45f4ef9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0997 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b2bce75ccde2bc29eb4dad97f433b00236cf53660eef2b13cbfe5d340aea349

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0997 717 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b534fff8035d232ecaec3ca6ad67df6d37786fefef47a61f100ac6ff44bb5d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 41F8 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98015804d6c612f02ec88978995603146e3525d0c78225a1fdc6d63ddf47c0af

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 41F8 63 KB
63 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0275679ffb2b6abe28f7636402008ed24426c8d84fdfca5aa7803ae407170356

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: null

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ Frame 41F8 68 KB
68 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2013945e077d5287e02dd14e8a29ceb880db9ff2aab1ae5c3f3f17d08fe5d6cd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: null

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ Frame 41F8 747 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 047c03ab40f81ffdc2e81de76156e106b083b4927cbf0607e2fcf2a5140a2697

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 41F8 36 KB
36 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dcd3f9ed8cc9687012ed230fcea0a5de7066fbc95eb00919e37ce730efb1d26a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: null

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ Frame 04D8 63 KB
0 Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0275679ffb2b6abe28f7636402008ed24426c8d84fdfca5aa7803ae407170356

Request headers

Origin: null
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ Frame 04D8 36 KB
0 Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dcd3f9ed8cc9687012ed230fcea0a5de7066fbc95eb00919e37ce730efb1d26a

Request headers

Origin: null
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ Frame 04D8 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff1ce9e2cac21231acc00899e043a2a504bae341c25ae368e3df485d243145fd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 04D8 68 KB
68 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2013945e077d5287e02dd14e8a29ceb880db9ff2aab1ae5c3f3f17d08fe5d6cd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: null

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ Frame 04D8 724 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b6d07641fa37a119a8a9d7ac49073d3d75394b3fe3272beb7a8265146e70f2d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0997 63 KB
0 Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0275679ffb2b6abe28f7636402008ed24426c8d84fdfca5aa7803ae407170356

Request headers

Origin: null
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ Frame 0997 36 KB
0 Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dcd3f9ed8cc9687012ed230fcea0a5de7066fbc95eb00919e37ce730efb1d26a

Request headers

Origin: null
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ Frame 0997 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98015804d6c612f02ec88978995603146e3525d0c78225a1fdc6d63ddf47c0af

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0997 68 KB
68 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2013945e077d5287e02dd14e8a29ceb880db9ff2aab1ae5c3f3f17d08fe5d6cd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin: null

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ Frame 0997 747 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 047c03ab40f81ffdc2e81de76156e106b083b4927cbf0607e2fcf2a5140a2697

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

8cbf77f80777482789ce0ccd91de44a9
cardmrket.com/view/ Frame CB86
Redirect Chain

https://kayakm.com/l/n/view/5536f9ed8dd744deba0fe2e6fc7d3480?r=aHR0cHM6Ly9jYXJkbXJrZXQuY29tL3ZpZXcvOGNiZjc3ZjgwNzc3NDgyNzg5Y2UwY2NkOTFkZTQ0YTk&cid=224caaf2bac1812cfe6b93983fcca400&pto=0001-00000028...
https://cardmrket.com/view/8cbf77f80777482789ce0ccd91de44a9?cid=224caaf2bac1812cfe6b93983fcca400&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcm...

0
0

107ms
57ms

Document
text/html

2606:4700:3035::681b:8e9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cardmrket.com/view/8cbf77f80777482789ce0ccd91de44a9?cid=224caaf2bac1812cfe6b93983fcca400&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJdzdfRG54RER1WGtSd29yRGxNS1B3cmJDbzNnQUZ4WWkNMQkwDTIJMTYwMA0zCTEyMDANNAlodHRwOi8vd3d3LmdhbWluZ3RpcHNieWdkLmNvbS8NNQkNNgkNNwkwDTgJZmVkOGNjYTRhMmE2NGZlZWE0Nzk5ZmJmOTAxM2IyNGU&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi&pto=0001-00000028-3E05&pid=db5861273c2e476bab814461d2335686&eid=224caaf2bac1812cfe6b93983fcca402&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi
Requested by: Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8e9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cardmrket.com
:scheme: https
:path: /view/8cbf77f80777482789ce0ccd91de44a9?cid=224caaf2bac1812cfe6b93983fcca400&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJdzdfRG54RER1WGtSd29yRGxNS1B3cmJDbzNnQUZ4WWkNMQkwDTIJMTYwMA0zCTEyMDANNAlodHRwOi8vd3d3LmdhbWluZ3RpcHNieWdkLmNvbS8NNQkNNgkNNwkwDTgJZmVkOGNjYTRhMmE2NGZlZWE0Nzk5ZmJmOTAxM2IyNGU&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi&pto=0001-00000028-3E05&pid=db5861273c2e476bab814461d2335686&eid=224caaf2bac1812cfe6b93983fcca402&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.gamingtipsbygd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.gamingtipsbygd.com/

