urlscan.io logo urlscan.io
SecurityTrails logo

stitu.dc12.frantic.im Open in urlscan Pro
139.59.138.103  Public Scan

Go To Rescan Add Verdict Report
URL: http://stitu.dc12.frantic.im/w/fr/161/www-nupay-login-co-za/pages
Submission: On November 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 29 HTTP transactions. The main IP is 139.59.138.103, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is stitu.dc12.frantic.im.
This is the only time stitu.dc12.frantic.im was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 139.59.138.103 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
10 10 192.0.77.2 2635 (AUTOMATTIC)
10 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700:e2:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 146.59.152.98 16276 (OVH)
1 54.39.128.117 16276 (OVH)
29 11
3    139.59.138.103 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
stitu.dc12.frantic.im
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
mediapalmtree.com
10    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com
i0.wp.com
10    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ytimg.googleusercontent.com
5    2606:4700:e2::ac40:8209 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
3    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:10::6814:81f (United States)

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
2    146.59.152.98 (France)

ASN16276 (OVH, FR)
PTR: ns3183043.ip-146-59-152.eu
8jw0.com
1    54.39.128.117 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns561935.ip-54-39-128.net
s4.histats.com
Apex Domain
Subdomains		 Transfer
10 googleusercontent.com
ytimg.googleusercontent.com — Cisco Umbrella Rank: 46419
108 KB
10 wp.com
i0.wp.com — Cisco Umbrella Rank: 3823
2 KB
6 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1492
ka-f.fontawesome.com — Cisco Umbrella Rank: 2891
176 KB
3 gstatic.com
fonts.gstatic.com
33 KB
3 frantic.im
stitu.dc12.frantic.im
12 KB
2 8jw0.com
8jw0.com
3 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 14333
s4.histats.com — Cisco Umbrella Rank: 14235
5 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
ajax.googleapis.com — Cisco Umbrella Rank: 364
34 KB
1 mediapalmtree.com
mediapalmtree.com
17 KB
29 9
Domain Requested by
10 ytimg.googleusercontent.com stitu.dc12.frantic.im
10 i0.wp.com 10 redirects
5 ka-f.fontawesome.com kit.fontawesome.com
stitu.dc12.frantic.im
3 fonts.gstatic.com fonts.googleapis.com
3 stitu.dc12.frantic.im stitu.dc12.frantic.im
2 8jw0.com mediapalmtree.com
1 s4.histats.com s10.histats.com
1 s10.histats.com stitu.dc12.frantic.im
1 mediapalmtree.com stitu.dc12.frantic.im
1 ajax.googleapis.com stitu.dc12.frantic.im
1 kit.fontawesome.com stitu.dc12.frantic.im
1 fonts.googleapis.com stitu.dc12.frantic.im
29 12

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.pinterest.com
www.youtube.com
8jhbawdii.monster
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-22 -
2023-12-23		 a year crt.sh
ka-f.fontawesome.com
GTS CA 1P5		 2023-11-08 -
2024-02-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
histats.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://stitu.dc12.frantic.im/w/fr/161/www-nupay-login-co-za/pages
Frame ID: FC87E5DAA8780B3A87F67CBE8D348EE0
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Download Mp3 Www Nupay Login Co Za or Listen Free [5.84 MB] ~ MP3 Music Download

