urlscan.io logo urlscan.io
SecurityTrails logo

49.13.162.68.sslip.io Open in urlscan Pro
49.13.162.68  Public Scan

Go To Rescan Add Verdict Report
URL: https://49.13.162.68.sslip.io/
Submission: On January 29 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 3 countries across 23 domains to perform 49 HTTP transactions. The main IP is 49.13.162.68, located in Nuremberg, Germany and belongs to HETZNER-AS, DE. The main domain is 49.13.162.68.sslip.io.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on January 28th 2024. Valid for: 3 months.
This is the only time 49.13.162.68.sslip.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 49.13.162.68 24940 (HETZNER-AS)
5 172.67.166.79 13335 (CLOUDFLAR...)
10 172.240.253.132 7979 (SERVERS-COM)
1 2607:f8b0:400... 15169 (GOOGLE)
3 45.133.44.52 39572 (ADVANCEDH...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 44.206.156.11 14618 (AMAZON-AES)
1 192.243.59.13 39572 (ADVANCEDH...)
2 104.20.95.138 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 45.133.44.24 39572 (ADVANCEDH...)
1 192.243.61.227 39572 (ADVANCEDH...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a01:4f8:252:... 24940 (HETZNER-AS)
2 45.133.44.53 39572 (ADVANCEDH...)
2 157.90.84.242 24940 (HETZNER-AS)
5 2606:4700:e4:... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 192.243.61.225 39572 (ADVANCEDH...)
49 21
1    49.13.162.68 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.68.162.13.49.clients.your-server.de
49.13.162.68.sslip.io
5    172.67.166.79 (United States)

ASN13335 (CLOUDFLARENET, US)
kir2kos.net
10    172.240.253.132 (United States)

ASN7979 (SERVERS-COM, US)
ineffectivebrieflyarchitect.com
neutralturbulentassist.com
1    2607:f8b0:4006:80b::2008 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    45.133.44.52 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
js.wpadmngr.com
js.capndr.com
1    2606:4700:3038::6815:ea21 (United States)

ASN13335 (CLOUDFLARENET, US)
friendshipmale.com
2    44.206.156.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-156-11.compute-1.amazonaws.com
proftrafficcounter.com
1    192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
rodplayed.com
2    104.20.95.138 (None, )

ASN13335 (CLOUDFLARENET, US)
statcounter.com
c.statcounter.com
1    2607:f8b0:4006:817::200e (Colchester, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    45.133.44.24 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
na.nawpush.com
1    192.243.61.227 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
capaciousdrewreligion.com
1    2606:4700:20::ac43:4ada (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.yourwebbars.com
1    2606:4700:3032::ac43:ae33 (United States)

ASN13335 (CLOUDFLARENET, US)
storage.multstorage.com
2    2a01:4f8:252:561a::2 (Germany)

ASN24940 (HETZNER-AS, DE)
ntvpforever.com
2    45.133.44.53 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
f7c9e2dd9e.eb24b5a887.com
js.wpushsdk.com
2    157.90.84.242 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.84.90.157.clients.your-server.de
fp.metricswpsh.com
5    2606:4700:e4::ac40:a004 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.creative-bars1.com
1    2607:f8b0:4006:81d::200a (Colchester, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    192.243.61.225 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
unseenreport.com
Apex Domain
Subdomains		 Transfer
8 neutralturbulentassist.com
neutralturbulentassist.com
9 KB
5 creative-bars1.com
cdn.creative-bars1.com — Cisco Umbrella Rank: 27267
30 KB
5 kir2kos.net
kir2kos.net
22 KB
2 unseenreport.com
unseenreport.com — Cisco Umbrella Rank: 21727
850 B
2 metricswpsh.com
fp.metricswpsh.com — Cisco Umbrella Rank: 37830
441 B
2 ntvpforever.com
ntvpforever.com — Cisco Umbrella Rank: 61972
238 B
2 statcounter.com
statcounter.com — Cisco Umbrella Rank: 9733
c.statcounter.com — Cisco Umbrella Rank: 10394
16 KB
2 proftrafficcounter.com
proftrafficcounter.com — Cisco Umbrella Rank: 15666
610 B
2 wpadmngr.com
js.wpadmngr.com — Cisco Umbrella Rank: 17201
35 KB
2 ineffectivebrieflyarchitect.com
ineffectivebrieflyarchitect.com
42 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
1 KB
1 wpushsdk.com
js.wpushsdk.com — Cisco Umbrella Rank: 72348
45 KB
1 eb24b5a887.com
f7c9e2dd9e.eb24b5a887.com
207 B
1 multstorage.com
storage.multstorage.com — Cisco Umbrella Rank: 32053
904 B
1 yourwebbars.com
cdn.yourwebbars.com — Cisco Umbrella Rank: 50056
1 KB
1 capaciousdrewreligion.com
capaciousdrewreligion.com
329 B
1 capndr.com
js.capndr.com — Cisco Umbrella Rank: 39610
238 B
1 nawpush.com
na.nawpush.com — Cisco Umbrella Rank: 51483
1 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
258 B
1 rodplayed.com
rodplayed.com
469 B
1 friendshipmale.com
friendshipmale.com — Cisco Umbrella Rank: 18684
27 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
92 KB
1 sslip.io
49.13.162.68.sslip.io
19 KB
49 23
Domain Requested by
8 neutralturbulentassist.com ineffectivebrieflyarchitect.com
49.13.162.68.sslip.io
5 cdn.creative-bars1.com ineffectivebrieflyarchitect.com
5 kir2kos.net 49.13.162.68.sslip.io
kir2kos.net
2 unseenreport.com
2 fp.metricswpsh.com js.wpadmngr.com
2 ntvpforever.com js.wpadmngr.com
2 proftrafficcounter.com ineffectivebrieflyarchitect.com
2 js.wpadmngr.com 49.13.162.68.sslip.io
js.wpadmngr.com
2 ineffectivebrieflyarchitect.com 49.13.162.68.sslip.io
1 fonts.googleapis.com ineffectivebrieflyarchitect.com
1 js.wpushsdk.com js.wpadmngr.com
1 f7c9e2dd9e.eb24b5a887.com js.wpadmngr.com
1 storage.multstorage.com js.wpadmngr.com
1 cdn.yourwebbars.com ineffectivebrieflyarchitect.com
1 capaciousdrewreligion.com ineffectivebrieflyarchitect.com
1 js.capndr.com js.wpadmngr.com
1 na.nawpush.com js.wpadmngr.com
1 www.google-analytics.com www.googletagmanager.com
1 c.statcounter.com statcounter.com
1 statcounter.com 49.13.162.68.sslip.io
1 rodplayed.com 49.13.162.68.sslip.io
1 friendshipmale.com ineffectivebrieflyarchitect.com
1 www.googletagmanager.com 49.13.162.68.sslip.io
1 49.13.162.68.sslip.io
49 24

This site contains links to these domains. Also see Links.

