urlscan.io logo urlscan.io
SecurityTrails logo

bnsflshkytol.fun Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://bnsflshkytol.fun/
Submission Tags: 0xscam
Submission: On January 26 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 5 countries across 19 domains to perform 68 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is bnsflshkytol.fun.
TLS certificate: Issued by GTS CA 1P5 on January 26th 2024. Valid for: 3 months.
This is the only time bnsflshkytol.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 146.75.116.157 54113 (FASTLY)
2 6 2a00:1450:400... 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
3 2a03:2880:f08... 32934 (FACEBOOK)
2 40.119.158.131 8075 (MICROSOFT...)
1 2600:9000:213... 16509 (AMAZON-02)
1 34.117.162.98 396982 (GOOGLE-CL...)
2 10 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.197 13414 (TWITTER)
1 104.244.42.67 13414 (TWITTER)
2 85.153.155.52 34984 (TELLCOM-AS)
2 34.111.186.1 396982 (GOOGLE-CL...)
2 2a03:2880:f17... 32934 (FACEBOOK)
68 24
6    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
bnsflshkytol.fun
2    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:4400::ac40:90b5 (United States)

ASN13335 (CLOUDFLARENET, US)
ext.leadercapital.net
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
5    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
6    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
3    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    40.119.158.131 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
trck.spoteffects.net
1    2600:9000:2133:8800:1e:c874:4cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-analytics.tvlyzer.com
1    34.117.162.98 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 98.162.117.34.bc.googleusercontent.com
pixel.byspotify.com
10    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
11    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.nl
3    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
5    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    85.153.155.52 (Turkey)

ASN34984 (TELLCOM-AS, TR)
analytics.tvlyzer.com
2    34.111.186.1 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 1.186.111.34.bc.googleusercontent.com
evnt.byspotify.com
2    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
11 google.nl
www.google.nl — Cisco Umbrella Rank: 9209
1 KB
11 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2616
2 KB
11 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
8 KB
6 bnsflshkytol.fun
bnsflshkytol.fun
22 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 gstatic.com
fonts.gstatic.com
107 KB
3 byspotify.com
pixel.byspotify.com — Cisco Umbrella Rank: 10140
evnt.byspotify.com — Cisco Umbrella Rank: 10291
7 KB
3 tvlyzer.com
cdn-analytics.tvlyzer.com
analytics.tvlyzer.com — Cisco Umbrella Rank: 957005
9 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
80 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 376
14 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
ajax.googleapis.com — Cisco Umbrella Rank: 369
16 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
216 B
2 spoteffects.net
trck.spoteffects.net — Cisco Umbrella Rank: 104854
25 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
193 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 789
394 B
1 t.co
t.co — Cisco Umbrella Rank: 656
377 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 745
15 KB
1 leadercapital.net
ext.leadercapital.net
530 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 811
7 KB
68 19
Domain Requested by
11 www.google.nl bnsflshkytol.fun
10 www.google.com 2 redirects bnsflshkytol.fun
6 googleads.g.doubleclick.net 2 redirects www.googletagmanager.com
6 bnsflshkytol.fun 1 redirects bnsflshkytol.fun
static.cloudflareinsights.com
5 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 fonts.gstatic.com fonts.googleapis.com
3 connect.facebook.net bnsflshkytol.fun
connect.facebook.net
3 bat.bing.com www.googletagmanager.com
bat.bing.com
bnsflshkytol.fun
2 www.facebook.com bnsflshkytol.fun
2 evnt.byspotify.com pixel.byspotify.com
2 analytics.tvlyzer.com cdn-analytics.tvlyzer.com
2 trck.spoteffects.net bnsflshkytol.fun
2 fonts.googleapis.com bnsflshkytol.fun
ajax.googleapis.com
2 www.googletagmanager.com bnsflshkytol.fun
www.googletagmanager.com
1 analytics.twitter.com bnsflshkytol.fun
1 t.co bnsflshkytol.fun
1 region1.analytics.google.com www.googletagmanager.com
1 pixel.byspotify.com bnsflshkytol.fun
1 cdn-analytics.tvlyzer.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 ajax.googleapis.com bnsflshkytol.fun
1 ext.leadercapital.net bnsflshkytol.fun
1 static.cloudflareinsights.com bnsflshkytol.fun
68 24

This site contains links to these domains. Also see Links.

Domain
www.gcmviop.com
www.gcmyatirim.com.tr
Subject Issuer Validity Valid
bnsflshkytol.fun
GTS CA 1P5		 2024-01-26 -
2024-04-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.leadercapital.net
Sectigo RSA Domain Validation Secure Server CA		 2023-11-14 -
2024-12-14		 a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02		 2024-01-21 -
2024-06-27		 5 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-04 -
2024-02-02		 3 months crt.sh
trck.spoteffects.net
R3		 2024-01-16 -
2024-04-15		 3 months crt.sh
cdn-analytics.tvlyzer.com
Amazon RSA 2048 M02		 2023-11-30 -
2024-12-28		 a year crt.sh
pixel.byspotify.com
GTS CA 1D4		 2024-01-02 -
2024-04-01		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.google.nl
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-07 -
2025-01-06		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-31 -
2024-10-29		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.tvlyzer.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-30 -
2024-05-29		 a year crt.sh
prfx.byspotify.com
GTS CA 1D4		 2024-01-07 -
2024-04-06		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://bnsflshkytol.fun/
Frame ID: 89C6E5DD669A3445D0B0DDEBEF69E3EE
Requests: 65 HTTP requests in this frame

Frame: https://bnsflshkytol.fun/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Frame ID: 108C028D7170D958E16A9A812F2E74A1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GCM Yatırım İnternetten güvenli ve kolay yatırım