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

41 %
HTTPS

67 %
IPv6

9
Domains

12
Subdomains

11
IPs

4
Countries

390 kB
Transfer

636 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://i0.wp.com/ytimg.googleusercontent.com/vi/LtvgKtCbSQ4/hqdefault.jpg?resize=60,60 HTTP 302
  • https://ytimg.googleusercontent.com/vi/LtvgKtCbSQ4/hqdefault.jpg
Request Chain 6
  • https://i0.wp.com/ytimg.googleusercontent.com/vi/1l_KfG-jAPM/hqdefault.jpg?resize=60,60 HTTP 302
  • https://ytimg.googleusercontent.com/vi/1l_KfG-jAPM/hqdefault.jpg
Request Chain 7
  • https://i0.wp.com/ytimg.googleusercontent.com/vi/J5WOLZHi_RE/hqdefault.jpg?resize=60,60 HTTP 302
  • https://ytimg.googleusercontent.com/vi/J5WOLZHi_RE/hqdefault.jpg
Request Chain 8
  • https://i0.wp.com/ytimg.googleusercontent.com/vi/GI6nNM0If4k/hqdefault.jpg?resize=60,60 HTTP 302
  • https://ytimg.googleusercontent.com/vi/GI6nNM0If4k/hqdefault.jpg
Request Chain 9
  • https://i0.wp.com/ytimg.googleusercontent.com/vi/Ct06lYEXz-4/hqdefault.jpg?resize=60,60 HTTP 302
  • https://ytimg.googleusercontent.com/vi/Ct06lYEXz-4/hqdefault.jpg
Request Chain 10
  • https://i0.wp.com/ytimg.googleusercontent.com/vi/u_KBvgsTUiM/hqdefault.jpg?resize=60,60 HTTP 302
  • https://ytimg.googleusercontent.com/vi/u_KBvgsTUiM/hqdefault.jpg
Request Chain 11
  • https://i0.wp.com/ytimg.googleusercontent.com/vi/Cd1a8i03dF4/hqdefault.jpg?resize=60,60 HTTP 302
  • https://ytimg.googleusercontent.com/vi/Cd1a8i03dF4/hqdefault.jpg
Request Chain 12
  • https://i0.wp.com/ytimg.googleusercontent.com/vi/jbUWMMr-mZ0/hqdefault.jpg?resize=60,60 HTTP 302
  • https://ytimg.googleusercontent.com/vi/jbUWMMr-mZ0/hqdefault.jpg
Request Chain 13
  • https://i0.wp.com/ytimg.googleusercontent.com/vi/f0rfmlfHWS8/hqdefault.jpg?resize=60,60 HTTP 302
  • https://ytimg.googleusercontent.com/vi/f0rfmlfHWS8/hqdefault.jpg
Request Chain 14
  • https://i0.wp.com/ytimg.googleusercontent.com/vi/mnEDgWf0Hu8/hqdefault.jpg?resize=60,60 HTTP 302
  • https://ytimg.googleusercontent.com/vi/mnEDgWf0Hu8/hqdefault.jpg

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request pages
stitu.dc12.frantic.im/w/fr/161/www-nupay-login-co-za/ 		68 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://stitu.dc12.frantic.im/w/fr/161/www-nupay-login-co-za/pages
Protocol
HTTP/1.1
Server
139.59.138.103 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
4a92178831e5d0a95a4d37776f2c99984f36a1ae5ca30bb8a67426e87184638b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 09 Nov 2023 21:34:41 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx-rc
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
css2
fonts.googleapis.com/ 		7 KB
1011 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto%3Awght%40400%3B500%3B700&display=swap
Requested by
Host: stitu.dc12.frantic.im
URL: http://stitu.dc12.frantic.im/w/fr/161/www-nupay-login-co-za/pages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cf23c4d1ab37476578ad8f9caaed779f696d40bc3bc478b5470876ba270e4cfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://stitu.dc12.frantic.im/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Thu, 09 Nov 2023 21:34:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Thu, 09 Nov 2023 21:34:41 GMT
style.css
stitu.dc12.frantic.im/themes/musicy/assets/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://stitu.dc12.frantic.im/themes/musicy/assets/css/style.css
Requested by
Host: stitu.dc12.frantic.im
URL: http://stitu.dc12.frantic.im/w/fr/161/www-nupay-login-co-za/pages
Protocol
HTTP/1.1
Server
139.59.138.103 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
55aff36024ed60e0bf4a31d2c2dd19ba3eb0e0d9d7538f234521c33109e43a58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://stitu.dc12.frantic.im/w/fr/161/www-nupay-login-co-za/pages
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Thu, 09 Nov 2023 21:34:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 02 Nov 2021 09:05:55 GMT
Server
nginx-rc
ETag
W/"2b52-5cfca99d882c0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
X-XSS-Protection
1; mode=block
396fca9eef.js
kit.fontawesome.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/396fca9eef.js
Requested by
Host: stitu.dc12.frantic.im
URL: http://stitu.dc12.frantic.im/w/fr/161/www-nupay-login-co-za/pages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5b630207d82b234cda62f0694210e315a36f551b21dd7d4fc2e079c8cf2b9bd