Domain
kir2kos.net
dastansexy.com
mame85.com
www.statcounter.com
rodplayed.com
Subject Issuer Validity Valid
dir.zarebinman.store
ZeroSSL ECC Domain Secure Site CA		 2024-01-28 -
2024-04-27		 3 months crt.sh
kir2kos.net
E1		 2024-01-28 -
2024-04-27		 3 months crt.sh
ineffectivebrieflyarchitect.com
R3		 2023-12-15 -
2024-03-14		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
js.wpadmngr.com
R3		 2024-01-11 -
2024-04-10		 3 months crt.sh
friendshipmale.com
Cloudflare Inc ECC CA-3		 2024-01-18 -
2024-12-31		 a year crt.sh
proftrafficcounter.com
Amazon RSA 2048 M02		 2023-11-21 -
2024-12-19		 a year crt.sh
rodplayed.com
R3		 2024-01-26 -
2024-04-25		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-05 -
2025-01-03		 a year crt.sh
na.nawpush.com
R3		 2024-01-28 -
2024-04-27		 3 months crt.sh
js.capndr.com
R3		 2023-12-23 -
2024-03-22		 3 months crt.sh
neutralturbulentassist.com
R3		 2024-01-26 -
2024-04-25		 3 months crt.sh
capaciousdrewreligion.com
R3		 2024-01-06 -
2024-04-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-23 -
2024-07-22		 a year crt.sh
multstorage.com
GTS CA 1P5		 2024-01-18 -
2024-04-17		 3 months crt.sh
notification.tubecup.net
R3		 2024-01-03 -
2024-04-02		 3 months crt.sh
f7c9e2dd9e.eb24b5a887.com
R3		 2024-01-26 -
2024-04-25		 3 months crt.sh
js.wpushsdk.com
R3		 2024-01-12 -
2024-04-11		 3 months crt.sh
creative-bars1.com
GTS CA 1P5		 2023-12-19 -
2024-03-18		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.unseenreport.com
R3		 2024-01-21 -
2024-04-20		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://49.13.162.68.sslip.io/
Frame ID: BAA7753E21655897D0182BB892DDF318
Requests: 44 HTTP requests in this frame

Frame: https://storage.multstorage.com/log/count.html
Frame ID: EF0C8A822386E37DC5D67B5E08F61951
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
Frame ID: 84403DCD126958F3E22BD3D0171958C5
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

(1) New Message!

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter

Page Statistics

49
Requests

90 %
HTTPS

40 %
IPv6

23
Domains

24
Subdomains

21
IPs

3
Countries

344 kB
Transfer

1145 kB
Size

22
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
49.13.162.68.sslip.io/ 		153 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://49.13.162.68.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.13.162.68 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.68.162.13.49.clients.your-server.de
Software
nginx/1.24.0 /
Resource Hash
95b4293594fb031269955ca1c6535961bd05c76c25fb7f551d0022cc2f6b5f5c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
2939
cache-control
public
content-encoding
gzip
content-length
18643
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 00:49:48 GMT
link
<https://kir2kos.net/wp-json/>; rel="https://api.w.org/"
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.24.0
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-cache
HIT
x-cacheable
YES
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
style-rtl.min.css
kir2kos.net/wp-includes/blocks/navigation/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kir2kos.net/wp-includes/blocks/navigation/style-rtl.min.css?ver=6.4.2
Requested by
Host: 49.13.162.68.sslip.io
URL: https://49.13.162.68.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.166.79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
956b7121829fe2188560543ff4cf56ccb89e937be7036b20411a6fd44d128cea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:49:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 29 Jan 2024 00:30:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65b6f1a2-409c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMr%2FpSz6QDpm%2Fdk3OlyTxg%2FnH3KPurDICd32o8f3jWhLzxullH4hNnViWtvoougM88PXj69wHg6xHtPMSJgnAUt93ThxCabBklxT8tKoj2GT2Ov9JnyFBbMnwYLwbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
84cd7a398e784bc9-BUF
alt-svc
h3=":443"; ma=86400
079bab04-83b7-4bfd-ac6e-73f49d0a1770
https://49.13.162.68.sslip.io/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://49.13.162.68.sslip.io/079bab04-83b7-4bfd-ac6e-73f49d0a1770
Requested by
Host: 49.13.162.68.sslip.io
URL: https://49.13.162.68.sslip.io/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
uaf.css
kir2kos.net/wp-content/uploads/useanyfont/ 		631 B
609 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kir2kos.net/wp-content/uploads/useanyfont/uaf.css?ver=1704969925
Requested by
Host: 49.13.162.68.sslip.io
URL: https://49.13.162.68.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.166.79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec73d7d8589f62168ab396fedeb284fb570ad42f980aef5d3d014bbb82f93899

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:49:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 11 Jan 2024 10:45:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"659fc6c4-277"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4hXAxBsQd%2F836Hop34cHzZG70gvClXwXPAtEUqtDnI0uYzJyI6Nkl8hdUycMPCcZSE8%2BUMpobhX0MxpcFYh8Njd%2BN2Dlh1ts8hlHF1%2B26JJRw4gfSAjL7Gqd%2FLVB4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
84cd7a398e774bc9-BUF
alt-svc
h3=":443"; ma=86400
interactivity.min.js
kir2kos.net/wp-includes/js/dist/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kir2kos.net/wp-includes/js/dist/interactivity.min.js?ver=6.4.2
Requested by
Host: 49.13.162.68.sslip.io
URL: https://49.13.162.68.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.166.79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8debf919f9d44ba37fa60607809c029f16307d1b27d5472eccb2234563d713bc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:49:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 29 Jan 2024 00:30:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65b6f1a2-7e19"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ESQZU2RROyL9dwExNlz2bayzRbf5upVtWtlpDta8E%2Bj9NGVfB%2B7X6HES0EbsvrMcaO9jtW7jD36lYybZQOrMPS2Ir%2Beq4t%2Bh9UMOdC5z%2BGh1ef%2B5uMpqyFnk265i1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
84cd7a398e794bc9-BUF
alt-svc
h3=":443"; ma=86400
view.min.js
kir2kos.net/wp-includes/blocks/navigation/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kir2kos.net/wp-includes/blocks/navigation/view.min.js?ver=e3d6f3216904b5b42831
Requested by
Host: 49.13.162.68.sslip.io
URL: https://49.13.162.68.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.166.79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecfc357ad95e64230925cfe8fc310394fe5c1b4385eb08354b8fec69af0d6966