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • piwik\.js|piwik\.php

Page Statistics

68
Requests

96 %
HTTPS

71 %
IPv6

19
Domains

24
Subdomains

24
IPs

5
Countries

528 kB
Transfer

1474 kB
Size

19
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://bnsflshkytol.fun/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://bnsflshkytol.fun/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Request Chain 20
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/757251725/?random=1706265850919&cv=11&fst=1706265850919&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He41o0v6658134&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fbnsflshkytol.fun%2F&hn=www.googleadservices.com&frm=0&tiba=GCM%20Yat%C4%B1r%C4%B1m%20%C4%B0nternetten%20g%C3%BCvenli%20ve%20kolay%20yat%C4%B1r%C4%B1m&pscdl=noapi&auid=306518290.1706265851&uamb=0&uaw=0 HTTP 302
  • https://www.google.com/pagead/1p-user-list/757251725/?random=1706265850919&cv=11&fst=1706263200000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He41o0v6658134&u_w=1600&u_h=1200&url=https%3A%2F%2Fbnsflshkytol.fun%2F&frm=0&tiba=GCM%20Yat%C4%B1r%C4%B1m%20%C4%B0nternetten%20g%C3%BCvenli%20ve%20kolay%20yat%C4%B1r%C4%B1m&is_vtc=1&cid=CAQSGwAvHhf_ZcE1uD5aOpqhGht4rec7JLUx8_HsPg&random=2910912811 HTTP 302
  • https://www.google.nl/pagead/1p-user-list/757251725/?random=1706265850919&cv=11&fst=1706263200000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He41o0v6658134&u_w=1600&u_h=1200&url=https%3A%2F%2Fbnsflshkytol.fun%2F&frm=0&tiba=GCM%20Yat%C4%B1r%C4%B1m%20%C4%B0nternetten%20g%C3%BCvenli%20ve%20kolay%20yat%C4%B1r%C4%B1m&is_vtc=1&cid=CAQSGwAvHhf_ZcE1uD5aOpqhGht4rec7JLUx8_HsPg&random=2910912811&ipr=y
Request Chain 21
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10795430260/?random=1706265850919&cv=11&fst=1706265850919&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He41o0v6658134&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fbnsflshkytol.fun%2F&hn=www.googleadservices.com&frm=0&tiba=GCM%20Yat%C4%B1r%C4%B1m%20%C4%B0nternetten%20g%C3%BCvenli%20ve%20kolay%20yat%C4%B1r%C4%B1m&pscdl=noapi&auid=306518290.1706265851&uamb=0&uaw=0 HTTP 302
  • https://www.google.com/pagead/1p-user-list/10795430260/?random=1706265850919&cv=11&fst=1706263200000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He41o0v6658134&u_w=1600&u_h=1200&url=https%3A%2F%2Fbnsflshkytol.fun%2F&frm=0&tiba=GCM%20Yat%C4%B1r%C4%B1m%20%C4%B0nternetten%20g%C3%BCvenli%20ve%20kolay%20yat%C4%B1r%C4%B1m&is_vtc=1&cid=CAQSGwAvHhf_vYjxPIGYnEJUSx740lp_tRxlJ6UnLQ&random=2181502633 HTTP 302
  • https://www.google.nl/pagead/1p-user-list/10795430260/?random=1706265850919&cv=11&fst=1706263200000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He41o0v6658134&u_w=1600&u_h=1200&url=https%3A%2F%2Fbnsflshkytol.fun%2F&frm=0&tiba=GCM%20Yat%C4%B1r%C4%B1m%20%C4%B0nternetten%20g%C3%BCvenli%20ve%20kolay%20yat%C4%B1r%C4%B1m&is_vtc=1&cid=CAQSGwAvHhf_vYjxPIGYnEJUSx740lp_tRxlJ6UnLQ&random=2181502633&ipr=y

68 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bnsflshkytol.fun/ 		55 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bnsflshkytol.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
76b203bdd1f2340dc6229ec4f8c00d99bc646285b34aae53ce3982bb691a530b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84b828beca730b8c-AMS
content-encoding
br
content-type
text/html
date
Fri, 26 Jan 2024 10:44:10 GMT
last-modified
Wed, 17 Jan 2024 15:05:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X9dFUB3p6T9hFTSV75bWkXdT%2FNfdCIkhFXmepy0yhr5L2Timatq9WQlZm5mWLYNtnk%2FVYBJSnpPHiLSVuBZNsJZTsB5Ht8Xbr22Nre2CEQzz8wd8kCw7PNMk5Np3B9TbwDMEgzUReEn%2Bxvagow5F"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PleskLin
gtm.js
www.googletagmanager.com/ 		363 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NQ6N5H
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7ca429a557fb22f8ce7d05548408483bd549cca632c98016f88328eae5ddb12f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:44:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106373
x-xss-protection
0
last-modified
Fri, 26 Jan 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 26 Jan 2024 10:44:10 GMT
email-decode.min.js
bnsflshkytol.fun/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bnsflshkytol.fun/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Jan 2024 14:02:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65b26a01-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zlGY%2B1C%2BP4ndK5E7ZMMVI6G7DsUSXT8X5BbWA01W1Ebgj3oDiPDO6tGCzOH6E%2Br2xy2y5uZ6FKqSqKj1TAypeEitOLugaPjw210fDju20FcKq3GQFa7kDw1KukHHZq9E7%2B0iH3RqypFFLj5M1dA7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
84b828bf4b210b8c-AMS
expires
Sun, 28 Jan 2024 10:44:10 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://bnsflshkytol.fun/
Origin
https://bnsflshkytol.fun
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:44:10 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
84b828bf79541c38-FRA
css
fonts.googleapis.com/ 		4 KB
1002 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eb9f037b8ddff6f9ef0236c133d4204a4b0488896d0f7ce56e132cb6b704f5f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 26 Jan 2024 10:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 26 Jan 2024 09:38:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Jan 2024 10:44:10 GMT
GetIP
ext.leadercapital.net/Geo/api/ 		75 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ext.leadercapital.net/Geo/api/GetIP
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6cc4309a40da1d482476edbb33908db644c6f2ad87cc02b096e23515a7c63ade