Request headers

Referer
http://stitu.dc12.frantic.im/
Origin
http://stitu.dc12.frantic.im
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 09 Nov 2023 21:34:41 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
82392e66d8914d8f-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F5XrOxTtyhRkZvMpFdmB
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: stitu.dc12.frantic.im
URL: http://stitu.dc12.frantic.im/w/fr/161/www-nupay-login-co-za/pages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://stitu.dc12.frantic.im/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 03 Nov 2023 01:48:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
589554
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33576
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Nov 2024 01:48:47 GMT
pu-script.js
mediapalmtree.com/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://mediapalmtree.com/pu-script.js?t=1684417658
Requested by
Host: stitu.dc12.frantic.im
URL: http://stitu.dc12.frantic.im/w/fr/161/www-nupay-login-co-za/pages
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32135fa3838de1b7c63899022965391f2f421cdca0688091ab4f7ff7e3c4e1e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://stitu.dc12.frantic.im/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Thu, 09 Nov 2023 21:34:41 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Tue, 31 Oct 2023 13:11:58 GMT
Server
cloudflare
ETag
W/"6540fd1e-c553"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ZTYFeKh0Pu4sis8eMP%2FQ%2FIl615ont7tgb86kHbVyy%2FGzt1sRp1yBgdMbEcXCYsoBUKQ70M1qKv50aEP41%2BXvh7e%2FnWKVwtd50QHmqkWKJeIKvxHpN0rDDKq9ZjjgW5ycCiWlHuB3Lpc%2BwRdcvzk3g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
CF-RAY
82392e66cdd01c8b-FRA
hqdefault.jpg
ytimg.googleusercontent.com/vi/LtvgKtCbSQ4/
Redirect Chain
  • https://i0.wp.com/ytimg.googleusercontent.com/vi/LtvgKtCbSQ4/hqdefault.jpg?resize=60,60
  • https://ytimg.googleusercontent.com/vi/LtvgKtCbSQ4/hqdefault.jpg
11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ytimg.googleusercontent.com/vi/LtvgKtCbSQ4/hqdefault.jpg
Requested by
Host: stitu.dc12.frantic.im
URL: http://stitu.dc12.frantic.im/w/fr/161/www-nupay-login-co-za/pages
Protocol
H2
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21e2412c8d6d61adb0ca017a7bd650d536098e197b5ee4868a7bffda3aecf24c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://stitu.dc12.frantic.im/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 09 Nov 2023 21:34:22 GMT
x-content-type-options
nosniff
age
19
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10975
x-xss-protection
0
server
sffe
etag
"1617183883"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 Nov 2023 23:34:22 GMT

Redirect headers

x-nc
HIT hhn 4
date
Thu, 09 Nov 2023 21:34:41 GMT
server
nginx
access-control-allow-methods
GET, HEAD
content-type
text/html
location
https://ytimg.googleusercontent.com/vi/LtvgKtCbSQ4/hqdefault.jpg
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
138
hqdefault.jpg
ytimg.googleusercontent.com/vi/1l_KfG-jAPM/
Redirect Chain
  • https://i0.wp.com/ytimg.googleusercontent.com/vi/1l_KfG-jAPM/hqdefault.jpg?resize=60,60
  • https://ytimg.googleusercontent.com/vi/1l_KfG-jAPM/hqdefault.jpg
18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ytimg.googleusercontent.com/vi/1l_KfG-jAPM/hqdefault.jpg
Requested by
Host: stitu.dc12.frantic.im
URL: http://stitu.dc12.frantic.im/w/fr/161/www-nupay-login-co-za/pages
Protocol
H2
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
818771374404570e98d90531c3670621d29cf876646271831529ba8b1cb6eccb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://stitu.dc12.frantic.im/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 09 Nov 2023 21:34:22 GMT
x-content-type-options
nosniff
age
19
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18905
x-xss-protection
0
server
sffe
etag
"1506065900"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 Nov 2023 23:34:22 GMT

Redirect headers

x-nc
HIT hhn 4
date
Thu, 09 Nov 2023 21:34:41 GMT
server
nginx
access-control-allow-methods
GET, HEAD
content-type
text/html
location
https://ytimg.googleusercontent.com/vi/1l_KfG-jAPM/hqdefault.jpg
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
138
hqdefault.jpg
ytimg.googleusercontent.com/vi/J5WOLZHi_RE/
Redirect Chain
  • https://i0.wp.com/ytimg.googleusercontent.com/vi/J5WOLZHi_RE/hqdefault.jpg?resize=60,60
  • https://ytimg.googleusercontent.com/vi/J5WOLZHi_RE/hqdefault.jpg
9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ytimg.googleusercontent.com/vi/J5WOLZHi_RE/hqdefault.jpg
Requested by
Host: stitu.dc12.frantic.im
URL: http://stitu.dc12.frantic.im/w/fr/161/www-nupay-login-co-za/pages
Protocol
H2
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f4d2af9f7826e9e98a039d34dafe75e69c53622b92efc5a2f05cf8e6a3593a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://stitu.dc12.frantic.im/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 09 Nov 2023 21:34:22 GMT
x-content-type-options
nosniff
age
19
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9307
x-xss-protection
0
server
sffe
etag
"1636440404"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 Nov 2023 23:34:22 GMT