Response headers

status: 200
date: Fri, 17 Apr 2020 17:43:41 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d4ab77f22b0a3d2239e42859346fb71b61587145420; expires=Sun, 17-May-20 17:43:40 GMT; path=/; domain=.cardmrket.com; HttpOnly; SameSite=Lax; Secure tid=DcNWIE2DJTPeEVGGN7pr6w2hlL3pxQ; expires=Sun, 17-May-2020 17:43:40 GMT; Max-Age=2592000; path=/; domain=cardmrket.com; secure; httponly; samesite=none __cf_bm=0c3534a128958268eb030e46061ed47cbbd49d70-1587145421-1800-ATA1c9Wk3A6cInwrFRJUPBBMzut0TUPgqtgzminDrf7g60k8S1CxeoMpi5mCRi3UapJi+B53tTXaL5KS1uwco5E=; path=/; expires=Fri, 17-Apr-20 18:13:41 GMT; domain=.cardmrket.com; HttpOnly; Secure; SameSite=None
cache-control: max-age=0, no-transform, private
p3p: CP="CAO PSA OUR"
etag: W/"xem9lKEN62u6N4ZREd4zJYNNIFbDDQ"
last-modified: Fri, 17 Apr 2020 17:43:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5857f320f903178e-FRA
cf-request-id: 022ad648980000178e0faff200000001

Redirect headers

status: 302
date: Fri, 17 Apr 2020 17:43:40 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d27b586fdd402351c417f5de830cbe7f81587145420; expires=Sun, 17-May-20 17:43:40 GMT; path=/; domain=.kayakm.com; HttpOnly; SameSite=Lax; Secure __cf_bm=6f25d2c00c24856cb6a73fe690d51090f4469896-1587145420-1800-Abwc5Tt66LRfjTWYuGZU9jSYd6Uwpezox3HzumcaivyKgB8HJZOIWzW14xzO3XIA5sSBKiwhel07al66wQtnGXM=; path=/; expires=Fri, 17-Apr-20 18:13:40 GMT; domain=.kayakm.com; HttpOnly; Secure; SameSite=None
cache-control: no-cache, private
location: https://cardmrket.com/view/8cbf77f80777482789ce0ccd91de44a9?cid=224caaf2bac1812cfe6b93983fcca400&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJdzdfRG54RER1WGtSd29yRGxNS1B3cmJDbzNnQUZ4WWkNMQkwDTIJMTYwMA0zCTEyMDANNAlodHRwOi8vd3d3LmdhbWluZ3RpcHNieWdkLmNvbS8NNQkNNgkNNwkwDTgJZmVkOGNjYTRhMmE2NGZlZWE0Nzk5ZmJmOTAxM2IyNGU&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi&pto=0001-00000028-3E05&pid=db5861273c2e476bab814461d2335686&eid=224caaf2bac1812cfe6b93983fcca402&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5857f3206d251f41-FRA
cf-request-id: 022ad6483e00001f41da82f200000001

GET
H2

200

9f00dc64e8e6420fa140ccdb4e818223
cardmrket.com/view/ Frame B07C
Redirect Chain

https://kayakm.com/l/n/view/9a2265ac200e412ca3cce73282507634?r=aHR0cHM6Ly9jYXJkbXJrZXQuY29tL3ZpZXcvOWYwMGRjNjRlOGU2NDIwZmExNDBjY2RiNGU4MTgyMjM&cid=d6acf4cc020542c6509444fddca21e00&pto=0001-00000028...
https://cardmrket.com/view/9f00dc64e8e6420fa140ccdb4e818223?cid=d6acf4cc020542c6509444fddca21e00&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcm...

0
0

45ms
43ms

Document
text/html

2606:4700:3035::681b:8e9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cardmrket.com/view/9f00dc64e8e6420fa140ccdb4e818223?cid=d6acf4cc020542c6509444fddca21e00&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJdzdfRG54RER1WGtSd29yRGxNS1B3cmJDbzNnQUZ4WWkNMQkwDTIJMTYwMA0zCTEyMDANNAlodHRwOi8vd3d3LmdhbWluZ3RpcHNieWdkLmNvbS8NNQkNNgkNNwkwDTgJZjU3M2NhYzdlODI3NGJkMWIwMjM0ZjAwOTYxMGJlYjc&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi&pto=0001-00000028-3E05&pid=db5861273c2e476bab814461d2335686&eid=d6acf4cc020542c6509444fddca21e02&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi
Requested by: Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8e9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cardmrket.com
:scheme: https
:path: /view/9f00dc64e8e6420fa140ccdb4e818223?cid=d6acf4cc020542c6509444fddca21e00&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJdzdfRG54RER1WGtSd29yRGxNS1B3cmJDbzNnQUZ4WWkNMQkwDTIJMTYwMA0zCTEyMDANNAlodHRwOi8vd3d3LmdhbWluZ3RpcHNieWdkLmNvbS8NNQkNNgkNNwkwDTgJZjU3M2NhYzdlODI3NGJkMWIwMjM0ZjAwOTYxMGJlYjc&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi&pto=0001-00000028-3E05&pid=db5861273c2e476bab814461d2335686&eid=d6acf4cc020542c6509444fddca21e02&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.gamingtipsbygd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.gamingtipsbygd.com/