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:49:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 29 Jan 2024 00:30:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65b6f1a2-e02"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jvAyJHtr1MrlcSOzQN6w39%2BrNO8rSBgVa0d9WiAlERAkE5IGq0hPllEocvppmWHpPDvZMI9jmk5e1qMyE3edi9SwPd%2FqhMmytwmN2i%2FsKNhsE%2BmtbLz8pQA%2B8eKMZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
84cd7a398e7a4bc9-BUF
alt-svc
h3=":443"; ma=86400
608234c3384bbb5d4e156efd29a0e1da.js
ineffectivebrieflyarchitect.com/60/82/34/ 		66 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ineffectivebrieflyarchitect.com/60/82/34/608234c3384bbb5d4e156efd29a0e1da.js
Requested by
Host: 49.13.162.68.sslip.io
URL: https://49.13.162.68.sslip.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
64a702eefb94c666612ce968d98854130e26721d50a9ddcd71f3fd7a8b12ed1a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 00:49:49 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
X-Request-ID
a49e590840b1c57f3ed37f4c9f71e5cf
Expires
Thu, 01 Jan 1970 00:00:01 GMT
42d571de2adb7f7b0e601ebaba56c3be.js
ineffectivebrieflyarchitect.com/42/d5/71/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ineffectivebrieflyarchitect.com/42/d5/71/42d571de2adb7f7b0e601ebaba56c3be.js
Requested by
Host: 49.13.162.68.sslip.io
URL: https://49.13.162.68.sslip.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
4d18396cb3ab2cea5f507da529788bd29f1ba65d1aa59652d4ce908b55c06ff7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 00:49:49 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
X-Request-ID
ab8fbbb3292272458b24dbbcce1745b8
Expires
Thu, 01 Jan 1970 00:00:01 GMT
js
www.googletagmanager.com/gtag/ 		277 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TPLRMQ2RQD
Requested by
Host: 49.13.162.68.sslip.io
URL: https://49.13.162.68.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2d4cea3888904f3815989893aff9db7d5d58e5a284ad604a9fecada677352909
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:49:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93811
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 29 Jan 2024 00:49:49 GMT
adManager.js
js.wpadmngr.com/static/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpadmngr.com/static/adManager.js
Requested by
Host: 49.13.162.68.sslip.io
URL: https://49.13.162.68.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b78c5c3f93b9d9d8dcb46d08d4f67cbcf71ff8b2ec96c03543fc377ce446b6e6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 29 Jan 2024 00:54:49 GMT
date
Mon, 29 Jan 2024 00:49:49 GMT
content-encoding
gzip
last-modified
Tue, 16 Jan 2024 12:25:43 GMT
server
nginx/1.18.0
etag
W/"65a675c7-6c3"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
3275dana.woff2
kir2kos.net/wp-content/uploads/useanyfont/ 		0
0
sfp.js
friendshipmale.com/ 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friendshipmale.com/sfp.js
Requested by
Host: ineffectivebrieflyarchitect.com
URL: https://ineffectivebrieflyarchitect.com/60/82/34/608234c3384bbb5d4e156efd29a0e1da.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:49:49 GMT
strict-transport-security
max-age=0; includeSubdomains
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
x-request-id
9257001ce1fe44904970bf3a73c325c5
last-modified
Mon, 29 Jan 2024 00:48:21 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OEvhKeMhALlYd3hnOsVe6BKPSg%2FM%2BSAPDShchduh7VaQ6vmfA3%2BDoFjYrG%2BW6rrkk5q9YkdM1f6U8fxOEHeuu98u8rHKrXSdo3sLuK7L6h9BIiNk1PSOWOX0%2FyAB%2B8%2F7%2Bm6R8KzLfFFKKr%2FZE38FWLI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
84cd7a3c4a284bcc-BUF
expires
Thu, 01 Jan 1970 00:00:01 GMT
stats
proftrafficcounter.com/ 		40 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proftrafficcounter.com/stats
Requested by
Host: ineffectivebrieflyarchitect.com
URL: https://ineffectivebrieflyarchitect.com/60/82/34/608234c3384bbb5d4e156efd29a0e1da.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.156.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-156-11.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
39712d91f198246411f266af54d52c141b9754d2b95b001f05cc85680e9ee254

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
https://49.13.162.68.sslip.io
date
Mon, 29 Jan 2024 00:49:49 GMT
access-control-allow-credentials
true
server
fasthttp
content-length
40
vary
Origin
content-type
text/html; charset=UTF-8
purst
rodplayed.com/pixel/ 		0
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rodplayed.com/pixel/purst?dl=0&th=0&sc=0&rs=1677.5&rd=1677.5&fd=397.5&bv=24.1.v.7&tmpl=70
Requested by
Host: 49.13.162.68.sslip.io
URL: https://49.13.162.68.sslip.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 00:49:49 GMT
Server
nginx/1.19.5
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
stats
proftrafficcounter.com/ 		40 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proftrafficcounter.com/stats
Requested by
Host: ineffectivebrieflyarchitect.com
URL: https://ineffectivebrieflyarchitect.com/42/d5/71/42d571de2adb7f7b0e601ebaba56c3be.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.156.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-156-11.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
a85b262c4f687dd7584bf26192db744e6e99715e5522abd563f7510f764f1563

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
https://49.13.162.68.sslip.io
date
Mon, 29 Jan 2024 00:49:49 GMT
access-control-allow-credentials
true
server
fasthttp
content-length
40
vary
Origin
content-type
text/html; charset=UTF-8
counter.js
statcounter.com/counter/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statcounter.com/counter/counter.js
Requested by
Host: 49.13.162.68.sslip.io
URL: https://49.13.162.68.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca02d1a91f43d6b8c5d8d127d04e95afb736ae1779577bde0a6f0641cc4f4893