Redirect headers

x-nc
HIT hhn 4
date
Thu, 09 Nov 2023 21:34:41 GMT
server
nginx
access-control-allow-methods
GET, HEAD
content-type
text/html
location
https://ytimg.googleusercontent.com/vi/J5WOLZHi_RE/hqdefault.jpg
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
138
hqdefault.jpg
ytimg.googleusercontent.com/vi/GI6nNM0If4k/
Redirect Chain
  • https://i0.wp.com/ytimg.googleusercontent.com/vi/GI6nNM0If4k/hqdefault.jpg?resize=60,60
  • https://ytimg.googleusercontent.com/vi/GI6nNM0If4k/hqdefault.jpg
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ytimg.googleusercontent.com/vi/GI6nNM0If4k/hqdefault.jpg
Requested by
Host: stitu.dc12.frantic.im
URL: http://stitu.dc12.frantic.im/w/fr/161/www-nupay-login-co-za/pages
Protocol
H2
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3bfe46d10912b233d76077235e2bace8bc93100a478df65ee65ee4485cee8f10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://stitu.dc12.frantic.im/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 09 Nov 2023 21:34:22 GMT
x-content-type-options
nosniff
age
19
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13953
x-xss-protection
0
server
sffe
etag
"1594293342"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 Nov 2023 23:34:22 GMT

Redirect headers

x-nc
HIT hhn 3
date
Thu, 09 Nov 2023 21:34:41 GMT
server
nginx
access-control-allow-methods
GET, HEAD
content-type
text/html
location
https://ytimg.googleusercontent.com/vi/GI6nNM0If4k/hqdefault.jpg
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
138
hqdefault.jpg
ytimg.googleusercontent.com/vi/Ct06lYEXz-4/
Redirect Chain
  • https://i0.wp.com/ytimg.googleusercontent.com/vi/Ct06lYEXz-4/hqdefault.jpg?resize=60,60
  • https://ytimg.googleusercontent.com/vi/Ct06lYEXz-4/hqdefault.jpg
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ytimg.googleusercontent.com/vi/Ct06lYEXz-4/hqdefault.jpg
Requested by
Host: stitu.dc12.frantic.im
URL: http://stitu.dc12.frantic.im/w/fr/161/www-nupay-login-co-za/pages
Protocol
H3
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba24386e4e34d59186ed6007ef930b656c2a2b698894d7c0a1efa63df348fc52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://stitu.dc12.frantic.im/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 09 Nov 2023 21:34:22 GMT
x-content-type-options
nosniff
age
19
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14916
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 Nov 2023 23:34:22 GMT

Redirect headers

x-nc
HIT hhn 3
date
Thu, 09 Nov 2023 21:34:41 GMT
server
nginx
access-control-allow-methods
GET, HEAD
content-type
text/html
location
https://ytimg.googleusercontent.com/vi/Ct06lYEXz-4/hqdefault.jpg
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
138
hqdefault.jpg
ytimg.googleusercontent.com/vi/u_KBvgsTUiM/
Redirect Chain
  • https://i0.wp.com/ytimg.googleusercontent.com/vi/u_KBvgsTUiM/hqdefault.jpg?resize=60,60
  • https://ytimg.googleusercontent.com/vi/u_KBvgsTUiM/hqdefault.jpg
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ytimg.googleusercontent.com/vi/u_KBvgsTUiM/hqdefault.jpg
Requested by
Host: stitu.dc12.frantic.im
URL: http://stitu.dc12.frantic.im/w/fr/161/www-nupay-login-co-za/pages
Protocol
H3
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f08df3e46b522d4b11674caebbeff764bdd659ff27d2c6509c83acef4d9ea17a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://stitu.dc12.frantic.im/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 09 Nov 2023 21:34:22 GMT
x-content-type-options
nosniff
age
19
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5482
x-xss-protection
0
server
sffe
etag
"1589898500"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 Nov 2023 23:34:22 GMT

Redirect headers

x-nc
HIT hhn 1
date
Thu, 09 Nov 2023 21:34:41 GMT
server
nginx
access-control-allow-methods
GET, HEAD
content-type
text/html
location
https://ytimg.googleusercontent.com/vi/u_KBvgsTUiM/hqdefault.jpg
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
138
hqdefault.jpg
ytimg.googleusercontent.com/vi/Cd1a8i03dF4/
Redirect Chain
  • https://i0.wp.com/ytimg.googleusercontent.com/vi/Cd1a8i03dF4/hqdefault.jpg?resize=60,60
  • https://ytimg.googleusercontent.com/vi/Cd1a8i03dF4/hqdefault.jpg
9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ytimg.googleusercontent.com/vi/Cd1a8i03dF4/hqdefault.jpg
Requested by
Host: stitu.dc12.frantic.im
URL: http://stitu.dc12.frantic.im/w/fr/161/www-nupay-login-co-za/pages
Protocol
H3
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e51c532d629e0c4927277d0d5751a4cd9f937fe98e106c5aa8201e113c653f66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://stitu.dc12.frantic.im/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 09 Nov 2023 21:34:22 GMT
x-content-type-options
nosniff
age
19
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9093
x-xss-protection
0
server
sffe
etag
"1517478201"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 Nov 2023 23:34:22 GMT