Response headers

status: 200
date: Fri, 17 Apr 2020 17:43:40 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d4ab77f22b0a3d2239e42859346fb71b61587145420; expires=Sun, 17-May-20 17:43:40 GMT; path=/; domain=.cardmrket.com; HttpOnly; SameSite=Lax; Secure tid=DcNWIE2DJTPeEVGGN7pr6w2hlL3pxQ; expires=Sun, 17-May-2020 17:43:40 GMT; Max-Age=2592000; path=/; domain=cardmrket.com; secure; httponly; samesite=none __cf_bm=a53b7e3706e8b069ff2e6b3b23e999d743457559-1587145420-1800-AVOUwlO4BCT7GtKAdYDs2mAq3uK7Ru9X2p9uM8ipq44E1RIWeq0KIjvQ0tZYwvTf7dRiL6sJfWSJgd2OnkvvKEY=; path=/; expires=Fri, 17-Apr-20 18:13:40 GMT; domain=.cardmrket.com; HttpOnly; Secure; SameSite=None
cache-control: max-age=0, no-transform, private
p3p: CP="CAO PSA OUR"
etag: W/"xem9lKEN62u6N4ZREd4zJYNNIFbDDQ"
last-modified: Fri, 17 Apr 2020 17:43:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5857f320f907178e-FRA
cf-request-id: 022ad648990000178e0fb00200000001

Redirect headers

status: 302
date: Fri, 17 Apr 2020 17:43:40 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d27b586fdd402351c417f5de830cbe7f81587145420; expires=Sun, 17-May-20 17:43:40 GMT; path=/; domain=.kayakm.com; HttpOnly; SameSite=Lax; Secure __cf_bm=5575d61a108528317ba820561fef8cebc0b14281-1587145420-1800-AW2y3GuOeZbhmJsb/0JiT6/qyEq59Leyyszsjb78MsIH4ftbOYP1hM969tE6BPmAMjdCNGxi3Tr8qJheL8rw7KA=; path=/; expires=Fri, 17-Apr-20 18:13:40 GMT; domain=.kayakm.com; HttpOnly; Secure; SameSite=None
cache-control: no-cache, private
location: https://cardmrket.com/view/9f00dc64e8e6420fa140ccdb4e818223?cid=d6acf4cc020542c6509444fddca21e00&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJdzdfRG54RER1WGtSd29yRGxNS1B3cmJDbzNnQUZ4WWkNMQkwDTIJMTYwMA0zCTEyMDANNAlodHRwOi8vd3d3LmdhbWluZ3RpcHNieWdkLmNvbS8NNQkNNgkNNwkwDTgJZjU3M2NhYzdlODI3NGJkMWIwMjM0ZjAwOTYxMGJlYjc&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi&pto=0001-00000028-3E05&pid=db5861273c2e476bab814461d2335686&eid=d6acf4cc020542c6509444fddca21e02&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5857f3209db51f41-FRA
cf-request-id: 022ad6486000001f41da832200000001

GET
H2

200

3c87509a70524d1db8b50895a548dc3e
cardmrket.com/view/ Frame B672
Redirect Chain

https://kayakm.com/l/n/view/2cd1370497ee44d1bc67ffba347dbbad?r=aHR0cHM6Ly9jYXJkbXJrZXQuY29tL3ZpZXcvM2M4NzUwOWE3MDUyNGQxZGI4YjUwODk1YTU0OGRjM2U&cid=53895bc70df7df8872e3cc47f1aded00&pto=0001-00000028...
https://cardmrket.com/view/3c87509a70524d1db8b50895a548dc3e?cid=53895bc70df7df8872e3cc47f1aded00&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcm...