Request headers

Referer
https://49.13.162.68.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 29 Jan 2024 00:49:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 25 Jan 2024 18:01:08 GMT
server
cloudflare
age
29516
etag
W/"65b2a1e4-a313"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
84cd7a3c2da2a1d8-YYZ
expires
Mon, 29 Jan 2024 04:37:53 GMT
t.php
c.statcounter.com/ 		364 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=10729867&u1=1CB4EC2D2DE34F233588D2FC718D1405&java=1&security=2356df00&sc_snum=1&sess=75b702&sc_rum_e_s=1818&sc_rum_e_e=1830&sc_rum_f_s=0&sc_rum_f_e=1814&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//49.13.162.68.sslip.io/&t=%D8%A7%D9%86%D8%AC%D9%85%D9%86%20%D8%B3%DA%A9%D8%B3%DB%8C%20%DA%A9%DB%8C%D8%B1%20%D8%AA%D9%88%20%DA%A9%D8%B3%20%E2%80%93%20%D8%AF%D8%A7%D9%86%D9%84%D9%88%D8%AF%20%D8%AC%D8%AF%DB%8C%D8%AF%D8%AA%D8%B1%DB%8C%D9%86%20%D9%81%DB%8C%D9%84%D9%85%20%D9%88%20%DA%A9%D9%84%DB%8C%D9%BE%20%D9%87%D8%A7%DB%8C%20%D8%B3%DA%A9%D8%B3%DB%8C%20%D8%A7%DB%8C%D8%B1%D8%A7%D9%86%DB%8C%20%D9%88%D8%AE%D8%A7%D8%B1%D8%AC%DB%8C%20%D9%88%20%D8%B9%DA%A9%D8%B3%20%D9%87%D8%A7%DB%8C%20%D8%B3%DA%A9%D8%B3%DB%8C%20%D8%A7%DB%8C%D8%B1%D8%A7%D9%86%DB%8C%20%D9%88%20%D8%AF%D8%A7%D8%B3%D8%AA%D8%A7%D9%86%20%D9%87%D8%A7%DB%8C%20%D8%B3%DA%A9%D8%B3%DB%8C&get_config=true
Requested by
Host: statcounter.com
URL: https://statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae748f5d22f784eca1e0cda407b3dda3f7f2cb8dd0f1dc7516101b7b527dfd1d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:49:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://49.13.162.68.sslip.io
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
84cd7a3caecda1d8-YYZ
expires
Mon, 26 Jul 1997 05:00:00 GMT
adManager.m.js
js.wpadmngr.com/static/ 		102 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpadmngr.com/static/adManager.m.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
70bef0b9b90f224dcce56929057d20668fd82f6a6044195d3655b893657ff11b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 29 Jan 2024 00:54:49 GMT
date
Mon, 29 Jan 2024 00:49:49 GMT
content-encoding
gzip
last-modified
Tue, 16 Jan 2024 12:25:49 GMT
server
nginx/1.18.0
etag
W/"65a675cd-1986b"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
workbox-window.prod.js
kir2kos.net/wp-content/plugins/pwa/wp-includes/js/workbox-v7.0.0/ 		0
0
collect
www.google-analytics.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-TPLRMQ2RQD&gtm=45je41o0v9167861099&_p=1706489389524&gcd=11l1l1l1l1&dma=0&cid=1422014617.1706489390&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706489389&sct=1&seg=0&dl=https%3A%2F%2F49.13.162.68.sslip.io%2F&dt=%D8%A7%D9%86%D8%AC%D9%85%D9%86%20%D8%B3%DA%A9%D8%B3%DB%8C%20%DA%A9%DB%8C%D8%B1%20%D8%AA%D9%88%20%DA%A9%D8%B3%20%E2%80%93%20%D8%AF%D8%A7%D9%86%D9%84%D9%88%D8%AF%20%D8%AC%D8%AF%DB%8C%D8%AF%D8%AA%D8%B1%DB%8C%D9%86%20%D9%81%DB%8C%D9%84%D9%85%20%D9%88%20%DA%A9%D9%84%DB%8C%D9%BE%20%D9%87%D8%A7%DB%8C%20%D8%B3%DA%A9%D8%B3%DB%8C%20%D8%A7%DB%8C%D8%B1%D8%A7%D9%86%DB%8C%20%D9%88%D8%AE%D8%A7%D8%B1%D8%AC%DB%8C%20%D9%88%20%D8%B9%DA%A9%D8%B3%20%D9%87%D8%A7%DB%8C%20%D8%B3%DA%A9%D8%B3%DB%8C%20%D8%A7%DB%8C%D8%B1%D8%A7%D9%86%DB%8C%20%D9%88%20%D8%AF%D8%A7%D8%B3%D8%AA%D8%A7%D9%86%20%D9%87%D8%A7%DB%8C%20%D8%B3%DA%A9%D8%B3%DB%8C&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1889
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TPLRMQ2RQD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 00:49:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://49.13.162.68.sslip.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		181 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6211eaf7c2150a16763dcc0eb1cbdea6325cbb9d959e12b3cbd8d8c8b0662689

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
3275dana.woff
kir2kos.net/wp-content/uploads/useanyfont/ 		0
0
wp-emoji-release.min.js
kir2kos.net/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kir2kos.net/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by
Host: 49.13.162.68.sslip.io
URL: https://49.13.162.68.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.166.79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:49:50 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 29 Jan 2024 00:30:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65b6f1a2-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e2rHzoUpTQG7%2FrCemvGmbrb%2F%2BQkGju8u1mlJg5nhKdCXjpwSp9mjVTD2eTouEkaG49%2Frre9cyYGFj%2BFNHNmnmCMQ2L6%2FI7OfkrVuI4LN%2BAdGIv9v0yECNF7AWDCKmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
84cd7a3e38ca4bc9-BUF
alt-svc
h3=":443"; ma=86400
108201
na.nawpush.com/tags/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://na.nawpush.com/tags/108201?version_name=b
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
29ff3d2a341996415c95e45e310ab9be5df2765c7988077fcac90d4312caab01

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 29 Jan 2024 00:49:49 GMT
cache-control
max-age=300, public
content-type
application/json
server
nginx/1.18.0
content-length
1218
x-proxy-cache
HIT
advertising.js
js.capndr.com/ 		0
238 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.capndr.com/advertising.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 29 Jan 2024 00:54:50 GMT
date
Mon, 29 Jan 2024 00:49:50 GMT
last-modified
Fri, 14 Jul 2023 08:23:25 GMT
server
nginx/1.18.0
etag
"64b105fd-0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
0
x-proxy-cache
HIT
sbar.json
neutralturbulentassist.com/ 		6 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://neutralturbulentassist.com/sbar.json?key=42d571de2adb7f7b0e601ebaba56c3be&uuid=f95362e8-bf6a-4334-9b4a-b58d84940731%3A1%3A1
Requested by
Host: ineffectivebrieflyarchitect.com
URL: https://ineffectivebrieflyarchitect.com/42/d5/71/42d571de2adb7f7b0e601ebaba56c3be.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
88ac94d75dc630cbc4741c37b1fd1aa800abc65b06c6b4ee376e9f45d5713469
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 00:49:50 GMT
Custom-Referer
https://49.13.162.68.sslip.io
Content-Encoding
gzip
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://49.13.162.68.sslip.io
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Request-ID
52e4b7815afce55550c7f7082aa126fb
Expires
Thu, 01 Jan 1970 00:00:01 GMT
advertisers.js
capaciousdrewreligion.com/ 		0
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://capaciousdrewreligion.com/advertisers.js
Requested by
Host: ineffectivebrieflyarchitect.com
URL: https://ineffectivebrieflyarchitect.com/60/82/34/608234c3384bbb5d4e156efd29a0e1da.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 00:49:50 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.21.6
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
X-Request-ID
cffe3b0df872e4c851ae32e2011ec111
Expires
Thu, 01 Jan 1970 00:00:01 GMT
index.html
cdn.yourwebbars.com/sb/notifications/software/multi/flashplayer/window/1/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.yourwebbars.com/sb/notifications/software/multi/flashplayer/window/1/index.html
Requested by
Host: ineffectivebrieflyarchitect.com
URL: https://ineffectivebrieflyarchitect.com/42/d5/71/42d571de2adb7f7b0e601ebaba56c3be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4ada , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c82d1026067991e0ea063780caa825808657837675e8cc8ffb1f0e04a59820b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:49:50 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 19 Jan 2024 14:25:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2fxcXvx0Srbq4s3m1srDmHv%2FJh2ryOk%2BzSiDuL%2BR8OmuqzR7eAYo6iyrK9S6F5R3LGj9wRHmCBbsgVYJHmAvUIRnGWiBuhMURmtZbHoGhviydH42%2FUmNtmthAflQoLKwmXRnEebzWqH%2Fn21a4niN%2FhI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
Date
cache-control
public, max-age=315360000
cf-ray
84cd7a40ffac4bbb-BUF
expires
Thu, 31 Dec 2037 23:55:55 GMT
ren.gif
neutralturbulentassist.com/ 		7 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://neutralturbulentassist.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSuHnMziHoSRehDDlnIzvZ093TPEEjIj9GwSQzJhj1XdVXPVqanqqnqnt7sxWBAcpyQi57s%2FSbJoomgCJ7UyKwHZUHIeHFB12vQi14UDILM7sLig%2BK9V%2B97UN9X33vr5Q5poaTbxUW9JrOMLrSbnnt0WSquK%2BteWnJbXtM77i5LFYXH3dUonHNP5XkmlgVblMVCO4ibQeQeXXxr6eKFY24m%2B8J9UyR9PeeeWTF6IBZavtf0mpHX7TZ9P3Sv0pQaub8HmT%2FqRs1u0w%2BjZqsbYdX8v7elA0sd8OEOeRmSTw9%2F734HmUygBp%2BeFbZf6PzYG4Myo4U2GPKNa6qvdKUwOChT4yBVG%2FtoaDsl5P0GtNrYZwk9vDdjCSanxPn3BJh6sPd4sOG45XtgGYQC48%2BjGk4gsgkknSDRtyD5E%2FIrEo5rV6EGn1xTshDcvVrQQlhIuomEzkBT0nj8AWQ1JY3fD0MNPr8kVoVW7pJIVpTOdE8Ki9W0hlydQPYmyMtNFGvPIKtNJMW7kPwHcvGZgBpsnC7TlGYakm8fSbvtIPJFZ56lEZ0PgyCc77KQzrN2h3fCbujFQWtXLiknkOkEmRiBWgfl7EgHZdpAmTcw4Nsu5TyIAp6wKI6DTtjq8E67nYh2yvw4TEQLZTLjMkKRj5BkIyTmJnJzE305gim%2FgV2pYbkDWxAMeY1KEFSWoKIElSSoCoJqWN%2FnmfVt%2FYBntmSt%2Fezv56Ae66K3Tu%2FroicUATV3Guv5DnlppqLjLv6Mvth2Q5%2B34xYXPuUsTmPmichrCUYZbUdJwASsrCFtY5frmnyy%2BBS5fDL3FIxOYLMJEvkiaPk6aDWOfQ90ZRx2PKyph31p%2FL62TSUKcF0jLw6huOGsZzvktd2PXDz%2BN0SydfKfV%2B4WX15%2FB4mpkZsa1%2BW3BL3s9viKrsi9K7qy5LO380IO5BotpFa7njj08aK4UWnDz5%2B1o49OJbPBrHy0JGxxgSouVc%2BSh6cl58Kc0yYR5Kvzdlmwy6VdOV0aVeYXLp85d36QG2Gt1GoCOjNt9BMSOSUvrN%2FdNfHcnycgzQSmrDEot8h%2BQOpNJPlN2Hzr5G9Hfll49cOvYTWByQ4wLHdQlfXY%2BOzgMpMEmTjoKathxYEITGw9%2FmNvNjZ0tk1lvW5vo2cc0OIW1KDG0NQYZjVoNoItnxsXudk6%2BWOwG2CZM2aZce6xzGR39mS2ctv1YxamLPYY92O%2FlQoRph4PWdAWYdxlSYrCTsUXfzX%2FAwAA%2F%2F8BAAD%2F%2F2%2B8iovKBAAA
Requested by
Host: 49.13.162.68.sslip.io
URL: https://49.13.162.68.sslip.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 00:49:50 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
7
X-Request-ID
c616876deaca1b18fd0fdba7bcf83da2
Expires
Thu, 01 Jan 1970 00:00:01 GMT
count.html
storage.multstorage.com/log/ Frame EF0C 		882 B
904 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.multstorage.com/log/count.html
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:ae33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2