Redirect headers

x-nc
HIT hhn 4
date
Thu, 09 Nov 2023 21:34:41 GMT
server
nginx
access-control-allow-methods
GET, HEAD
content-type
text/html
location
https://ytimg.googleusercontent.com/vi/Cd1a8i03dF4/hqdefault.jpg
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
138
hqdefault.jpg
ytimg.googleusercontent.com/vi/jbUWMMr-mZ0/
Redirect Chain
  • https://i0.wp.com/ytimg.googleusercontent.com/vi/jbUWMMr-mZ0/hqdefault.jpg?resize=60,60
  • https://ytimg.googleusercontent.com/vi/jbUWMMr-mZ0/hqdefault.jpg
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ytimg.googleusercontent.com/vi/jbUWMMr-mZ0/hqdefault.jpg
Requested by
Host: stitu.dc12.frantic.im
URL: http://stitu.dc12.frantic.im/w/fr/161/www-nupay-login-co-za/pages
Protocol
H3
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a7265a8681e44e96606d37b57f0267e8dd99b364a594769c02f0fb207c23354
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://stitu.dc12.frantic.im/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 09 Nov 2023 21:34:22 GMT
x-content-type-options
nosniff
age
19
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8627
x-xss-protection
0
server
sffe
etag
"1596721545"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 Nov 2023 23:34:22 GMT

Redirect headers

x-nc
HIT hhn 1
date
Thu, 09 Nov 2023 21:34:41 GMT
server
nginx
access-control-allow-methods
GET, HEAD
content-type
text/html
location
https://ytimg.googleusercontent.com/vi/jbUWMMr-mZ0/hqdefault.jpg
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
138
hqdefault.jpg
ytimg.googleusercontent.com/vi/f0rfmlfHWS8/
Redirect Chain
  • https://i0.wp.com/ytimg.googleusercontent.com/vi/f0rfmlfHWS8/hqdefault.jpg?resize=60,60
  • https://ytimg.googleusercontent.com/vi/f0rfmlfHWS8/hqdefault.jpg
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ytimg.googleusercontent.com/vi/f0rfmlfHWS8/hqdefault.jpg
Requested by
Host: stitu.dc12.frantic.im
URL: http://stitu.dc12.frantic.im/w/fr/161/www-nupay-login-co-za/pages
Protocol
H3
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c66863077b8cb73ca889e64cde9f3b0dabe0652b371b39a3ce9d028f5020b34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://stitu.dc12.frantic.im/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 09 Nov 2023 21:34:22 GMT
x-content-type-options
nosniff
age
19
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7127
x-xss-protection
0
server
sffe
etag
"1504708642"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 Nov 2023 23:34:22 GMT

Redirect headers

x-nc
HIT hhn 3
date
Thu, 09 Nov 2023 21:34:41 GMT
server
nginx
access-control-allow-methods
GET, HEAD
content-type
text/html
location
https://ytimg.googleusercontent.com/vi/f0rfmlfHWS8/hqdefault.jpg
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
138
hqdefault.jpg
ytimg.googleusercontent.com/vi/mnEDgWf0Hu8/
Redirect Chain
  • https://i0.wp.com/ytimg.googleusercontent.com/vi/mnEDgWf0Hu8/hqdefault.jpg?resize=60,60
  • https://ytimg.googleusercontent.com/vi/mnEDgWf0Hu8/hqdefault.jpg
12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ytimg.googleusercontent.com/vi/mnEDgWf0Hu8/hqdefault.jpg
Requested by
Host: stitu.dc12.frantic.im
URL: http://stitu.dc12.frantic.im/w/fr/161/www-nupay-login-co-za/pages
Protocol
H3
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0df68cbb5e749bc19e99a9e3eb91382be243871ecbe8357aa35ddb50fdf953a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://stitu.dc12.frantic.im/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 09 Nov 2023 21:34:22 GMT
x-content-type-options
nosniff
age
19
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11815
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 Nov 2023 23:34:22 GMT