0
0

61ms
60ms

Document
text/html

2606:4700:3035::681b:8e9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cardmrket.com/view/3c87509a70524d1db8b50895a548dc3e?cid=53895bc70df7df8872e3cc47f1aded00&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJdzdfRG54RER1WGtSd29yRGxNS1B3cmJDbzNnQUZ4WWkNMQkwDTIJMTYwMA0zCTEyMDANNAlodHRwOi8vd3d3LmdhbWluZ3RpcHNieWdkLmNvbS8NNQkNNgkNNwkwDTgJMjRjMzZjN2EzZGQ3NGJlOWFmNzk1Yjg4NmJkODNjYjQ&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi&pto=0001-00000028-3E05&pid=db5861273c2e476bab814461d2335686&eid=53895bc70df7df8872e3cc47f1aded02&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi
Requested by: Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8e9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cardmrket.com
:scheme: https
:path: /view/3c87509a70524d1db8b50895a548dc3e?cid=53895bc70df7df8872e3cc47f1aded00&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJdzdfRG54RER1WGtSd29yRGxNS1B3cmJDbzNnQUZ4WWkNMQkwDTIJMTYwMA0zCTEyMDANNAlodHRwOi8vd3d3LmdhbWluZ3RpcHNieWdkLmNvbS8NNQkNNgkNNwkwDTgJMjRjMzZjN2EzZGQ3NGJlOWFmNzk1Yjg4NmJkODNjYjQ&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi&pto=0001-00000028-3E05&pid=db5861273c2e476bab814461d2335686&eid=53895bc70df7df8872e3cc47f1aded02&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.gamingtipsbygd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.gamingtipsbygd.com/

Response headers

status: 200
date: Fri, 17 Apr 2020 17:43:41 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d4ab77f22b0a3d2239e42859346fb71b61587145420; expires=Sun, 17-May-20 17:43:40 GMT; path=/; domain=.cardmrket.com; HttpOnly; SameSite=Lax; Secure tid=DcNWIE2DJTPeEVGGN7pr6w2hlL3pxQ; expires=Sun, 17-May-2020 17:43:41 GMT; Max-Age=2592000; path=/; domain=cardmrket.com; secure; httponly; samesite=none __cf_bm=8701b3ef59a04819ec5a7cbd3af9ed038044c678-1587145421-1800-Ad/IpXEzByT/dFbXgaoiY0ATK6ESCwsKCizss0juJq1R6/6qkx6IKMPDW9nij7NURG+EtetuZAM50oz9M+HsyY4=; path=/; expires=Fri, 17-Apr-20 18:13:41 GMT; domain=.cardmrket.com; HttpOnly; Secure; SameSite=None
cache-control: max-age=0, no-transform, private
p3p: CP="CAO PSA OUR"
etag: W/"xem9lKEN62u6N4ZREd4zJYNNIFbDDQ"
last-modified: Fri, 17 Apr 2020 17:43:41 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5857f321298e178e-FRA
cf-request-id: 022ad648bb0000178e0fb04200000001

Redirect headers

status: 302
date: Fri, 17 Apr 2020 17:43:40 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d27b586fdd402351c417f5de830cbe7f81587145420; expires=Sun, 17-May-20 17:43:40 GMT; path=/; domain=.kayakm.com; HttpOnly; SameSite=Lax; Secure __cf_bm=04fbbbcbecb97e8954f948f64f6b4068ec0caaee-1587145420-1800-AbyMhYmt0aawyZeU8RFTAoW4qkIOBWBotiyZlQFkF/zg8Xw0LIaOaLCkHEAAuAKgc2sYusZYroOo7cZcO2RUMYk=; path=/; expires=Fri, 17-Apr-20 18:13:40 GMT; domain=.kayakm.com; HttpOnly; Secure; SameSite=None
cache-control: no-cache, private
location: https://cardmrket.com/view/3c87509a70524d1db8b50895a548dc3e?cid=53895bc70df7df8872e3cc47f1aded00&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJdzdfRG54RER1WGtSd29yRGxNS1B3cmJDbzNnQUZ4WWkNMQkwDTIJMTYwMA0zCTEyMDANNAlodHRwOi8vd3d3LmdhbWluZ3RpcHNieWdkLmNvbS8NNQkNNgkNNwkwDTgJMjRjMzZjN2EzZGQ3NGJlOWFmNzk1Yjg4NmJkODNjYjQ&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi&pto=0001-00000028-3E05&pid=db5861273c2e476bab814461d2335686&eid=53895bc70df7df8872e3cc47f1aded02&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5857f320febd1f41-FRA
cf-request-id: 022ad6489700001f41da837200000001

GET
H2

200

9f00dc64e8e6420fa140ccdb4e818223
cardmrket.com/view/ Frame 2B84
Redirect Chain

https://kayakm.com/l/n/view/9a2265ac200e412ca3cce73282507634?r=aHR0cHM6Ly9jYXJkbXJrZXQuY29tL3ZpZXcvOWYwMGRjNjRlOGU2NDIwZmExNDBjY2RiNGU4MTgyMjM&cid=793de31986f986db946f0d27bbe5a300&pto=0001-00000028...
https://cardmrket.com/view/9f00dc64e8e6420fa140ccdb4e818223?cid=793de31986f986db946f0d27bbe5a300&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcm...