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 10:44:10 GMT
content-encoding
br
lb-custom
10.26.4.16
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
84b828c048421db3-FRA
expires
-1
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:31:29 GMT
x-content-type-options
nosniff
age
213161
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13188
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 23:31:29 GMT
main.js
bnsflshkytol.fun/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/ Frame 108C
Redirect Chain
  • https://bnsflshkytol.fun/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://bnsflshkytol.fun/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bnsflshkytol.fun/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H3
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94d763a5604b468e6f571e61d0b0e15293adcca5f6dd665a8a94510a2773938d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:44:10 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WCyOd5pw66ZTL3F%2B669jnv%2BPI%2FwkphP8pUYfyQBXtPkg6r4BrPDuzuwcrL%2BSL95zqG%2BVACr1AMCxAPXkoKXVKMZtof5frumD%2BoqarqEdVZ%2Bzet2vEca6mp%2Fo5FuAiP9XBO76ufGbbe2kYTtsnhLG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
84b828c01e9eb79c-AMS
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 26 Jan 2024 10:44:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LU79ZdyQrwl40WoZVs2ilBoHIrc13FI1ARNmzx6Yt7xnHYq6CT0up7NikROCbLMgSxWuN1%2BXEd1i6O%2FFmKjB2MkePjuddfNKbPOsddWtJ7sB2SsPh%2F2RqyD%2FVKVbQgLd8Y8rrY6rA6lt70lVRTbC"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
84b828bfee7db79c-AMS
alt-svc
h3=":443"; ma=86400
platform.png
bnsflshkytol.fun/img/ 		808 B
808 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bnsflshkytol.fun/img/platform.png
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:44:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 17 Jan 2024 15:03:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TiMxSsngO%2FVRS4P8aIYqAV5HURnUO6q7s3T2RlB4O%2FaFU0O8qXELMgjEt7dMT4Qx6IftlwX39sPEGr8YZupPnJboAh1Yo%2B%2FdxnKeEmaLSk%2F8sLvsC2cnF7qLarAWvvsNVmhdv6P1Jewk9eyiJjci"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
84b828bfee7fb79c-AMS
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		269 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D4TVEYXQNK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQ6N5H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
22940e9373b9f48af94bf1e0fb292e09257bc9ffb22bdaea91f8be7b8402a3d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:44:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91040
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 26 Jan 2024 10:44:10 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQ6N5H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 26 Jan 2024 09:48:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3361
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 26 Jan 2024 11:48:09 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQ6N5H
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:44:10 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption
AES256
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100147-IAD, cache-fra-eddf8230082-FRA
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1009431705/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1009431705/?random=1706265850915&cv=11&fst=1706265850915&bg=ffffff&guid=ON&async=1&gtm=45He41o0v6658134&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fbnsflshkytol.fun%2F&label=DQluCO3VyFgQmemq4QM&hn=www.googleadservices.com&frm=0&tiba=GCM%20Yat%C4%B1r%C4%B1m%20%C4%B0nternetten%20g%C3%BCvenli%20ve%20kolay%20yat%C4%B1r%C4%B1m&pscdl=noapi&auid=306518290.1706265851&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQ6N5H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c088571ef3693d77db57c3763bb9ef07812ec1cf56bc9a1123173ba2e74e38b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 10:44:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1333
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/974165068/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/974165068/?random=1706265850917&cv=11&fst=1706265850917&bg=ffffff&guid=ON&async=1&gtm=45He41o0v6658134&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fbnsflshkytol.fun%2F&label=xj2HCIaNx1gQzKjC0AM&hn=www.googleadservices.com&frm=0&tiba=GCM%20Yat%C4%B1r%C4%B1m%20%C4%B0nternetten%20g%C3%BCvenli%20ve%20kolay%20yat%C4%B1r%C4%B1m&pscdl=noapi&auid=306518290.1706265851&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQ6N5H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
24eec40e3fa3b532c35be933857997620e8f2d62e9c8dc31a8882b8bdda1f5d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 10:44:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1331
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1009431705/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1009431705/?random=1706265850918&cv=11&fst=1706265850918&bg=ffffff&guid=ON&async=1&gtm=45He41o0v6658134&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fbnsflshkytol.fun%2F&label=BNJ8CI_Xx2UQmemq4QM&hn=www.googleadservices.com&frm=0&tiba=GCM%20Yat%C4%B1r%C4%B1m%20%C4%B0nternetten%20g%C3%BCvenli%20ve%20kolay%20yat%C4%B1r%C4%B1m&pscdl=noapi&auid=306518290.1706265851&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQ6N5H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af236cacc7cb219b71abfc32f38c9caf22f9a92062189c9dfd7fff7adc749307
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 10:44:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQ6N5H
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Fri, 26 Jan 2024 10:44:11 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5A81048F2E3A47D888B7E9F908689B4E Ref B: FRAEDGE1105 Ref C: 2024-01-26T10:44:10Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/805879507/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/805879507/?random=1706265850919&cv=11&fst=1706265850919&bg=ffffff&guid=ON&async=1&gtm=45He41o0v6658134&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fbnsflshkytol.fun%2F&hn=www.googleadservices.com&frm=0&tiba=GCM%20Yat%C4%B1r%C4%B1m%20%C4%B0nternetten%20g%C3%BCvenli%20ve%20kolay%20yat%C4%B1r%C4%B1m&pscdl=noapi&auid=306518290.1706265851&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQ6N5H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8fb45207a4fedbc7c4256131404241e29b8cfecc4accf43006f3cdb3dd31510f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 10:44:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1283
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		213 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4101e4fa9bdc7ecb354caf1649d251f838a10b437009900ecc30321fe472b154
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 26 Jan 2024 10:44:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57022
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
c3h8AZnqix88NoQHC/gH0XvycUj1vnmJPzGmfzduDGR0QKYyvCGroQLJVls4eqaHY5UuPnuKEO/VOHn8OG67tg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
spef.min.js
trck.spoteffects.net/analytics/ 		77 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trck.spoteffects.net/analytics/spef.min.js
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.119.158.131 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
90ba2ef9ef8fb5fd2c6a50ffa0fc4339690c58902bbb7948bc86405735f8e463