Redirect headers

x-nc
HIT hhn 1
date
Thu, 09 Nov 2023 21:34:41 GMT
server
nginx
access-control-allow-methods
GET, HEAD
content-type
text/html
location
https://ytimg.googleusercontent.com/vi/mnEDgWf0Hu8/hqdefault.jpg
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
138
scripts.js
stitu.dc12.frantic.im/themes/musicy/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://stitu.dc12.frantic.im/themes/musicy/assets/js/scripts.js
Requested by
Host: stitu.dc12.frantic.im
URL: http://stitu.dc12.frantic.im/w/fr/161/www-nupay-login-co-za/pages
Protocol
HTTP/1.1
Server
139.59.138.103 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
ba663bd9da0b8b3b4cddbd54b70c31e11dc67b85e08f22e3acb25c6324e72f16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://stitu.dc12.frantic.im/w/fr/161/www-nupay-login-co-za/pages
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Thu, 09 Nov 2023 21:34:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 07 May 2020 10:52:38 GMT
Server
nginx-rc
ETag
W/"aa6-5a50cadd28980"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
X-XSS-Protection
1; mode=block
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=396fca9eef
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/396fca9eef.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://stitu.dc12.frantic.im/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 09 Nov 2023 21:34:41 GMT
via
1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
age
44808
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S5qvc0N8MTD6GrllR2dsm80x7v%2FlQgHlSzM2rOEAHXlmgt2q%2FxjCGJIUBEmeQA8nbusUMe1ssewt3lXZTQtHmjKCvKomkQFXFheWM%2B0YzUYk%2Fl%2BrLBqcP1CtuRKdybYhpPpQS263v8rINwjU9%2BrA4hPJPA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
82392e67cc8c4d55-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
lKJyY5yP0LWZScAArq8CGVkf_U6Sa-MNSkGAe-Yv1T84DMQm22pAFw==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		26 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=396fca9eef
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/396fca9eef.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://stitu.dc12.frantic.im/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 09 Nov 2023 21:34:41 GMT
via
1.1 0434556f8ccac61e8735f7c75767727c.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
age
44808
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CTIfPil%2F%2BVZVi3VEq4MXg8S9sBVzN3IZ55dCaeHWvGdVfnx22tNI8jZtBxutWKXLfzurpfwH8W9EV6nhph5Cwhh4%2FALYN2fYgJv%2F%2FlxoaaNXE8SeP%2BEryOcrwwC0t%2Fu0y70G8rgCHOo3o0Hk3pb6fCsN3g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
82392e67cc904d55-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
Y_4NQig6VcWuPBJdTopoFdkfA0orQXFYFXzZUg4rhgI1xGQuBRnnlw==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=396fca9eef
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/396fca9eef.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://stitu.dc12.frantic.im/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 09 Nov 2023 21:34:41 GMT
via
1.1 0434556f8ccac61e8735f7c75767727c.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
age
46359
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cu7ERZiGXaGnck7zIZmcF%2Fo5djPPD6L%2FGXsUAxhG0vrqC54HhQK1fPDIIE51g7J5s6%2Fs%2FJyzot95f3qA%2FXOYuRstVfo35n8Rq8sdJgnxWeYIEr5FOBWhRQ5oyN%2B0y8L63djTStkM4VaVYargGIL5o%2B8uDg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
82392e67cc8e4d55-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
JhcZ5Qs3ZlYwPMnB_rcY8n6890Mn2WPlHrFmV5cWTlgghUbVmM-Upg==
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto%3Awght%40400%3B500%3B700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://stitu.dc12.frantic.im
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 03 Nov 2023 18:05:04 GMT
x-content-type-options
nosniff
age
530977
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11040
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Nov 2024 18:05:04 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto%3Awght%40400%3B500%3B700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://stitu.dc12.frantic.im
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 08 Nov 2023 21:04:21 GMT
x-content-type-options
nosniff
age
88220
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11028
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Nov 2024 21:04:21 GMT
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: stitu.dc12.frantic.im
URL: http://stitu.dc12.frantic.im/w/fr/161/www-nupay-login-co-za/pages
Protocol
HTTP/1.1
Server
2606:4700:10::6814:81f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://stitu.dc12.frantic.im/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Thu, 09 Nov 2023 21:34:41 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Thu, 16 Apr 2020 10:44:16 GMT
Server
cloudflare
Age
21495
ETag
"-375139978"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=28800
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
82392e67eef2198f-FRA
Content-Length
4547
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto%3Awght%40400%3B500%3B700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://stitu.dc12.frantic.im
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 09 Nov 2023 07:04:19 GMT
x-content-type-options
nosniff
age
52222
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11072
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 07:04:19 GMT
/
8jw0.com/rtb/r/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://8jw0.com/rtb/r/?token=57e9e32ed34c9fa5fc606a0601f0bb237a26a971&q=Download%20Mp3%20Www%20Nupay%20Login%20Co%20Za%20or%20Listen%20Free%20%5B5.84%20MB%5D%20~%20MP3%20Music%20Download&cb=cb57e9e32ed34c9fa5fc606a0601f0bb237a26a971&ref=http%3A%2F%2Fstitu.dc12.frantic.im%2Fw%2Ffr%2F161%2Fwww-nupay-login-co-za%2Fpages&fp=&_uniq=7808602660977411&version=20210311132811&instance=main_EZcsShq4JgrMi9LkjQDehKYgKFe
Requested by
Host: mediapalmtree.com
URL: http://mediapalmtree.com/pu-script.js?t=1684417658
Protocol
HTTP/1.1
Server
146.59.152.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3183043.ip-146-59-152.eu
Software
nginx/1.18.0 /
Resource Hash
34698671ef5106fd921592d02a1863d4927599dec91d86483db7ab5cf0ac4acb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://stitu.dc12.frantic.im/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Thu, 09 Nov 2023 21:34:42 GMT
Server
nginx/1.18.0
Connection
keep-alive
Accept-Ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
Content-Length
1404
Content-Type
application/javascript; charset=utf-8
/
8jw0.com/rtb/r/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://8jw0.com/rtb/r/?token=57e9e32ed34c9fa5fc606a0601f0bb237a26a971&q=Download%20Mp3%20Www%20Nupay%20Login%20Co%20Za%20or%20Listen%20Free%20%5B5.84%20MB%5D%20~%20MP3%20Music%20Download&cb=cb57e9e32ed34c9fa5fc606a0601f0bb237a26a971&ref=http%3A%2F%2Fstitu.dc12.frantic.im%2Fw%2Ffr%2F161%2Fwww-nupay-login-co-za%2Fpages&fp=&_uniq=48229798748204944&version=20210311132811&instance=main_EZcsShq4JgrMi9LkjQDehKYgKFe
Requested by
Host: mediapalmtree.com
URL: http://mediapalmtree.com/pu-script.js?t=1684417658
Protocol
HTTP/1.1
Server
146.59.152.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3183043.ip-146-59-152.eu
Software
nginx/1.18.0 /
Resource Hash
e9f72d07933909e9ac69033f9fac7cfb9dbc716a63e3270915e5db0d2747339d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://stitu.dc12.frantic.im/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Thu, 09 Nov 2023 21:34:42 GMT
Server
nginx/1.18.0
Connection
keep-alive
Accept-Ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Mobile, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
Content-Length
1404
Content-Type
application/javascript; charset=utf-8
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by
Host: stitu.dc12.frantic.im
URL: http://stitu.dc12.frantic.im/w/fr/161/www-nupay-login-co-za/pages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