0
0

85ms
85ms

Document
text/html

2606:4700:3035::681b:8e9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cardmrket.com/view/9f00dc64e8e6420fa140ccdb4e818223?cid=793de31986f986db946f0d27bbe5a300&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJdzdfRG54RER1WGtSd29yRGxNS1B3cmJDbzNnQUZ4WWkNMQkwDTIJMTYwMA0zCTEyMDANNAlodHRwOi8vd3d3LmdhbWluZ3RpcHNieWdkLmNvbS8NNQkNNgkNNwkwDTgJZjU3M2NhYzdlODI3NGJkMWIwMjM0ZjAwOTYxMGJlYjc&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi&pto=0001-00000028-3E05&pid=db5861273c2e476bab814461d2335686&eid=793de31986f986db946f0d27bbe5a302&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi
Requested by: Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8e9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cardmrket.com
:scheme: https
:path: /view/9f00dc64e8e6420fa140ccdb4e818223?cid=793de31986f986db946f0d27bbe5a300&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJdzdfRG54RER1WGtSd29yRGxNS1B3cmJDbzNnQUZ4WWkNMQkwDTIJMTYwMA0zCTEyMDANNAlodHRwOi8vd3d3LmdhbWluZ3RpcHNieWdkLmNvbS8NNQkNNgkNNwkwDTgJZjU3M2NhYzdlODI3NGJkMWIwMjM0ZjAwOTYxMGJlYjc&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi&pto=0001-00000028-3E05&pid=db5861273c2e476bab814461d2335686&eid=793de31986f986db946f0d27bbe5a302&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.gamingtipsbygd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: tid=DcNWIE2DJTPeEVGGN7pr6w2hlL3pxQ; __cf_bm=8701b3ef59a04819ec5a7cbd3af9ed038044c678-1587145421-1800-Ad/IpXEzByT/dFbXgaoiY0ATK6ESCwsKCizss0juJq1R6/6qkx6IKMPDW9nij7NURG+EtetuZAM50oz9M+HsyY4=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.gamingtipsbygd.com/

Response headers

status: 200
date: Fri, 17 Apr 2020 17:43:41 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d646de30371c04bf715d25d2453ff73f21587145421; expires=Sun, 17-May-20 17:43:41 GMT; path=/; domain=.cardmrket.com; HttpOnly; SameSite=Lax; Secure tid=DcNWIE2DJTPeEVGGN7pr6w2hlL3pxQ; expires=Sun, 17-May-2020 17:43:41 GMT; Max-Age=2592000; path=/; domain=cardmrket.com; secure; httponly; samesite=none __cf_bm=b7e3840444e438f00bfde870ab0942bec3edca2c-1587145421-1800-AQZZxx+HnsTr+rhBCCtcl9b/4vf4qtlwl5MeCXIapFo4Udfcc5vwWuJSg7Yho+ZDIyTw6VwKu689ZywuqIMSrp4=; path=/; expires=Fri, 17-Apr-20 18:13:41 GMT; domain=.cardmrket.com; HttpOnly; Secure; SameSite=None
cache-control: max-age=0, no-transform, private
p3p: CP="CAO PSA OUR"
etag: W/"xem9lKEN62u6N4ZREd4zJYNNIFbDDQ"
last-modified: Fri, 17 Apr 2020 17:43:41 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5857f321ab2a178e-FRA
cf-request-id: 022ad649070000178e0fb08200000001

Redirect headers

status: 302
date: Fri, 17 Apr 2020 17:43:41 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d27b586fdd402351c417f5de830cbe7f81587145420; expires=Sun, 17-May-20 17:43:40 GMT; path=/; domain=.kayakm.com; HttpOnly; SameSite=Lax; Secure __cf_bm=997c54b9ec278ef4b569d49ad490820734c976eb-1587145421-1800-Ae5LQx+QzVeXhTTDTdqTFqrssrbeJcdFxN+sD259CvjFgH+yv0z34aqfXFEoVSGq44T2DLhPhGamGL5F5NyBF5g=; path=/; expires=Fri, 17-Apr-20 18:13:41 GMT; domain=.kayakm.com; HttpOnly; Secure; SameSite=None
cache-control: no-cache, private
location: https://cardmrket.com/view/9f00dc64e8e6420fa140ccdb4e818223?cid=793de31986f986db946f0d27bbe5a300&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJdzdfRG54RER1WGtSd29yRGxNS1B3cmJDbzNnQUZ4WWkNMQkwDTIJMTYwMA0zCTEyMDANNAlodHRwOi8vd3d3LmdhbWluZ3RpcHNieWdkLmNvbS8NNQkNNgkNNwkwDTgJZjU3M2NhYzdlODI3NGJkMWIwMjM0ZjAwOTYxMGJlYjc&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi&pto=0001-00000028-3E05&pid=db5861273c2e476bab814461d2335686&eid=793de31986f986db946f0d27bbe5a302&iid=w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5857f3210efc1f41-FRA
cf-request-id: 022ad648a500001f41da839200000001