Request headers

Referer
https://49.13.162.68.sslip.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84cd7a4139784bd8-BUF
content-encoding
br
content-type
text/html
date
Mon, 29 Jan 2024 00:49:50 GMT
last-modified
Mon, 18 Sep 2023 14:39:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ehoZcabTqBgxqa%2F4Ij6PmGc8x4iD4waAYrigx18DTot6q24owFQC%2F%2B0jeUqZS72MZdqhSsu5B%2B4r0agBnIxDn%2BbvnOBz1I3%2F64Yvgu7TZ3L9aWNGKit7lJxHycpdVdtKVotq5zH6Zp8pg0zJZequ4VY1gXwFKw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-request-id
1cb8362951e0ea2def821aaaeaf5c7a2
keywords
ntvpforever.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ntvpforever.com/keywords
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:252:561a::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://49.13.162.68.sslip.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
date
Mon, 29 Jan 2024 00:49:50 GMT
pragma
no-cache
server
nginx/1.20.1
vary
Origin
keywords
ntvpforever.com/ 		15 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ntvpforever.com/keywords
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:252:561a::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
080040b4937f3f423f32cd7f19b2a79ba1e1e213f1d9f4f4db4f609d4ad778d8

Request headers

Referer
https://49.13.162.68.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 00:49:50 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
15
track
f7c9e2dd9e.eb24b5a887.com/in/ 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://f7c9e2dd9e.eb24b5a887.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI0MTgyMjAzMTAwNzkwNzk2MzAwIiwidGltZXpvbmUiOi0xMCwidmVyIjoiMy4xMDAuMSIsInRhZ19pZCI6MTA4MjAxLCJzY3JlZW5fcmVzb2x1dGlvbiI6IjE2MDB4MTIwMCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiUGFjaWZpYy9Ib25vbHVsdSIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjM5LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiIlRDglQTclRDklODYlRDglQUMlRDklODUlRDklODYlMkMlRDglQjMlREElQTklRDglQjMlREIlOEMlMkMlREElQTklREIlOEMlRDglQjElMkMlRDglQUElRDklODglMkMlREElQTklRDglQjMlMkMlRTIlODAlOTMlMkMlRDglQUYlRDglQTclRDklODYlRDklODQlRDklODglRDglQUYlMkMlRDglQUMlRDglQUYlREIlOEMlRDglQUYlRDglQUElRDglQjElREIlOEMlRDklODYlMkMlRDklODElREIlOEMlRDklODQlRDklODUlMkMlRDklODglMkMlREElQTklRDklODQlREIlOEMlRDklQkUlMkMlRDklODclRDglQTclREIlOEMlMkMlRDglQjMlREElQTklRDglQjMlREIlOEMlMkMlRDglQTclREIlOEMlRDglQjElRDglQTclRDklODYlREIlOEMlMkMlRDklODglRDglQUUlRDglQTclRDglQjElRDglQUMlREIlOEMlMkMlRDklODglMkMlRDglQjklREElQTklRDglQjMlMkMlRDklODclRDglQTclREIlOEMlMkMlRDglQjMlREElQTklRDglQjMlREIlOEMlMkMlRDglQTclREIlOEMlRDglQjElRDglQTclRDklODYlREIlOEMlMkMlRDklODglMkMlRDglQUYlRDglQTclRDglQjMlRDglQUElRDglQTclRDklODYlMkMlRDklODclRDglQTclREIlOEMlMkMlRDglQjMlREElQTklRDglQjMlREIlOEMifQ==
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 00:49:50 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
npush.m.js
js.wpushsdk.com/npc/sdk/wpu/ 		160 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
707f4bca62a098521539aad4688c70e7b244ccc91055e51613f8f8b1f5f7aad3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 29 Jan 2024 00:54:50 GMT
date
Mon, 29 Jan 2024 00:49:50 GMT
content-encoding
gzip
last-modified
Thu, 25 Jan 2024 12:36:05 GMT
server
nginx/1.18.0
etag
W/"65b255b5-27f7c"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
fp
fp.metricswpsh.com/ 		60 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fp.metricswpsh.com/fp?tag_id=108201
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.84.242 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
6b114304b9275cf3df1b4bad7ed00026f9b33cea40b9e2a2804bc3f5f1996a24