Referer
http://stitu.dc12.frantic.im/
Origin
http://stitu.dc12.frantic.im
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 09 Nov 2023 21:34:41 GMT
via
1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
age
55354
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
78168
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"a9fd1225fb2cd32320e2b931dca01089"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LEKnTelSC2YBaFKr69oWccxIZOfOYA%2F9pcZSLJZVf2OqsM2XTxfVhoRYTrDiHaOEZvk2%2FBUqukTZOhF4oSY5bLOks%2F0BOqBJ52Xkx3oLHpe7ZvClQDP2DPI3g6fPh5P%2Bj8Xe4nTa7eLgk06cUeVuiQgVyA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
82392e681cd04d55-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
YxrUc3L9IqPCni7ff5IgBwEMq1cOJXuXSOCK4AcasbDojr8IPTURrg==
free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
Requested by
Host: stitu.dc12.frantic.im
URL: http://stitu.dc12.frantic.im/w/fr/161/www-nupay-login-co-za/pages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813

Request headers

Referer
http://stitu.dc12.frantic.im/
Origin
http://stitu.dc12.frantic.im
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 09 Nov 2023 21:34:41 GMT
via
1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
age
55342
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
76736
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"4f5ec865a8274ab291b6a42b5f70639e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4krM3WQy%2BeKP7ayNyhweAZmpT10LhjRu4BqkBB6%2Fs8%2FXYVjKjZS0csflODZcZyrCRe8EMpaOGn1fV%2FxPgCpgeZdGfkqNvXnvqfgPCAeC9E8OOMdkt%2FAYx7d8%2Fn6ySDlDEpoQBTOJlYfoUJcAFYvA82uO3g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
82392e681cd14d55-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
f_nu5-fiNCbS0LvW6ojKTQnh9CfAat-mxCDiLlOJKU0vEVObVk7JRA==
0.php
s4.histats.com/stats/ 		50 B
184 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4312664&@f16&@g1&@h1&@i1&@j1699565681944&@k0&@l1&@mDownload%20Mp3%20Www%20Nupay%20Login%20Co%20Za%20or%20Listen%20Free%20%5B5.84%20MB%5D%20~%20MP3%20Music%20Download&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:139889002&@b3:1699565682&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttp%3A%2F%2Fstitu.dc12.frantic.im%2Fw%2Ffr%2F161%2Fwww-nupay-login-co-za%2Fpages&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns561935.ip-54-39-128.net
Software
/
Resource Hash
3a9451c0425859c969531923a3f9a4cbe6ff7629d0591a71af60a7ede4b9bf20