GET
H2 200 w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi.html
gitoku.com/register/xc449bad4854773ff/DcNWIE2DJTPeEVGGN7pr6w2hlL3pxQ/ Frame 51B1 0
0 31ms
31ms Document
text/html 2606:4700:3034::681b:8af5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gitoku.com/register/xc449bad4854773ff/DcNWIE2DJTPeEVGGN7pr6w2hlL3pxQ/w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi.html
Requested by: Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:8af5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: gitoku.com
:scheme: https
:path: /register/xc449bad4854773ff/DcNWIE2DJTPeEVGGN7pr6w2hlL3pxQ/w7_DnxDDuXkRworDlMKPwrbCo3gAFxYi.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.gamingtipsbygd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __au=RpyPcRYXGVP6RfagsORZIg%3D%3D; __cf_bm=55ad940c0a8e4d8da7fcf2d18d2a26d47a821965-1587145420-1800-ATfKH4/c3et0ARy5T8MKaBdoIueQJCLbXYif57B5/4bmi+tHOeH2ytsuXw/L5IM3RlMnf/TWf7Bf4lYG3BDr1jg=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.gamingtipsbygd.com/

Response headers

status: 200
date: Fri, 17 Apr 2020 17:43:41 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d4159b2cfd8b3bfa76682d59e439fff261587145421; expires=Sun, 17-May-20 17:43:41 GMT; path=/; domain=.gitoku.com; HttpOnly; SameSite=Lax; Secure __au=RpyPcRYXGVP6RfagsORZIg%3D%3D; expires=Sat, 17-Apr-2021 17:43:41 GMT; Max-Age=31536000; path=/; secure; httponly; samesite=none __cf_bm=c8461e632c00e2f68c06a504370cd8093e685678-1587145421-1800-AY2Td0L/fdLP6JZnvh0/3hsNkdvjg+1bdg+o8RXCgcUK9s2sFtYNhKe0s8itsES/AERzWdWhotmGTX8XW5YrUcw=; path=/; expires=Fri, 17-Apr-20 18:13:41 GMT; domain=.gitoku.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding Accept-Encoding
cache-control: max-age=0, private, s-maxage=0
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5857f3225c141f3d-FRA
content-encoding: br
cf-request-id: 022ad6497200001f3d762d7200000001

GET
H2 200 4e79a7f8.html
gitoku.com/re/469c8f7116171953fa45f6a0b0e45922/ Frame 0903 0
0 34ms
34ms Document
text/html 2606:4700:3034::681b:8af5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gitoku.com/re/469c8f7116171953fa45f6a0b0e45922/4e79a7f8.html
Requested by: Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:8af5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: gitoku.com
:scheme: https
:path: /re/469c8f7116171953fa45f6a0b0e45922/4e79a7f8.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.gamingtipsbygd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __au=RpyPcRYXGVP6RfagsORZIg%3D%3D; __cf_bm=c8461e632c00e2f68c06a504370cd8093e685678-1587145421-1800-AY2Td0L/fdLP6JZnvh0/3hsNkdvjg+1bdg+o8RXCgcUK9s2sFtYNhKe0s8itsES/AERzWdWhotmGTX8XW5YrUcw=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.gamingtipsbygd.com/

Response headers

status: 200
date: Fri, 17 Apr 2020 17:43:41 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d4159b2cfd8b3bfa76682d59e439fff261587145421; expires=Sun, 17-May-20 17:43:41 GMT; path=/; domain=.gitoku.com; HttpOnly; SameSite=Lax; Secure __cf_bm=50aa2c32a4fed485be3988c36aeffe50ea0a9bac-1587145421-1800-AfaPxNl0fb8wyi8VnTB32xnZeSSpR45b+eU9KdIifYS+CymH5+0vilwfMQg2jWjCjjWMmJWNev1bhIhOaITHuvM=; path=/; expires=Fri, 17-Apr-20 18:13:41 GMT; domain=.gitoku.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding Accept-Encoding
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5857f322edcb1f3d-FRA
content-encoding: br
cf-request-id: 022ad649cf00001f3d762e2200000001

POST
H/1.1 200
OK custom Show response
pushsar.com/ 39 B
496 B 25ms
25ms Fetch
application/json 206.54.165.151
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://pushsar.com/custom

Requested by

Host: www.gamingtipsbygd.com
URL: http://www.gamingtipsbygd.com/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

206.54.165.151 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.gamingtipsbygd.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 53d1c0c4063ed0b4f9f247387c3fc8c5
Date: Fri, 17 Apr 2020 17:43:41 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://www.gamingtipsbygd.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-19 13:15:56	Name: NID Value: 202=mmv9OsVlW4YfGR3VI4yczfzf4fqmtRuV-QfIiQWorjAHuCOm8AFWkbMcgvJTFNGIxAUW-IQHbyPM2qNkKai6I1YiKwv6UOr_E5Nk8r0jo7VMKqiz2fYscCiilgHiha0nYQxXViJ-AxEzTkssagow0L1vK7o34hzJKgLx6it5iVg