Request headers

Referer
https://49.13.162.68.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Mon, 29 Jan 2024 00:49:50 GMT
Server
nginx/1.20.1
Vary
Origin
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://49.13.162.68.sslip.io
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
60
fp
fp.metricswpsh.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fp.metricswpsh.com/fp?tag_id=108201
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.84.242 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://49.13.162.68.sslip.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
https://49.13.162.68.sslip.io
Connection
keep-alive
Date
Mon, 29 Jan 2024 00:49:50 GMT
Server
nginx/1.20.1
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
animate.css
cdn.creative-bars1.com/sb/notifications/software/multi/flashplayer/window/1/css/ 		77 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.creative-bars1.com/sb/notifications/software/multi/flashplayer/window/1/css/animate.css
Requested by
Host: ineffectivebrieflyarchitect.com
URL: https://ineffectivebrieflyarchitect.com/42/d5/71/42d571de2adb7f7b0e601ebaba56c3be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e23a6449e6ef4614f0107cecf5c9eda75d2041c7c71f4a55d45f2a7e75450f4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:49:50 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 19 Jan 2024 14:25:55 GMT
server
cloudflare
etag
W/"65aa8673-13365"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F7oPeUv6xtHqvou7kw%2FuZlVfMmzTTTu2ApFKu6BHS3d3gv0Ty9iHJA8DDQF6K5xbRWNLltq5hZDdoW7J26A2h5BuxtguxNMjFzhqMuSy2tFarHgwlps8FE0sWq%2FnaQcwXnM%2F5GxSPzrUrFGrWUiZINs1VoUU"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Date
cache-control
public, max-age=315360000
cf-ray
84cd7a4339f543ac-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
cdn.creative-bars1.com/sb/notifications/software/multi/flashplayer/window/1/css/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.creative-bars1.com/sb/notifications/software/multi/flashplayer/window/1/css/style.css
Requested by
Host: ineffectivebrieflyarchitect.com
URL: https://ineffectivebrieflyarchitect.com/42/d5/71/42d571de2adb7f7b0e601ebaba56c3be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e062116d996344aae14f1849893c69fb5dd185d896c22b314880b5eabb99c501

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:49:50 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 19 Jan 2024 14:25:55 GMT
server
cloudflare
etag
W/"65aa8673-15d3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CFdWH%2FVQWY35yXEImvlS9QBBeKdAkRRwgYw5%2F7QJDII%2B3ylCb5LvfkD1FP4PqPC0FvHc%2BvT3FdZpjRS8JOJPDLTW%2F0%2FYdZ0u9cN704uhY7oGjQZX55GaNC8phXJMY5XWdOFcUgdsWTZpKansWsm8nPRqHWs9"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Date
cache-control
public, max-age=315360000
cf-ray
84cd7a4339f643ac-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
script.js
cdn.creative-bars1.com/sb/notifications/software/multi/flashplayer/window/1/js/ 		37 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.creative-bars1.com/sb/notifications/software/multi/flashplayer/window/1/js/script.js
Requested by
Host: ineffectivebrieflyarchitect.com
URL: https://ineffectivebrieflyarchitect.com/42/d5/71/42d571de2adb7f7b0e601ebaba56c3be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98d92ddd0e48d1954cb1ede3e9c293c457509aa86e666e2722a3d3ccc7796195