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Fri, 26 Jan 2024 10:44:10 GMT
content-encoding
gzip
last-modified
Fri, 05 Jan 2024 17:16:38 GMT
server
nginx
etag
W/"65983976-1323e"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=259200, public
expires
Mon, 29 Jan 2024 10:44:10 GMT
ac.js
cdn-analytics.tvlyzer.com/client/v1/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-analytics.tvlyzer.com/client/v1/ac.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQ6N5H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2133:8800:1e:c874:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
28f4978db3a4257224ba3cabcb24cbca534f5e0b5c85a40cc70c60bc4b68cd1b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 12:01:50 GMT
via
1.1 83ec53fe63944bed8681c782a9a0dc48.cloudfront.net (CloudFront)
last-modified
Thu, 15 Jun 2023 10:06:57 GMT
server
Microsoft-IIS/10.0
x-amz-cf-pop
LHR3-C2
age
81740
etag
"1d99f711e24d65f"
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
8415
x-amz-cf-id
lEFwkLj0DAeQYFlO3IrjqkzYYeQDnUE3uFj1mEbDDWulOeJgQid4xQ==
ping.min.js
pixel.byspotify.com/ 		32 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.byspotify.com/ping.min.js
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.162.98 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.162.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
20c0114a672ac0b5b31a1c0100543a2306bf389816ab20774b66e8f7b30fb60c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:14:55 GMT
content-encoding
gzip
via
1.1 google
age
1756
x-guploader-uploadid
ABPtcPqaPuVfSt9F8hr1SnDKCROLeT0TT1jmTGtEKbKBu7-VSwKRFAHqGyPH8I1b4F-bU7bGLrA
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6158
last-modified
Wed, 11 Oct 2023 19:00:35 GMT
server
UploadServer
etag
"13069f74108a788c598831c3a4ff2cdf"
vary
Accept-Encoding
x-goog-generation
1697050835633914
x-goog-hash
crc32c=We0+rw==, md5=EwafdBCKeIxZiDHDpP8s3w==
content-type
application/javascript;
cache-control
public, max-age=3600
x-goog-stored-content-length
6158
accept-ranges
bytes
expires
Fri, 26 Jan 2024 11:14:55 GMT
/
www.google.nl/pagead/1p-user-list/757251725/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/757251725/?random=1706265850919&cv=11&fst=1706265850919&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He41o0v6658134&gcd=11l1l1l1l1&dma_cps=...
  • https://www.google.com/pagead/1p-user-list/757251725/?random=1706265850919&cv=11&fst=1706263200000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He41o0v6658134&u_w=1600&u_h=1200&url=https%3A%2F%2Fbnsflshky...
  • https://www.google.nl/pagead/1p-user-list/757251725/?random=1706265850919&cv=11&fst=1706263200000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He41o0v6658134&u_w=1600&u_h=1200&url=https%3A%2F%2Fbnsflshkyt...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-user-list/757251725/?random=1706265850919&cv=11&fst=1706263200000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He41o0v6658134&u_w=1600&u_h=1200&url=https%3A%2F%2Fbnsflshkytol.fun%2F&frm=0&tiba=GCM%20Yat%C4%B1r%C4%B1m%20%C4%B0nternetten%20g%C3%BCvenli%20ve%20kolay%20yat%C4%B1r%C4%B1m&is_vtc=1&cid=CAQSGwAvHhf_ZcE1uD5aOpqhGht4rec7JLUx8_HsPg&random=2910912811&ipr=y
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H2
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 10:44:11 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Jan 2024 10:44:11 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.nl/pagead/1p-user-list/757251725/?random=1706265850919&cv=11&fst=1706263200000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He41o0v6658134&u_w=1600&u_h=1200&url=https%3A%2F%2Fbnsflshkytol.fun%2F&frm=0&tiba=GCM%20Yat%C4%B1r%C4%B1m%20%C4%B0nternetten%20g%C3%BCvenli%20ve%20kolay%20yat%C4%B1r%C4%B1m&is_vtc=1&cid=CAQSGwAvHhf_ZcE1uD5aOpqhGht4rec7JLUx8_HsPg&random=2910912811&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/10795430260/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10795430260/?random=1706265850919&cv=11&fst=1706265850919&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He41o0v6658134&gcd=11l1l1l1l1&dma_cp...
  • https://www.google.com/pagead/1p-user-list/10795430260/?random=1706265850919&cv=11&fst=1706263200000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He41o0v6658134&u_w=1600&u_h=1200&url=https%3A%2F%2Fbnsflsh...
  • https://www.google.nl/pagead/1p-user-list/10795430260/?random=1706265850919&cv=11&fst=1706263200000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He41o0v6658134&u_w=1600&u_h=1200&url=https%3A%2F%2Fbnsflshk...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-user-list/10795430260/?random=1706265850919&cv=11&fst=1706263200000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He41o0v6658134&u_w=1600&u_h=1200&url=https%3A%2F%2Fbnsflshkytol.fun%2F&frm=0&tiba=GCM%20Yat%C4%B1r%C4%B1m%20%C4%B0nternetten%20g%C3%BCvenli%20ve%20kolay%20yat%C4%B1r%C4%B1m&is_vtc=1&cid=CAQSGwAvHhf_vYjxPIGYnEJUSx740lp_tRxlJ6UnLQ&random=2181502633&ipr=y
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H2
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 10:44:11 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 26 Jan 2024 10:44:11 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.nl/pagead/1p-user-list/10795430260/?random=1706265850919&cv=11&fst=1706263200000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He41o0v6658134&u_w=1600&u_h=1200&url=https%3A%2F%2Fbnsflshkytol.fun%2F&frm=0&tiba=GCM%20Yat%C4%B1r%C4%B1m%20%C4%B0nternetten%20g%C3%BCvenli%20ve%20kolay%20yat%C4%B1r%C4%B1m&is_vtc=1&cid=CAQSGwAvHhf_vYjxPIGYnEJUSx740lp_tRxlJ6UnLQ&random=2181502633&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
54c8612a7d57ad667a4736f5fbc08f6e1b9e9dcfe60ad559a1b09d22ae443eb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 26 Jan 2024 10:44:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 26 Jan 2024 09:38:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 26 Jan 2024 10:44:10 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bnsflshkytol.fun
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 17:34:04 GMT
x-content-type-options
nosniff
age
321006
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Jan 2025 17:34:04 GMT
JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bnsflshkytol.fun
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:40:08 GMT
x-content-type-options
nosniff
age
212642
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27812
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:37:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 23:40:08 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bnsflshkytol.fun
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:43:45 GMT
x-content-type-options
nosniff
age
212425
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 23:43:45 GMT
collect
region1.analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-D4TVEYXQNK&gtm=45je41o0v887818966z86658134&_p=1706265850749&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=782751074.1706265851&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706265850&sct=1&seg=0&dl=https%3A%2F%2Fbnsflshkytol.fun%2F&dt=GCM%20Yat%C4%B1r%C4%B1m%20%C4%B0nternetten%20g%C3%BCvenli%20ve%20kolay%20yat%C4%B1r%C4%B1m&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=388
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D4TVEYXQNK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 10:44:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bnsflshkytol.fun
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-D4TVEYXQNK&cid=782751074.1706265851&gtm=45je41o0v887818966z86658134&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D4TVEYXQNK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 10:44:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bnsflshkytol.fun
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-D4TVEYXQNK&cid=782751074.1706265851&gtm=45je41o0v887818966z86658134&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1197515595
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 10:44:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1990308628&t=pageview&_s=1&dl=https%3A%2F%2Fbnsflshkytol.fun%2F&ul=en-us&de=UTF-8&dt=GCM%20Yat%C4%B1r%C4%B1m%20%C4%B0nternetten%20g%C3%BCvenli%20ve%20kolay%20yat%C4%B1r%C4%B1m&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=2102276192&gjid=910183547&cid=782751074.1706265851&tid=UA-7334285-15&_gid=893021341.1706265851&_r=1&_slc=1&gtm=45He41o0n71NQ6N5Hv6658134&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1158659250
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bnsflshkytol.fun/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 10:44:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bnsflshkytol.fun
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1990308628&t=pageview&_s=1&dl=https%3A%2F%2Fbnsflshkytol.fun%2F&ul=en-us&de=UTF-8&dt=GCM%20Yat%C4%B1r%C4%B1m%20%C4%B0nternetten%20g%C3%BCvenli%20ve%20kolay%20yat%C4%B1r%C4%B1m&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=1293740846&gjid=572849687&cid=782751074.1706265851&tid=UA-7334285-26&_gid=893021341.1706265851&_r=1&_slc=1&gtm=45He41o0n71NQ6N5Hv6658134&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd1=1234&z=318176225
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bnsflshkytol.fun/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 10:44:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bnsflshkytol.fun
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
piwik.php
trck.spoteffects.net/analytics/ 		43 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trck.spoteffects.net/analytics/piwik.php?action_name=GCM%20Yat%C4%B1r%C4%B1m%20%C4%B0nternetten%20g%C3%BCvenli%20ve%20kolay%20yat%C4%B1r%C4%B1m&idsite=692&rec=1&r=346075&h=11&m=44&s=11&url=https%3A%2F%2Fbnsflshkytol.fun%2F&_id=296c67ba0e4449eb&_idts=1706265851&_idvc=1&_idn=0&_refts=0&_viewts=1706265851&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=69&pv_id=pbMfc2
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.119.158.131 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx / PHP/7.2.15
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 10:44:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.2.15
x-frame-options
DENY
content-type
image/gif
cache-control
no-store
x-xss-protection
1; mode=block
adsct
t.co/i/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=f1b75208-3b21-44e4-9f30-8dde76084c02&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=59c2ec8c-c5e6-4967-bc6e-379073aa123e&tw_document_href=https%3A%2F%2Fbnsflshkytol.fun%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8vcq&type=javascript&version=2.3.29
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time
115
date
Fri, 26 Jan 2024 10:44:10 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
647eacf90506533b
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
2be7ae8b56ddf0b60f3cad6cf498a65fde08e3d4805bc2bf959ae2760d9ed8a0
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=f1b75208-3b21-44e4-9f30-8dde76084c02&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=59c2ec8c-c5e6-4967-bc6e-379073aa123e&tw_document_href=https%3A%2F%2Fbnsflshkytol.fun%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8vcq&type=javascript&version=2.3.29
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time
184
date
Fri, 26 Jan 2024 10:44:10 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
72a4a7afcb10e3f5
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
0cd9d173b01d904a61844b2dd7cad38d31060cd1dc1b1d619f03b89ed9f494ee
content-length
43
/
www.google.com/pagead/1p-user-list/974165068/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/974165068/?random=1706265850917&cv=11&fst=1706263200000&bg=ffffff&guid=ON&async=1&gtm=45He41o0v6658134&u_w=1600&u_h=1200&url=https%3A%2F%2Fbnsflshkytol.fun%2F&label=xj2HCIaNx1gQzKjC0AM&frm=0&tiba=GCM%20Yat%C4%B1r%C4%B1m%20%C4%B0nternetten%20g%C3%BCvenli%20ve%20kolay%20yat%C4%B1r%C4%B1m&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_7j49G-Vlsp7zn-4oskGguT31oINJmQ&random=2100257347&rmt_tld=0&ipr=y
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 10:44:11 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/974165068/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-user-list/974165068/?random=1706265850917&cv=11&fst=1706263200000&bg=ffffff&guid=ON&async=1&gtm=45He41o0v6658134&u_w=1600&u_h=1200&url=https%3A%2F%2Fbnsflshkytol.fun%2F&label=xj2HCIaNx1gQzKjC0AM&frm=0&tiba=GCM%20Yat%C4%B1r%C4%B1m%20%C4%B0nternetten%20g%C3%BCvenli%20ve%20kolay%20yat%C4%B1r%C4%B1m&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_7j49G-Vlsp7zn-4oskGguT31oINJmQ&random=2100257347&rmt_tld=1&ipr=y
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 10:44:11 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1009431705/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1009431705/?random=1706265850915&cv=11&fst=1706263200000&bg=ffffff&guid=ON&async=1&gtm=45He41o0v6658134&u_w=1600&u_h=1200&url=https%3A%2F%2Fbnsflshkytol.fun%2F&label=DQluCO3VyFgQmemq4QM&frm=0&tiba=GCM%20Yat%C4%B1r%C4%B1m%20%C4%B0nternetten%20g%C3%BCvenli%20ve%20kolay%20yat%C4%B1r%C4%B1m&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_Vxj20UOgWV9jbHXsN_0j5qKKcwKLpQ&random=3922816613&rmt_tld=0&ipr=y
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 10:44:11 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/1009431705/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-user-list/1009431705/?random=1706265850915&cv=11&fst=1706263200000&bg=ffffff&guid=ON&async=1&gtm=45He41o0v6658134&u_w=1600&u_h=1200&url=https%3A%2F%2Fbnsflshkytol.fun%2F&label=DQluCO3VyFgQmemq4QM&frm=0&tiba=GCM%20Yat%C4%B1r%C4%B1m%20%C4%B0nternetten%20g%C3%BCvenli%20ve%20kolay%20yat%C4%B1r%C4%B1m&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_Vxj20UOgWV9jbHXsN_0j5qKKcwKLpQ&random=3922816613&rmt_tld=1&ipr=y
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 10:44:11 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1009431705/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1009431705/?random=1706265850918&cv=11&fst=1706263200000&bg=ffffff&guid=ON&async=1&gtm=45He41o0v6658134&u_w=1600&u_h=1200&url=https%3A%2F%2Fbnsflshkytol.fun%2F&label=BNJ8CI_Xx2UQmemq4QM&frm=0&tiba=GCM%20Yat%C4%B1r%C4%B1m%20%C4%B0nternetten%20g%C3%BCvenli%20ve%20kolay%20yat%C4%B1r%C4%B1m&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_ZsHZMTlJwgFizCNVufttMPJZYND7DA&random=2542491475&rmt_tld=0&ipr=y
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 10:44:11 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/1009431705/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-user-list/1009431705/?random=1706265850918&cv=11&fst=1706263200000&bg=ffffff&guid=ON&async=1&gtm=45He41o0v6658134&u_w=1600&u_h=1200&url=https%3A%2F%2Fbnsflshkytol.fun%2F&label=BNJ8CI_Xx2UQmemq4QM&frm=0&tiba=GCM%20Yat%C4%B1r%C4%B1m%20%C4%B0nternetten%20g%C3%BCvenli%20ve%20kolay%20yat%C4%B1r%C4%B1m&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_ZsHZMTlJwgFizCNVufttMPJZYND7DA&random=2542491475&rmt_tld=1&ipr=y
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 10:44:11 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/805879507/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/805879507/?random=1706265850919&cv=11&fst=1706263200000&bg=ffffff&guid=ON&async=1&gtm=45He41o0v6658134&u_w=1600&u_h=1200&url=https%3A%2F%2Fbnsflshkytol.fun%2F&frm=0&tiba=GCM%20Yat%C4%B1r%C4%B1m%20%C4%B0nternetten%20g%C3%BCvenli%20ve%20kolay%20yat%C4%B1r%C4%B1m&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_lNKl7NlvIUivZxo0bR8JX2qOJqwa7A&random=3211603489&rmt_tld=0&ipr=y
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 10:44:11 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/805879507/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-user-list/805879507/?random=1706265850919&cv=11&fst=1706263200000&bg=ffffff&guid=ON&async=1&gtm=45He41o0v6658134&u_w=1600&u_h=1200&url=https%3A%2F%2Fbnsflshkytol.fun%2F&frm=0&tiba=GCM%20Yat%C4%B1r%C4%B1m%20%C4%B0nternetten%20g%C3%BCvenli%20ve%20kolay%20yat%C4%B1r%C4%B1m&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_lNKl7NlvIUivZxo0bR8JX2qOJqwa7A&random=3211603489&rmt_tld=1&ipr=y
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 10:44:11 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
TrackEvent
analytics.tvlyzer.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://analytics.tvlyzer.com/api/v1/TrackEvent
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
85.153.155.52 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://bnsflshkytol.fun
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Date
Fri, 26 Jan 2024 10:44:10 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
TrackEvent
analytics.tvlyzer.com/api/v1/ 		163 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.tvlyzer.com/api/v1/TrackEvent
Requested by
Host: cdn-analytics.tvlyzer.com
URL: https://cdn-analytics.tvlyzer.com/client/v1/ac.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
85.153.155.52 , Turkey, ASN34984 (TELLCOM-AS, TR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b0fc5425fd9540e5228690a407cd9b8e5a42f3edb64224b2c7f56cbf7754f5eb