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	(Line 1) Message: TypeError: Cannot read property 'setItem' of null
console-api	log	URL: https://fandmo.com/main.js(Line 1) Message: warning: hash not checked
console-api	log	URL: https://fandmo.com/main.js(Line 1) Message: warning: hash not checked
console-api	log	URL: https://fandmo.com/main.js(Line 1) Message: warning: hash not checked
console-api	log	URL: https://fandmo.com/main.js(Line 1) Message: warning: hash not checked
console-api	log	URL: https://fandmo.com/main.js(Line 1) Message: warning: hash not checked
console-api	log	URL: https://fandmo.com/main.js(Line 1) Message: warning: hash not checked

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
3.bp.blogspot.com
ajax.googleapis.com
cardmrket.com
connect.facebook.net
fandmo.com
fonts.googleapis.com
fonts.gstatic.com
gitoku.com
imagetot.com
kayakm.com
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
lh6.googleusercontent.com
my.rtmark.net
ofgogoatan.com
pushsar.com
stackpath.bootstrapcdn.com
www.blogger.com
www.gamingtipsbygd.com

188.42.160.79
188.72.202.11
2001:4de0:ac19::1:b:1b
206.54.165.151
2606:4700:3033::6812:3249
2606:4700:3033::681f:45bf
2606:4700:3034::681b:8af5
2606:4700:3034::681c:1321
2606:4700:3035::681b:8e9c
2a00:1450:4001:809::2001
2a00:1450:4001:809::200a
2a00:1450:4001:816::2003
2a00:1450:4001:81d::2009
2a00:1450:4001:81f::200a
2a00:1450:4001:820::2001
2a00:1450:4001:821::2003
2a00:1450:4001:824::2013
2a00:1450:4001:825::2001
2a03:2880:f01c:8012:face:b00c:0:3
0275679ffb2b6abe28f7636402008ed24426c8d84fdfca5aa7803ae407170356
047c03ab40f81ffdc2e81de76156e106b083b4927cbf0607e2fcf2a5140a2697
054ba0ae61f2bd947939853f0ff95b7fef9010ef96fb612b1815af660aac5550
0559e69db8a1712f85416241bf01f8956870cda3f70b7124a6149e1ace15f947
058e37c736af261163691e659b78e91f6ed9ec1feb9ba2d6ed483bda305b698a
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0d5d98c8ae7a86dd2748bc3a24caaa674bbd80f5766bbe2ed74cb51adeb73bb4
13659d00e02eacd3c9426e52e21eee62b72321514a4bd31e306f5400f423ed5d
1ba20954ef2936639088b13565a13c6c994e945b82432403ba45b94984d76535
2013945e077d5287e02dd14e8a29ceb880db9ff2aab1ae5c3f3f17d08fe5d6cd
259bfd901885de1031276f471fabbea544f9cd93a895d02e5588d7fd0e1ef077
28089df4b6ae9f4840fc111293d0da19c2d3d41567c4171adafb89f3b0653fec
283862a031276b7003e2e72ae99495cd2b4e75117f53cd4cd39ab65e715f31aa
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
353147a820c25c1acc8bfa830ec8ecaade5d65d043230ba2c26393a528b4e1c1
3760bf9588add8c22f588e07c652abb494df8cdc79a69e94784aa64f5a6d9fbb
3b2bce75ccde2bc29eb4dad97f433b00236cf53660eef2b13cbfe5d340aea349
3d30373346a5677932f0772d396a3d34a459fe6eaba4ae0a3ea6faa17d3f4e63
3dd8697d6ee4f0565a8999da1e3de67eb48faeb203feadac8fc9a9b57f8b4180
3ecb38f448a3719e9f2374aa89ac8c7d57103441326167995768a5e09277bbd9
3ff059ce12ff130a0abe617bea2b8fd6cac7554f7631b04ac4d919d4acb511da
40037dd6093f9d425231c53be986827b4bb0757e55fc6af88f81fa6dce2883c2
425a13710d7c6d1299d63a0cbe90a569d2b292c6befea7b45b8c374115605d87
467e02bdd26ed2a96a542942f5697918ab5b5abd00fbf7ddfee2d27fd13410e8
4f33d29d9902742a08fe6956fc3aa9b6945ef105671d33eae6ba5793f45f4ef9
4fa2673bad8c14580d8218b346538f3c27c93e73d2cec7739372e54eb260fd2e
540e24a0ccdedcadf9a0d56e34ce91f07a94993a38995b9a3ea2adba1de644b4
54b8c7d104b455576a7e61973d2a6096e9d5e81b1f32a901b8df28ddf3a0bd80
5d29379ba363bab3385aae2bd131ea4b4d9e2e47ad29f4a9bde1a2d38ed2b657
64b43642fedd5bf2967cc0a023b980069dc635501c3b8b27faa787e9b18c4d91
65055aa0d502b4e436a24db4a0c896650bbddaf5e0abdf2511b2b81b91842732