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:49:50 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 19 Jan 2024 14:25:55 GMT
server
cloudflare
etag
W/"65aa8673-9493"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCMmvw57ZQioZiYnGA%2FtczmfZMCafmzTKZxJpLKh1eBhehdW6Rag55ntmO9ORbkNdJd%2BrJFOECiCMOjgrFdbbEjozMvX16UJE4srZZBLbjnuxzeKiAa1%2BDLNL6kD4HzdWx6ZthA3TVTzcXYOAIA1awX3%2Fz6M"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Date
cache-control
public, max-age=315360000
cf-ray
84cd7a4339f843ac-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
sbls
neutralturbulentassist.com/pixel/ 		0
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://neutralturbulentassist.com/pixel/sbls?bv=24.4.2063&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fflashplayer%2Fwindow%2F1%2Findex.html&l=2954&fd=249.89999961853027
Requested by
Host: 49.13.162.68.sslip.io
URL: https://49.13.162.68.sslip.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 00:49:50 GMT
Server
nginx/1.21.6
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
css
fonts.googleapis.com/ Frame 8440 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
Requested by
Host: ineffectivebrieflyarchitect.com
URL: https://ineffectivebrieflyarchitect.com/42/d5/71/42d571de2adb7f7b0e601ebaba56c3be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e40dbc6da95b47d932014e5a93f35b13a341a37ea6fe7559dca041dc77271cd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 29 Jan 2024 00:49:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 28 Jan 2024 23:47:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Jan 2024 00:49:50 GMT
close.svg
cdn.creative-bars1.com/sb/notifications/software/multi/flashplayer/window/1/img/ Frame 8440 		1 KB
857 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.creative-bars1.com/sb/notifications/software/multi/flashplayer/window/1/img/close.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba182efc8e5da5b955699c53488ccbd5b6b5d08a222d02f07ab9550c3fd768f9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:49:50 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5252000
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 03 Nov 2023 11:43:32 GMT
server
cloudflare
etag
W/"6544dce4-4a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FhTHZ8nyWgBNAa9cMnGRntyO82VvcLiKtSxu8GGqdHGvBTyx6IJyCjdBFjQfYnVzt9YRE%2BtkS5Ey0EjHHXnRU0mIDcD4oGnG0F72ACdAmqtFNhzlQm%2BHt9bNtNwMV1S%2B%2Bk8SgHM1Sc27%2Bdx%2BeW1Ga%2Bom4%2FDj"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Date
cache-control
public, max-age=315360000
cf-ray
84cd7a43ae33729e-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.png
cdn.creative-bars1.com/sb/notifications/software/multi/flashplayer/window/1/img/ Frame 8440 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.creative-bars1.com/sb/notifications/software/multi/flashplayer/window/1/img/logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8656402c2d50d97bda686e8e57cf38a8903e34f13eea0698097620038c1dcc6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 00:49:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1392059
alt-svc
h3=":443"; ma=86400
content-length
9042
last-modified
Fri, 03 Nov 2023 11:43:33 GMT
server
cloudflare
etag
"6544dce5-2352"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xHvd2YdUISXzb5nU1irfigtGnVXxDRrkSlTdIS4elukP35hf%2FXeQHjmrlmpkJyC09iszZShW6zRuSEPT4NssUU7yd%2BfTrXvnMeKckfgFoVtgX3r4yHaJqUs469fwEnK1qTBLI8ObYrhA0D94Xn7Ss5sqWXUA"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Date
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
84cd7a43ae38729e-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
pxf.gif
unseenreport.com/ 		1 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unseenreport.com/pxf.gif?uuid=15531562-aefa-4bfe-b618-6d397cb6615d&eb=073bd53fc1731876576eddecf2cab2f9&te=f7cbe15081e4fbc5f4178ea1da69446c&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&dev=r&res=14.31&b_frame=0&pk=608234c3384bbb5d4e156efd29a0e1da&bl=en-US&sr=1200x1600&sz=1200x1600&hjs=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 00:49:50 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.21.6
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
1
X-Request-ID
047083b85e2ab037126183c5a5d4d049
Expires
Thu, 01 Jan 1970 00:00:01 GMT
pxf.gif
unseenreport.com/ 		1 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unseenreport.com/pxf.gif?uuid=15531562-aefa-4bfe-b618-6d397cb6615d&eb=073bd53fc1731876576eddecf2cab2f9&te=f7cbe15081e4fbc5f4178ea1da69446c&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&dev=r&res=14.31&b_frame=0&pk=42d571de2adb7f7b0e601ebaba56c3be&bl=en-US&sr=1200x1600&sz=1200x1600&hjs=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 00:49:51 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.21.6
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
1
X-Request-ID
30a312ad113b637a8cc2133debddacc5
Expires
Thu, 01 Jan 1970 00:00:01 GMT
sbls
neutralturbulentassist.com/pixel/ 		0
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://neutralturbulentassist.com/pixel/sbls?bv=24.4.2063&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fflashplayer%2Fwindow%2F1%2Fcss%2Fanimate.css&l=78693&fd=266.5999994277954
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 00:49:50 GMT
Server
nginx/1.21.6
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
sbls
neutralturbulentassist.com/pixel/ 		0
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://neutralturbulentassist.com/pixel/sbls?bv=24.4.2063&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fflashplayer%2Fwindow%2F1%2Fcss%2Fstyle.css&l=5587&fd=328.5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 00:49:50 GMT
Server
nginx/1.21.6
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
sbls
neutralturbulentassist.com/pixel/ 		0
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://neutralturbulentassist.com/pixel/sbls?bv=24.4.2063&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fmulti%2Fflashplayer%2Fwindow%2F1%2Fjs%2Fscript.js&l=27635&fd=348.8999996185303
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 00:49:50 GMT
Server
nginx/1.21.6
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
impr.gif
neutralturbulentassist.com/ 		7 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://neutralturbulentassist.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSuHnMziHoSRehDDlnIzvZ09%2FTMEEjIj9GwSQzJhj1XddXMVqamqqnqnt7sxWBAcpyQi57s%2FSbJoomgCJ7UyKwHZUHIeHFB12vQi14UDILM7sLig%2BK9V%2B97UN9X33vrxQ5poKDb%2BUWzJpWiC8164B9dlpqb0vmXlvxGUA%2BO%2B8tSJ%2FFxfzWJ5%2FxTWabEsmCLMl9oRq16lPhHF99aunjhmK9kX%2FhvirRv5vwzK9YMxEIjDOpBPQk6nXoYxv5V2qVW7u9BZo86Sb1TD%2BOk3ugkWLX%2F713hwVEPfLhDXobk08Pf%2B99BphPowadnhevnJjv2xqBQNDcWQ75xTfe1KTUGB2XXeujqjX00jJsS8n4NRm%2Fss4QZ3puxBJNT4v17Akw%2F2Hs82HDcCAMwBaHB%2BPMohxMINYGkE6TmFiR%2FQn5FynHtKvTgk2ta5oL7V3OaCwdJN5HSGWhKao8%2FgCynpPb7YejB55fEqjDaXxLpijbK9KRwWO1WkKsTyN4EWbGJfO0ZZLmJNH8Xkv9ALj4T0ION00W3S5WB5NtHup1mlISiPc%2B6CZ2Poyie77CYzrNmm7fjThy0osauXFJOILsTKDECdR6K2ZEeim4NRVbDgG%2F7lPMoiXjKklYraseNNm83m6lodlnYilPRQJHOuIyQZyOkaoTU3kRmb6IvR7DFN3ArFRz34HKCIa9QCoLSEZSUoJQEZU5QDqv7XLnQVQ%2B4cgVr7OdwP0fV2OS9dXrf5D2hCai9U1vPdshLMxU9f%2FFn9MW2H4e82WpwEVLOWt0WC0QSNASjjDaTNGICTlaQrrbLdU0%2BWXyKTD6ZewpGJ3BqglS%2BCFq8DlqOW2EAujKO2wHW9MO%2BtGHfuLoWObipkOWHkN%2Fw1tUOeW33IxeP%2Fw2Rbp3855W7%2BZfX30FqK2S2wnX5LUFP3R5fMSW5d8WUjnz2dpbLgVyjuTR61xOHPl4UN0pj%2BfmzbvTRqXQ2mJWPloTLL1DNpe458vC05FzYc8amgnx13i0LdrlwK6cLq4vswuUz584PMiuck0ZPQGemTX5CKqfkhfW7uyae%2B%2FMEpJ3AFhUGxRbZD0iziTS7CZdtnfztyC8Lr374NZwhsOoAwzIPZVGNbcgOLpUkUOKgp6yCEwciMLH1%2BI%2B92djS2TaV1bq7jZ71QPNb0IMKQ1thqCpQNYIrnhvnmd06%2BWO0G2DKGzNlvXtMWXVnT2Ynt%2F1GxEMqwqBJm%2B12O%2BCMtltNntKEJa1YhAFyNxVf%2FFX%2FDwAA%2F%2F8BAAD%2F%2F%2B%2B1%2BZ%2FKBAAA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 00:49:50 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
7
X-Request-ID
00a54a44531e44e75ab7ace75bddc0c2
Expires
Thu, 01 Jan 1970 00:00:01 GMT
sbs
neutralturbulentassist.com/pixel/ 		0
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://neutralturbulentassist.com/pixel/sbs?c=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://49.13.162.68.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 00:49:50 GMT
Server
nginx/1.21.6
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
kir2kos.net
URL
https://kir2kos.net/wp-content/uploads/useanyfont/3275dana.woff2
Domain
kir2kos.net
URL
https://kir2kos.net/wp-content/plugins/pwa/wp-includes/js/workbox-v7.0.0/workbox-window.prod.js
Domain
kir2kos.net
URL
https://kir2kos.net/wp-content/uploads/useanyfont/3275dana.woff

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| _wpemojiSettings function| a0J function| a0S object| LieDetector object| AaDetector object| mm function| _0xa466 function| _0x3934 object| sbslms number| sc_project number| sc_invisible string| sc_security string| scJsHost function| _statcounter function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| __WordPressPrivateInteractivityAPI__ function| onYouTubeIframeAPIReady object| gaGlobal function| _0x39b4 function| _0x61bf object| __adFormats object| __formatsGetters object| _admSptsInVw object| AdManager object| a3klsam object| twemoji object| wp object| activesInpages function| __fp-init

22 Cookies

Domain/Path Name / Value
ineffectivebrieflyarchitect.com/60/82/34 Name: 4b4e7ab587d59b22ad7bcd2439afc363_cf-3003
Value: 1
proftrafficcounter.com/ Name: uid_id2
Value: 15531562-aefa-4bfe-b618-6d397cb6615d:3:1
.49.13.162.68.sslip.io/ Name: sc_is_visitor_unique
Value: rx10729867.1706489390.1CB4EC2D2DE34F233588D2FC718D1405.1.1.1.1.1.1.1.1.1
49.13.162.68.sslip.io/ Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c
Value: 15531562-aefa-4bfe-b618-6d397cb6615d%3A3%3A1
.sslip.io/ Name: _ga_TPLRMQ2RQD
Value: GS1.1.1706489389.1.0.1706489389.0.0.0
.sslip.io/ Name: _ga
Value: GA1.1.1422014617.1706489390
.statcounter.com/ Name: is_unique
Value: sc10729867.1706489389.0
.statcounter.com/ Name: is_visitor_unique
Value: 1706489389376314319
49.13.162.68.sslip.io/ Name: pp_main_608234c3384bbb5d4e156efd29a0e1da
Value: 1
49.13.162.68.sslip.io/ Name: sb_page_42d571de2adb7f7b0e601ebaba56c3be
Value: 1
49.13.162.68.sslip.io/ Name: sb_main_42d571de2adb7f7b0e601ebaba56c3be
Value: 1
49.13.162.68.sslip.io/ Name: sb_count_42d571de2adb7f7b0e601ebaba56c3be
Value: 1
49.13.162.68.sslip.io/ Name: sb_onpage_42d571de2adb7f7b0e601ebaba56c3be
Value: 1
neutralturbulentassist.com/ Name: u_pl
Value: 18893788
neutralturbulentassist.com/ Name: uid_id2
Value: f95362e8-bf6a-4334-9b4a-b58d84940731:1:1
neutralturbulentassist.com/ Name: pdhtkv
Value: true
neutralturbulentassist.com/ Name: uncs
Value: 1
neutralturbulentassist.com/ Name: pdhtkv29
Value: true
neutralturbulentassist.com/ Name: uncs29
Value: 1
neutralturbulentassist.com/ Name: slec42d571de2adb7f7b0e601ebaba56c3be
Value: [4930551]
49.13.162.68.sslip.io/ Name: pbpr0tpuw4isk85t8yg3jb2lj5vqf
Value: neutralturbulentassist.com
fp.metricswpsh.com/ Name: id
Value: 4666989384214526210

8 Console Messages

Source Level URL
Text
javascript warning URL: https://49.13.162.68.sslip.io/(Line 910)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://statcounter.com/counter/counter.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://49.13.162.68.sslip.io/(Line 910)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://statcounter.com/counter/counter.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript error URL: https://49.13.162.68.sslip.io/
Message:
Access to font at 'https://kir2kos.net/wp-content/uploads/useanyfont/3275dana.woff2' from origin 'https://49.13.162.68.sslip.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://kir2kos.net/wp-content/uploads/useanyfont/3275dana.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://49.13.162.68.sslip.io/
Message:
Access to script at 'https://kir2kos.net/wp-content/plugins/pwa/wp-includes/js/workbox-v7.0.0/workbox-window.prod.js' from origin 'https://49.13.162.68.sslip.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://kir2kos.net/wp-content/plugins/pwa/wp-includes/js/workbox-v7.0.0/workbox-window.prod.js
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://49.13.162.68.sslip.io/
Message:
Access to font at 'https://kir2kos.net/wp-content/uploads/useanyfont/3275dana.woff' from origin 'https://49.13.162.68.sslip.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://kir2kos.net/wp-content/uploads/useanyfont/3275dana.woff
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

49.13.162.68.sslip.io
c.statcounter.com
capaciousdrewreligion.com
cdn.creative-bars1.com
cdn.yourwebbars.com
f7c9e2dd9e.eb24b5a887.com
fonts.googleapis.com
fp.metricswpsh.com
friendshipmale.com
ineffectivebrieflyarchitect.com
js.capndr.com
js.wpadmngr.com
js.wpushsdk.com
kir2kos.net
na.nawpush.com
neutralturbulentassist.com
ntvpforever.com
proftrafficcounter.com
rodplayed.com
statcounter.com
storage.multstorage.com
unseenreport.com
www.google-analytics.com
www.googletagmanager.com
kir2kos.net
104.20.95.138
157.90.84.242
172.240.253.132
172.67.166.79
192.243.59.13
192.243.61.225
192.243.61.227
2606:4700:20::ac43:4ada
2606:4700:3032::ac43:ae33
2606:4700:3038::6815:ea21
2606:4700:e4::ac40:a004
2607:f8b0:4006:80b::2008
2607:f8b0:4006:817::200e
2607:f8b0:4006:81d::200a
2a01:4f8:252:561a::2
44.206.156.11
45.133.44.24
45.133.44.52
45.133.44.53
49.13.162.68
080040b4937f3f423f32cd7f19b2a79ba1e1e213f1d9f4f4db4f609d4ad778d8
29ff3d2a341996415c95e45e310ab9be5df2765c7988077fcac90d4312caab01
2d4cea3888904f3815989893aff9db7d5d58e5a284ad604a9fecada677352909
39712d91f198246411f266af54d52c141b9754d2b95b001f05cc85680e9ee254
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4d18396cb3ab2cea5f507da529788bd29f1ba65d1aa59652d4ce908b55c06ff7
4e23a6449e6ef4614f0107cecf5c9eda75d2041c7c71f4a55d45f2a7e75450f4
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
6211eaf7c2150a16763dcc0eb1cbdea6325cbb9d959e12b3cbd8d8c8b0662689
64a702eefb94c666612ce968d98854130e26721d50a9ddcd71f3fd7a8b12ed1a
6b114304b9275cf3df1b4bad7ed00026f9b33cea40b9e2a2804bc3f5f1996a24
707f4bca62a098521539aad4688c70e7b244ccc91055e51613f8f8b1f5f7aad3
70bef0b9b90f224dcce56929057d20668fd82f6a6044195d3655b893657ff11b
88ac94d75dc630cbc4741c37b1fd1aa800abc65b06c6b4ee376e9f45d5713469
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2
8debf919f9d44ba37fa60607809c029f16307d1b27d5472eccb2234563d713bc
956b7121829fe2188560543ff4cf56ccb89e937be7036b20411a6fd44d128cea
95b4293594fb031269955ca1c6535961bd05c76c25fb7f551d0022cc2f6b5f5c
98d92ddd0e48d1954cb1ede3e9c293c457509aa86e666e2722a3d3ccc7796195
9c82d1026067991e0ea063780caa825808657837675e8cc8ffb1f0e04a59820b
a85b262c4f687dd7584bf26192db744e6e99715e5522abd563f7510f764f1563
ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95
ae748f5d22f784eca1e0cda407b3dda3f7f2cb8dd0f1dc7516101b7b527dfd1d
b78c5c3f93b9d9d8dcb46d08d4f67cbcf71ff8b2ec96c03543fc377ce446b6e6
ba182efc8e5da5b955699c53488ccbd5b6b5d08a222d02f07ab9550c3fd768f9
ca02d1a91f43d6b8c5d8d127d04e95afb736ae1779577bde0a6f0641cc4f4893
d8656402c2d50d97bda686e8e57cf38a8903e34f13eea0698097620038c1dcc6
e062116d996344aae14f1849893c69fb5dd185d896c22b314880b5eabb99c501
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40dbc6da95b47d932014e5a93f35b13a341a37ea6fe7559dca041dc77271cd6
ec73d7d8589f62168ab396fedeb284fb570ad42f980aef5d3d014bbb82f93899
ecfc357ad95e64230925cfe8fc310394fe5c1b4385eb08354b8fec69af0d6966