Request headers

Referer
https://bnsflshkytol.fun/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 26 Jan 2024 10:44:10 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Content-Type
application/problem+json; charset=utf-8
collect
stats.g.doubleclick.net/j/ 		4 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-7334285-15&cid=782751074.1706265851&jid=2102276192&gjid=910183547&_gid=893021341.1706265851&_u=YCDACEAABAAAACAAI~&z=1052028651
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bnsflshkytol.fun/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 26 Jan 2024 10:44:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bnsflshkytol.fun
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-7334285-26&cid=782751074.1706265851&jid=1293740846&gjid=572849687&_gid=893021341.1706265851&_u=YCDACEABBAAAACAAI~&z=2128002851
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bnsflshkytol.fun/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 26 Jan 2024 10:44:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bnsflshkytol.fun
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
413296515516303
connect.facebook.net/signals/config/ 		103 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/413296515516303?v=2.9.142&r=stable&domain=bnsflshkytol.fun&hme=e82209ddce2f5ef9f00773b102465283e977acad712d554991b839c35823b905&ex_m=62%2C103%2C91%2C95%2C53%2C3%2C87%2C61%2C14%2C85%2C78%2C44%2C46%2C145%2C148%2C159%2C155%2C156%2C158%2C25%2C88%2C45%2C68%2C157%2C140%2C143%2C152%2C153%2C160%2C112%2C13%2C43%2C164%2C163%2C114%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C82%2C15%2C12%2C84%2C81%2C80%2C92%2C94%2C31%2C93%2C26%2C22%2C141%2C144%2C121%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C89%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C79%2C72%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C83%2C75%2C2%2C30%2C55%2C34%2C90%2C38%2C70%2C60%2C40%2C39%2C96%2C52%2C51%2C27%2C86%2C50%2C47%2C42%2C69%2C64%2C97
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fc647fe4704009a350022dc3de5afc19a4e24efb62d5295299b6e411d2061b18
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 26 Jan 2024 10:44:11 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
Jw2lKZU0A3ZgqLuL9y8aULkOGvycO3JHb2oRDcB1qqVAGPSWLRsTtvAZAV01a6gNhauIkSYKWD8Ut5yKvftRUg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
evnt.byspotify.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://evnt.byspotify.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.186.1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
1.186.111.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://bnsflshkytol.fun
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://bnsflshkytol.fun
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 26 Jan 2024 10:44:11 GMT
via
1.1 google
/
evnt.byspotify.com/ 		2 B
97 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://evnt.byspotify.com/
Requested by
Host: pixel.byspotify.com
URL: https://pixel.byspotify.com/ping.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.186.1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
1.186.111.34.bc.googleusercontent.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json
Referer
https://bnsflshkytol.fun/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 26 Jan 2024 10:44:11 GMT
via
1.1 google
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
Content-Type, Accept
content-length
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-7334285-15&cid=782751074.1706265851&jid=2102276192&_u=YCDACEAABAAAACAAI~&z=1694291927
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 10:44:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-7334285-15&cid=782751074.1706265851&jid=2102276192&_u=YCDACEAABAAAACAAI~&z=1694291927
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 10:44:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-7334285-26&cid=782751074.1706265851&jid=1293740846&_u=YCDACEABBAAAACAAI~&z=460703631
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 10:44:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-7334285-26&cid=782751074.1706265851&jid=1293740846&_u=YCDACEABBAAAACAAI~&z=460703631
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 10:44:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
446386418887116
connect.facebook.net/signals/config/ 		21 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/446386418887116?v=2.9.142&r=stable&domain=bnsflshkytol.fun&hme=e82209ddce2f5ef9f00773b102465283e977acad712d554991b839c35823b905&ex_m=62%2C103%2C91%2C95%2C53%2C3%2C87%2C61%2C14%2C85%2C78%2C44%2C46%2C145%2C148%2C159%2C155%2C156%2C158%2C25%2C88%2C45%2C68%2C157%2C140%2C143%2C152%2C153%2C160%2C112%2C13%2C43%2C164%2C163%2C114%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C82%2C15%2C12%2C84%2C81%2C80%2C92%2C94%2C31%2C93%2C26%2C22%2C141%2C144%2C121%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C89%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C79%2C72%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C83%2C75%2C2%2C30%2C55%2C34%2C90%2C38%2C70%2C60%2C40%2C39%2C96%2C52%2C51%2C27%2C86%2C50%2C47%2C42%2C69%2C64%2C97%2C165%2C167%2C104%2C126%2C129%2C110%2C161%2C201%2C98%2C127%2C146%2C134%2C101%2C202%2C139%2C102%2C124%2C117%2C162%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
96b887f69796aac66102f228debb8398f764aa518d4f37fb4b692e0e15bfa822
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 26 Jan 2024 10:44:11 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma
public
x-fb-debug
9vzGtvPQC4aayE9F0bPkzSq/wui5V4+Lncu7P/GMEEXJvNx9WLP/ftXuPGlCg54g7/NdvtcOJNEggBkOL7jNkg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=413296515516303&ev=PageView&dl=https%3A%2F%2Fbnsflshkytol.fun&rl=&if=false&ts=1706265851209&sw=1600&sh=1200&v=2.9.142&r=stable&ec=0&o=4124&fbp=fb.1.1706265851208.1902226690&pm=1&hrl=667166&ler=empty&it=1706265851043&coo=false&cs_cc=1&cas=1063187627068343%2C5656346001134065%2C2834208143320889%2C2681207655242477%2C1863794307043657&exp=d3&rqm=GET
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 26 Jan 2024 10:44:11 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=446386418887116&ev=PageView&dl=https%3A%2F%2Fbnsflshkytol.fun&rl=&if=false&ts=1706265851353&sw=1600&sh=1200&v=2.9.142&r=stable&ec=0&o=4124&fbp=fb.1.1706265851208.1902226690&pm=1&hrl=e09bf2&ler=empty&it=1706265851043&coo=false&cs_cc=1&cas=1476339489057459%2C2821000667917284&exp=d3&rqm=GET
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 26 Jan 2024 10:44:11 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
56353555.js
bat.bing.com/p/action/ 		0
116 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/56353555.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Fri, 26 Jan 2024 10:44:11 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5946E95C064646CFA5C59AF91D631AB1 Ref B: FRAEDGE1105 Ref C: 2024-01-26T10:44:11Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=56353555&tm=gtm002&Ver=2&mid=8c5bc1d7-93bf-47c3-8a1d-e8b4f491b7b4&sid=d73ffd10bc3711eea48797b45a8b653d&vid=d7400960bc3711eeb09045ca7ef61333&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=GCM%20Yat%C4%B1r%C4%B1m%20%C4%B0nternetten%20g%C3%BCvenli%20ve%20kolay%20yat%C4%B1r%C4%B1m&p=https%3A%2F%2Fbnsflshkytol.fun%2F&r=&lt=263&evt=pageLoad&sv=1&rn=587773
Requested by
Host: bnsflshkytol.fun
URL: https://bnsflshkytol.fun/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 26 Jan 2024 10:44:11 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7F6A544611A7499C85460081B5D32D11 Ref B: FRAEDGE1105 Ref C: 2024-01-26T10:44:11Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
bnsflshkytol.fun/cdn-cgi/ 		0
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bnsflshkytol.fun/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://bnsflshkytol.fun/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

date
Fri, 26 Jan 2024 10:44:11 GMT
x-content-type-options
nosniff
server
cloudflare
cf-ray
84b828c4fb61b79c-AMS
x-frame-options
DENY
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-7334285-15&cid=782751074.1706265851&jid=1620728241&gjid=1487528165&_gid=893021341.1706265851&_u=aDDAiEABBAAAAGAAI~&z=851535382
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bnsflshkytol.fun/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 26 Jan 2024 10:44:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bnsflshkytol.fun
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-7334285-26&cid=782751074.1706265851&jid=2128764158&gjid=1370582329&_gid=893021341.1706265851&_u=aDDAiEABBAAAAGAAI~&z=901879861
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bnsflshkytol.fun/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 26 Jan 2024 10:44:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bnsflshkytol.fun
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1990308628&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbnsflshkytol.fun%2F&ul=en-us&de=UTF-8&dt=GCM%20Yat%C4%B1r%C4%B1m%20%C4%B0nternetten%20g%C3%BCvenli%20ve%20kolay%20yat%C4%B1r%C4%B1m&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=PageView&ea=undefined&_u=aDDAiEABBAAAACAAI~&jid=1620728241&gjid=1487528165&cid=782751074.1706265851&tid=UA-7334285-15&_gid=893021341.1706265851&gtm=45He41o0n71NQ6N5Hv6658134&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd4=782751074.1706265851&z=629514885
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 01:40:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
32628
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1990308628&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbnsflshkytol.fun%2F&ul=en-us&de=UTF-8&dt=GCM%20Yat%C4%B1r%C4%B1m%20%C4%B0nternetten%20g%C3%BCvenli%20ve%20kolay%20yat%C4%B1r%C4%B1m&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=PageView&ea=undefined&_u=aDDAiEABBAAAAGAAI~&jid=2128764158&gjid=1370582329&cid=782751074.1706265851&tid=UA-7334285-26&_gid=893021341.1706265851&gtm=45He41o0n71NQ6N5Hv6658134&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd4=782751074.1706265851&z=2007457968
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 01:40:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
32628
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-7334285-15&cid=782751074.1706265851&jid=1620728241&_u=aDDAiEABBAAAAGAAI~&z=866805939
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 10:44:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-7334285-15&cid=782751074.1706265851&jid=1620728241&_u=aDDAiEABBAAAAGAAI~&z=866805939
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 10:44:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-7334285-26&cid=782751074.1706265851&jid=2128764158&_u=aDDAiEABBAAAAGAAI~&z=54049743
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 10:44:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-7334285-26&cid=782751074.1706265851&jid=2128764158&_u=aDDAiEABBAAAAGAAI~&z=54049743
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://bnsflshkytol.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 26 Jan 2024 10:44:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer function| pageAction function| pageReady function| GetUrlParameter function| setCookie function| addEvent function| Tookie function| getCookie function| setLocalStorage function| fillTtracksInfo object| frm function| addClass function| removeClass function| lazy object| WebFontConfig object| __cfBeacon object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| twq object| GooglebQhCsO function| fbq function| _fbq object| _spef function| ac object| _acq function| spdt object| WebFont function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| JSON_PIWIK object| Spef object| AnalyticsTracker function| spef_log object| regeneratorRuntime object| twttr string| _acRequestUrl object| acAnalytics function| UET function| UET_init function| UET_push object| ueto_c553011063 object| uetq

19 Cookies

Domain/Path Name / Value
.bnsflshkytol.fun/ Name: _gcl_au
Value: 1.1.306518290.1706265851
.bnsflshkytol.fun/ Name: _ga_D4TVEYXQNK
Value: GS1.1.1706265850.1.0.1706265850.60.0.0
.bnsflshkytol.fun/ Name: _ga
Value: GA1.2.782751074.1706265851
.bnsflshkytol.fun/ Name: _gid
Value: GA1.2.893021341.1706265851
.bnsflshkytol.fun/ Name: _gat_UA-7334285-15
Value: 1
.bnsflshkytol.fun/ Name: _gat_UA-7334285-26
Value: 1
bnsflshkytol.fun/ Name: _pk_id.692.04df
Value: 296c67ba0e4449eb.1706265851.1.1706265851.1706265851.
bnsflshkytol.fun/ Name: _pk_ses.692.04df
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
bnsflshkytol.fun/ Name: _ac
Value: a0c2d97f-44e1-46c5-a4cd-9c16f1d56c07
bnsflshkytol.fun/ Name: __spdt
Value: 16364d61cca7470f82b90c4fade175cb
.t.co/ Name: muc_ads
Value: 0e4e4a4e-57ac-40be-b644-5480ab6a1d25
.bnsflshkytol.fun/ Name: _fbp
Value: fb.1.1706265851208.1902226690
.twitter.com/ Name: personalization_id
Value: "v1_is6BpggLCiDB15GAV3uJWg=="
.bnsflshkytol.fun/ Name: _uetsid
Value: d73ffd10bc3711eea48797b45a8b653d
.bnsflshkytol.fun/ Name: _uetvid
Value: d7400960bc3711eeb09045ca7ef61333
.bing.com/ Name: MUID
Value: 117BE8CFE2CD61FA20D9FCDDE3A66049
.bnsflshkytol.fun/ Name: _dc_gtm_UA-7334285-15
Value: 1
.bnsflshkytol.fun/ Name: _dc_gtm_UA-7334285-26
Value: 1

3 Console Messages

Source Level URL
Text
network error URL: https://bnsflshkytol.fun/img/platform.png
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://connect.facebook.net/signals/config/413296515516303?v=2.9.142&r=stable&domain=bnsflshkytol.fun&hme=e82209ddce2f5ef9f00773b102465283e977acad712d554991b839c35823b905&ex_m=62%2C103%2C91%2C95%2C53%2C3%2C87%2C61%2C14%2C85%2C78%2C44%2C46%2C145%2C148%2C159%2C155%2C156%2C158%2C25%2C88%2C45%2C68%2C157%2C140%2C143%2C152%2C153%2C160%2C112%2C13%2C43%2C164%2C163%2C114%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C82%2C15%2C12%2C84%2C81%2C80%2C92%2C94%2C31%2C93%2C26%2C22%2C141%2C144%2C121%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C89%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C79%2C72%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C83%2C75%2C2%2C30%2C55%2C34%2C90%2C38%2C70%2C60%2C40%2C39%2C96%2C52%2C51%2C27%2C86%2C50%2C47%2C42%2C69%2C64%2C97(Line 80)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://analytics.tvlyzer.com/api/v1/TrackEvent
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.tvlyzer.com
analytics.twitter.com
bat.bing.com
bnsflshkytol.fun
cdn-analytics.tvlyzer.com
connect.facebook.net
evnt.byspotify.com
ext.leadercapital.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pixel.byspotify.com
region1.analytics.google.com
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
t.co
trck.spoteffects.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
104.244.42.197
104.244.42.67
146.75.116.157
2001:4860:4802:34::36
2600:9000:2133:8800:1e:c874:4cc0:93a1
2606:4700:4400::ac40:90b5
2606:4700::6810:3865
2620:1ec:c11::200
2a00:1450:4001:806::2003
2a00:1450:4001:810::2004
2a00:1450:4001:810::2008
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::200a
2a00:1450:4001:82a::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9d
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a06:98c1:3121::3
34.111.186.1
34.117.162.98
40.119.158.131
85.153.155.52
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
20c0114a672ac0b5b31a1c0100543a2306bf389816ab20774b66e8f7b30fb60c
22940e9373b9f48af94bf1e0fb292e09257bc9ffb22bdaea91f8be7b8402a3d7
24eec40e3fa3b532c35be933857997620e8f2d62e9c8dc31a8882b8bdda1f5d3
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28f4978db3a4257224ba3cabcb24cbca534f5e0b5c85a40cc70c60bc4b68cd1b
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4101e4fa9bdc7ecb354caf1649d251f838a10b437009900ecc30321fe472b154
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c8612a7d57ad667a4736f5fbc08f6e1b9e9dcfe60ad559a1b09d22ae443eb5
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6cc4309a40da1d482476edbb33908db644c6f2ad87cc02b096e23515a7c63ade
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
76b203bdd1f2340dc6229ec4f8c00d99bc646285b34aae53ce3982bb691a530b
7ca429a557fb22f8ce7d05548408483bd549cca632c98016f88328eae5ddb12f
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8fb45207a4fedbc7c4256131404241e29b8cfecc4accf43006f3cdb3dd31510f
90ba2ef9ef8fb5fd2c6a50ffa0fc4339690c58902bbb7948bc86405735f8e463
94d763a5604b468e6f571e61d0b0e15293adcca5f6dd665a8a94510a2773938d
96b887f69796aac66102f228debb8398f764aa518d4f37fb4b692e0e15bfa822
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af236cacc7cb219b71abfc32f38c9caf22f9a92062189c9dfd7fff7adc749307
b0fc5425fd9540e5228690a407cd9b8e5a42f3edb64224b2c7f56cbf7754f5eb
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c088571ef3693d77db57c3763bb9ef07812ec1cf56bc9a1123173ba2e74e38b2
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb9f037b8ddff6f9ef0236c133d4204a4b0488896d0f7ce56e132cb6b704f5f3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc647fe4704009a350022dc3de5afc19a4e24efb62d5295299b6e411d2061b18