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6e1f2648dbd60da62cbeb04ca705f5205bea5b31321fc22aeeb498efb8d46f50
6f22483d990c92212018604aaa8c3696ed523caa7a299fd4254f7e2443cf74b8
71eaa76eae5c239baef17964a14c0163eddfa8fd057e77db3a3ed2d757bdbf7b
771dc532bc0607e271f98e031360d13a6002d0eba6202aaad8b0fda537525f62
7836e524ef863316c883bc19d703a7ff3211a549297e9fdd6dd1f16f2633da95
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
81474970153bc7255df64b7734eee57b44ec4de38b9504fb72c9db3d5c338dbf
88f033bf3b5adc786a3ec2b2184c26c57b76653b03d1f67b3a2a26d6a2dcda81
8b534fff8035d232ecaec3ca6ad67df6d37786fefef47a61f100ac6ff44bb5d2
94b9479669d060f66998cca860c2633803225dcf5d0841f49347cb81b08d0678
97308b6f9fbc1a26f245bba3e4157ec2bb386fad4433d668cce015a950a7286c
98015804d6c612f02ec88978995603146e3525d0c78225a1fdc6d63ddf47c0af
9b6d07641fa37a119a8a9d7ac49073d3d75394b3fe3272beb7a8265146e70f2d
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9e0ce22849f206c56f3b10c88d02a344ea3275133b178ff09d71effec8c243a0
a201fda6b533eef374bd64e68d4ebe14390b3267312d60cafbb1876dcab60a8f
a24a3e95979d2bb524efb4890e4964b62e6e8908df46492369a8e0573188d12e
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
ae8ba1ca6c2d8b204851857114f054648f4bcd08d50c51de7f6753de14ece855
b56f4c1f76ee19cd82ae6c2d79330ddb70e0ca3c87d051453107762eabeb928c
bcc2d213ecf5fdad199d043ef7f02caf8c45e64560ec3241b24cd6c993da07dd
bce953a937de74c5d3cf3735e4265af835bd09246677b608797bbf35224f91ed
c357f597ae58b89b41335942c7de0b7082db6f6807e4f49c54def56673155488
c55339e457dc9b6ab2231bd49fe751a69f1143f51804f20b4c5441ed127769d4
c5806870ad5cc460470b6529465b5ec73f2b01f2ade876f96b6e9a2db7bcc7e8
c749b1b3aec467717beaa35555d368a3cdf50831b2fae15855e5282d6ed1de50
cbaefa8b6a943ae0c69d9abf66f05a0c210344483540f6968ad9602f7519490e
cdfaba9cd1117145af22c9666dcdbbfd7dd3ab2b4c16801a7e374662680fdba2
d1fd81e577ac169f81cef77ca1332869d79d52dd406ea343e16d10f822341651
d20a506ce6117a725f5cc366d97ad63557582d3c216dcc6e79cc79254f734e8f
d2340ac8568e61588e7b8df7f9a419d03e49edeb59a413b5d12d8ebdb22da995
d4888cd9cafc5f8610410a59dccba5deb4461ba3fce4f6afbbbda0206519b4fc
dcd3f9ed8cc9687012ed230fcea0a5de7066fbc95eb00919e37ce730efb1d26a
e1a6c18762e27a0036a2b528db2bb07293f800a0670984a5a1cc4778bce39523
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4783f0a21975700a4d97c0881df605ce2f6a8f36947948e6cae7e0300bb37c7
ea5cc6a4a2e5050c8bfa13b742348efbb1be09ba0c510106364bf707ba4f5124
f51482c15752224512158a60cbeaf7dc513737ece2d43bcae4361895b1e22fb5
f90773c1845f50f79a9e1d395c0ae7a4c1c5687c53679bb781feb304fad49af9
ff1ce9e2cac21231acc00899e043a2a504bae341c25ae368e3df485d243145fd
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
ffc6153a7d037c0a5fdb30a2ef380eba84576daed6d3e94b37dbaf293c557a3d
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

www.gamingtipsbygd.com Open in urlscan Pro 2a00:1450:4001:824::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

82 Requests

77 %HTTPS

80 %IPv6

16 Domains

21 Subdomains

21 IPs

4 Countries

4061 kBTransfer

6212 kBSize

1 Cookies

9 Outgoing links

Redirected requests

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 22 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gamingtipsbygd.com Open in urlscan Pro
2a00:1450:4001:824::2013 Public Scan

Screenshot
Live screenshot

Full Image

82
Requests

77 %
HTTPS

80 %
IPv6

16
Domains

21
Subdomains

21
IPs

4
Countries

4061 kB
Transfer

6212 kB
Size

1
Cookies

82 HTTP transactions
22 data transactions