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://stitu.dc12.frantic.im/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Thu, 09 Nov 2023 21:34:33 GMT
Connection
close
Content-Length
50
Content-Type
text/html;charset=UTF-8

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| FontAwesomeKitConfig function| $ function| jQuery object| __bdExecutedScripts object| _Hasync function| scrolling function| lazy_images function| element_in_viewport object| jQuery111001232207394283702 string| __bd_query string| __bd_keyword function| cb57e9e32ed34c9fa5fc606a0601f0bb237a26a971 function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues

9 Cookies

Domain/Path Name / Value
stitu.dc12.frantic.im/ Name: PHPSESSID
Value: k1i93ae7b4haapaqeequ6559lm
stitu.dc12.frantic.im/ Name: HstCfa4312664
Value: 1699565681944
stitu.dc12.frantic.im/ Name: HstCla4312664
Value: 1699565681944
stitu.dc12.frantic.im/ Name: HstCmu4312664
Value: 1699565681944
stitu.dc12.frantic.im/ Name: HstPn4312664
Value: 1
stitu.dc12.frantic.im/ Name: HstPt4312664
Value: 1
stitu.dc12.frantic.im/ Name: HstCnv4312664
Value: 1
stitu.dc12.frantic.im/ Name: HstCns4312664
Value: 1
.frantic.im/ Name: puFp-20210311132811
Value: 5a9e3176fa2ce7637ed438e2da9d7cd7bb815e1d

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8jw0.com
ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
i0.wp.com
ka-f.fontawesome.com
kit.fontawesome.com
mediapalmtree.com
s10.histats.com
s4.histats.com
stitu.dc12.frantic.im
ytimg.googleusercontent.com
139.59.138.103
146.59.152.98
192.0.77.2
2606:4700:10::6814:81f
2606:4700:4400::6812:2844
2606:4700:e2::ac40:8209
2a00:1450:4001:80b::200a
2a00:1450:4001:811::2001
2a00:1450:4001:827::200a
2a00:1450:4001:82f::2003
2a06:98c1:3120::3
54.39.128.117
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
1a7265a8681e44e96606d37b57f0267e8dd99b364a594769c02f0fb207c23354
21e2412c8d6d61adb0ca017a7bd650d536098e197b5ee4868a7bffda3aecf24c
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
32135fa3838de1b7c63899022965391f2f421cdca0688091ab4f7ff7e3c4e1e8
34698671ef5106fd921592d02a1863d4927599dec91d86483db7ab5cf0ac4acb
3a9451c0425859c969531923a3f9a4cbe6ff7629d0591a71af60a7ede4b9bf20
3bfe46d10912b233d76077235e2bace8bc93100a478df65ee65ee4485cee8f10
4a92178831e5d0a95a4d37776f2c99984f36a1ae5ca30bb8a67426e87184638b
55aff36024ed60e0bf4a31d2c2dd19ba3eb0e0d9d7538f234521c33109e43a58
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7c66863077b8cb73ca889e64cde9f3b0dabe0652b371b39a3ce9d028f5020b34
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
818771374404570e98d90531c3670621d29cf876646271831529ba8b1cb6eccb
8f4d2af9f7826e9e98a039d34dafe75e69c53622b92efc5a2f05cf8e6a3593a6
b0df68cbb5e749bc19e99a9e3eb91382be243871ecbe8357aa35ddb50fdf953a
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
ba24386e4e34d59186ed6007ef930b656c2a2b698894d7c0a1efa63df348fc52
ba663bd9da0b8b3b4cddbd54b70c31e11dc67b85e08f22e3acb25c6324e72f16
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
cf23c4d1ab37476578ad8f9caaed779f696d40bc3bc478b5470876ba270e4cfa
d5b630207d82b234cda62f0694210e315a36f551b21dd7d4fc2e079c8cf2b9bd
e51c532d629e0c4927277d0d5751a4cd9f937fe98e106c5aa8201e113c653f66
e9f72d07933909e9ac69033f9fac7cfb9dbc716a63e3270915e5db0d2747339d
f08df3e46b522d4b11674caebbeff764bdd659ff27d2c6509c83acef4d9ea17a
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda