Submitted URL: http://goraps.vip/fullpage.php?section=hide&pub=592353&ga=g&l=id&v=fX6478dRoAE&a=clickbn
Effective URL: http://shktxcz.com/card.php
Submission: On October 15 via manual from RO

Summary

This website contacted 12 IPs in 4 countries across 13 domains to perform 38 HTTP transactions. The main IP is 2606:4700:3036::681c:4e0, located in United States and belongs to CLOUDFLARENET, US. The main domain is shktxcz.com.
This is the only time shktxcz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
15 shktxcz.com goraps.vip
shktxcz.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 pagead2.googlesyndication.com shktxcz.com
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdn.jsdelivr.net shktxcz.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 www.youtube.com shktxcz.com
1 cdnjs.cloudflare.com shktxcz.com
1 i.ytimg.com shktxcz.com
1 www.googletagmanager.com shktxcz.com
1 goraps.vip
38 14

This site contains no links.

Subject Issuer Validity Valid
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-10-05 -
2021-04-17
6 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh
edgestatic.com
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh
cdnjs.cloudflare.com
DigiCert ECC Secure Server CA
2020-08-12 -
2022-08-17
2 years crt.sh
*.google.com
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh
*.google.de
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh

This page contains 8 frames:

Primary Page: http://shktxcz.com/card.php
Frame ID: 24AF3CE5042ADDDA5D62C1D9F6B3C025
Requests: 31 HTTP requests in this frame

Frame: https://www.youtube.com/embed/%7Bvid%7D/?rel=0&showinfo=0
Frame ID: B4C546E6267ACFD54F28D38CFD36C943
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-%7Bclient%7D&output=html&h=280&slotname=%7Bslot1%7D&adk=4103810136&adf=3601866025&pi=t.ma~as.%7Bslot1%7D&w=1200&fwrn=4&fwrnh=100&lmt=1602794431&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=http%3A%2F%2Fshktxcz.com%2Fcard.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602794431569&bpp=6&bdt=667&idt=73&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=120291995220&frm=20&pv=2&ga_vid=119267535.1602794432&ga_sid=1602794432&ga_hid=1987094071&ga_fc=0&iag=0&icsg=2603&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=28&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C21067555&oid=3&pvsid=2907272727256329&pem=686&ref=http%3A%2F%2Fgoraps.vip%2Ffullpage.php%3Fsection%3Dhide%26pub%3D592353%26ga%3Dg%26l%3Did%26v%3DfX6478dRoAE%26a%3Dclickbn&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=FOl68MbXEg&p=http%3A//shktxcz.com&dtd=93
Frame ID: 0BDDB6983EFA0810FA330E201BC356F1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-%7Bclient%7D&output=html&h=250&slotname=%7Bslot2%7D&adk=4171819723&adf=1578542503&pi=t.ma~as.%7Bslot2%7D&w=300&lmt=1602794431&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fshktxcz.com%2Fcard.php&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602794431575&bpp=1&bdt=673&idt=96&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=120291995220&frm=20&pv=1&ga_vid=119267535.1602794432&ga_sid=1602794432&ga_hid=1987094071&ga_fc=0&iag=0&icsg=35371&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=308&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C21067555&oid=3&pvsid=2907272727256329&pem=686&ref=http%3A%2F%2Fgoraps.vip%2Ffullpage.php%3Fsection%3Dhide%26pub%3D592353%26ga%3Dg%26l%3Did%26v%3DfX6478dRoAE%26a%3Dclickbn&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jaWXNIF0Jl&p=http%3A//shktxcz.com&dtd=101
Frame ID: 35998606848F3C98DF23DC00F9C9C0A9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-%7Bclient%7D&output=html&h=280&slotname=%7Bslot3%7D&adk=3893789337&adf=3009760884&pi=t.ma~as.%7Bslot3%7D&w=1200&fwrn=4&fwrnh=100&lmt=1602794431&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=http%3A%2F%2Fshktxcz.com%2Fcard.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602794431576&bpp=1&bdt=673&idt=103&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C300x250&correlator=120291995220&frm=20&pv=1&ga_vid=119267535.1602794432&ga_sid=1602794432&ga_hid=1987094071&ga_fc=0&iag=0&icsg=35371&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=1668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C21067555&oid=3&pvsid=2907272727256329&pem=686&ref=http%3A%2F%2Fgoraps.vip%2Ffullpage.php%3Fsection%3Dhide%26pub%3D592353%26ga%3Dg%26l%3Did%26v%3DfX6478dRoAE%26a%3Dclickbn&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Iy6yko920q&p=http%3A//shktxcz.com&dtd=107
Frame ID: C3FEFEBB8BCA7AC2C4D047E7052A632D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-%7Bclient%7D&output=html&h=280&slotname=%7Bslot5%7D&adk=3102648319&adf=1098747289&pi=t.ma~as.%7Bslot5%7D&w=1200&fwrn=4&fwrnh=100&lmt=1602794431&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=http%3A%2F%2Fshktxcz.com%2Fcard.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602794431577&bpp=1&bdt=675&idt=108&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C300x250%2C1200x280&correlator=120291995220&frm=20&pv=1&ga_vid=119267535.1602794432&ga_sid=1602794432&ga_hid=1987094071&ga_fc=0&iag=0&icsg=35371&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=2187&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C21067555&oid=3&pvsid=2907272727256329&pem=686&ref=http%3A%2F%2Fgoraps.vip%2Ffullpage.php%3Fsection%3Dhide%26pub%3D592353%26ga%3Dg%26l%3Did%26v%3DfX6478dRoAE%26a%3Dclickbn&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=VKLwjACCG0&p=http%3A//shktxcz.com&dtd=111
Frame ID: B8B67F4442F249A872DCD6897857EF2C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-%7Bclient%7D&output=html&adk=2020088507&adf=637443794&lmt=1602794432&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fshktxcz.com%2Fcard.php&ea=0&flash=0&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602794432124&bpp=2&bdt=1222&idt=2&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C300x250%2C1200x280%2C1200x280&nras=1&correlator=120291995220&frm=20&pv=1&ga_vid=119267535.1602794432&ga_sid=1602794432&ga_hid=1987094071&ga_fc=0&iag=0&icsg=9055219&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C21067555&oid=3&pvsid=2907272727256329&pem=686&ref=http%3A%2F%2Fgoraps.vip%2Ffullpage.php%3Fsection%3Dhide%26pub%3D592353%26ga%3Dg%26l%3Did%26v%3DfX6478dRoAE%26a%3Dclickbn&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&dtd=7
Frame ID: BE3730AAA75D68C007784D92281509B3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 5870B5D45A21D1ACF88457EF100D56B2
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://goraps.vip/fullpage.php?section=hide&pub=592353&ga=g&l=id&v=fX6478dRoAE&a=clickbn Page URL
  2. http://shktxcz.com/card.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

38
Requests

58 %
HTTPS

92 %
IPv6

13
Domains

14
Subdomains

12
IPs

4
Countries

274 kB
Transfer

665 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://goraps.vip/fullpage.php?section=hide&pub=592353&ga=g&l=id&v=fX6478dRoAE&a=clickbn Page URL
  2. http://shktxcz.com/card.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
fullpage.php
goraps.vip/
85 B
319 B
Document
General
Full URL
http://goraps.vip/fullpage.php?section=hide&pub=592353&ga=g&l=id&v=fX6478dRoAE&a=clickbn
Protocol
HTTP/1.1
Server
34.101.121.237 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
237.121.101.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3e228f5fb6608838d0fc61b797006b2587faaf2a6b4bc1fec0966e24dfdb553c

Request headers

Host
goraps.vip
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Thu, 15 Oct 2020 20:40:30 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip
Primary Request Cookie set card.php
shktxcz.com/
28 KB
8 KB
Document
General
Full URL
http://shktxcz.com/card.php
Requested by
Host: goraps.vip
URL: http://goraps.vip/fullpage.php?section=hide&pub=592353&ga=g&l=id&v=fX6478dRoAE&a=clickbn
Protocol
HTTP/1.1
Server
2606:4700:3036::681c:4e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7afd2201eca73736f66694ece438637b181cd3a76ed27211ad1aec1d02285870

Request headers

Host
shktxcz.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://goraps.vip/fullpage.php?section=hide&pub=592353&ga=g&l=id&v=fX6478dRoAE&a=clickbn
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://goraps.vip/fullpage.php?section=hide&pub=592353&ga=g&l=id&v=fX6478dRoAE&a=clickbn

Response headers

Date
Thu, 15 Oct 2020 20:40:30 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d6a61cac659f0e6232fde0b6042abda681602794430; expires=Sat, 14-Nov-20 20:40:30 GMT; path=/; domain=.shktxcz.com; HttpOnly; SameSite=Lax
Vary
Accept-Encoding
CF-Cache-Status
DYNAMIC
cf-request-id
05cf97377900002bdd7a967000000001
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602794431"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
5e2c5b0589362bdd-FRA
Content-Encoding
gzip
bootstrap.css
shktxcz.com/%7Bdname%7Dcss/
0
0
Stylesheet
General
Full URL
http://shktxcz.com/%7Bdname%7Dcss/bootstrap.css
Requested by
Host: shktxcz.com
URL: http://shktxcz.com/card.php
Protocol
HTTP/1.1
Server
2606:4700:3036::681c:4e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://shktxcz.com/card.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 15 Oct 2020 20:40:31 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602794431"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5e2c5b093b032bdd-FRA
cf-request-id
05cf9739c200002bdd7c3b8000000001
agency11.css
shktxcz.com/%7Bdname%7Dcss/
0
0
Stylesheet
General
Full URL
http://shktxcz.com/%7Bdname%7Dcss/agency11.css?v23
Requested by
Host: shktxcz.com
URL: http://shktxcz.com/card.php
Protocol
HTTP/1.1
Server
2606:4700:3036::681c:4e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://shktxcz.com/card.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 15 Oct 2020 20:40:31 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602794431"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5e2c5b0939f32c4a-FRA
cf-request-id
05cf9739c900002c4a9d32a000000001
select2.min.css
shktxcz.com/%7Bdname%7Dcss/
0
0
Stylesheet
General
Full URL
http://shktxcz.com/%7Bdname%7Dcss/select2.min.css
Requested by
Host: shktxcz.com
URL: http://shktxcz.com/card.php
Protocol
HTTP/1.1
Server
2606:4700:3036::681c:4e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://shktxcz.com/card.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 15 Oct 2020 20:40:31 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602794431"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5e2c5b093b621f55-FRA
cf-request-id
05cf9739c700001f5538971000000001
font-awesome.min.css
shktxcz.com/%7Bdname%7Dcss/
0
0
Stylesheet
General
Full URL
http://shktxcz.com/%7Bdname%7Dcss/font-awesome.min.css
Requested by
Host: shktxcz.com
URL: http://shktxcz.com/card.php
Protocol
HTTP/1.1
Server
2606:4700:3036::681c:4e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://shktxcz.com/card.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 15 Oct 2020 20:40:31 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602794431"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5e2c5b093bdd2c32-FRA
cf-request-id
05cf9739c800002c323cb3d000000001
jssocials.css
cdn.jsdelivr.net/jquery.jssocials/1.4.0/
1 KB
714 B
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/jquery.jssocials/1.4.0/jssocials.css
Requested by
Host: shktxcz.com
URL: http://shktxcz.com/card.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8b0883d8e254cd86fc46665e6c17048e92904284fba02bdb94536267bf264f83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://shktxcz.com/card.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
6759526
x-cache
HIT, HIT
status
200
content-length
384
etag
W/"51b-yj9O6q8jhNkh2l6UUvEAM75M8Tk"
x-served-by
cache-fra19173-FRA, cache-hhn4067-HHN
date
Thu, 15 Oct 2020 20:40:30 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jssocials-theme-flat.css
cdn.jsdelivr.net/jquery.jssocials/1.4.0/
4 KB
890 B
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/jquery.jssocials/1.4.0/jssocials-theme-flat.css
Requested by
Host: shktxcz.com
URL: http://shktxcz.com/card.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f107e430b0d18d6345b495ae32fbc4bd52337624f6f0b33e155fe88b8dd5c9ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://shktxcz.com/card.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
4896304
x-cache
HIT, HIT
status
200
cross-origin-resource-policy
cross-origin
content-length
752
etag
W/"ea1-ctp+1BVGLJNw5mnQ7wNve8GsY7o"
x-served-by
cache-fra19122-FRA, cache-hhn4067-HHN
date
Thu, 15 Oct 2020 20:40:30 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
131 KB
45 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: shktxcz.com
URL: http://shktxcz.com/card.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
10c0a5f290ccaa46aff0fb7061c865a96b5879fcc3a0f112b4d292b62f59348b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://shktxcz.com/card.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 20:40:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
45748
x-xss-protection
0
server
cafe
etag
3045074480856053689
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 15 Oct 2020 20:40:31 GMT
js
www.googletagmanager.com/gtag/
92 KB
36 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-174943768-5
Requested by
Host: shktxcz.com
URL: http://shktxcz.com/card.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7a87377af9198254a131d1430e2ad74c90f576bda0e6311667a571c60eacb75a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://shktxcz.com/card.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 20:40:31 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37253
x-xss-protection
0
last-modified
Thu, 15 Oct 2020 19:20:53 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Oct 2020 20:40:31 GMT
logo.png
shktxcz.com/%7Bdname%7Dimg/
548 B
548 B
Image
General
Full URL
http://shktxcz.com/%7Bdname%7Dimg/logo.png?v1
Requested by
Host: shktxcz.com
URL: http://shktxcz.com/card.php
Protocol
HTTP/1.1
Server
2606:4700:3036::681c:4e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer
http://shktxcz.com/card.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 15 Oct 2020 20:40:32 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602794432"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5e2c5b0cea37dfbf-FRA
cf-request-id
05cf973c130000dfbf3b874000000001
mqdefault.jpg
i.ytimg.com/vi/mZQEcYEEs-U/
19 KB
19 KB
Image
General
Full URL
https://i.ytimg.com/vi/mZQEcYEEs-U/mqdefault.jpg
Requested by
Host: shktxcz.com
URL: http://shktxcz.com/card.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6cee41fb9ce4ec1d47964380d0d272f01a70d80c9ae15df705a49f5521dd185
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://shktxcz.com/card.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 19:40:46 GMT
x-content-type-options
nosniff
server
sffe
age
3585
etag
"1587094018"
content-type
image/jpeg
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18985
x-xss-protection
0
expires
Thu, 15 Oct 2020 21:40:46 GMT
subscription.jpg
shktxcz.com/img/
11 KB
12 KB
Image
General
Full URL
http://shktxcz.com/img/subscription.jpg
Requested by
Host: shktxcz.com
URL: http://shktxcz.com/card.php
Protocol
HTTP/1.1
Server
2606:4700:3036::681c:4e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2673eb302b2e74c7539b74cf923bcd8b4ec3cf761d615a1cb57a12389b7089d1

Request headers

Referer
http://shktxcz.com/card.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 15 Oct 2020 20:40:31 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
168916
Connection
keep-alive
Content-Length
11469
cf-request-id
05cf973c140000d705d5131000000001
Last-Modified
Sat, 12 Sep 2020 12:31:14 GMT
Server
cloudflare
ETag
"5f5cbf92-2ccd"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602794432"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Accept-Ranges
bytes
CF-RAY
5e2c5b0ced40d705-FRA
Expires
Thu, 12 Nov 2020 21:45:15 GMT
footer-logo.png
shktxcz.com/%7Bdname%7Dimg/
548 B
548 B
Image
General
Full URL
http://shktxcz.com/%7Bdname%7Dimg/footer-logo.png?v1
Requested by
Host: shktxcz.com
URL: http://shktxcz.com/card.php
Protocol
HTTP/1.1
Server
2606:4700:3036::681c:4e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer
http://shktxcz.com/card.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 15 Oct 2020 20:40:32 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602794432"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5e2c5b0d1d87d705-FRA
cf-request-id
05cf973c2b0000d7057b09e000000001
jquery.js
shktxcz.com/%7Bdname%7Djs/
0
0
Script
General
Full URL
http://shktxcz.com/%7Bdname%7Djs/jquery.js
Requested by
Host: shktxcz.com
URL: http://shktxcz.com/card.php
Protocol
HTTP/1.1
Server
2606:4700:3036::681c:4e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://shktxcz.com/card.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 15 Oct 2020 20:40:32 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602794432"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5e2c5b0cdad22c4a-FRA
cf-request-id
05cf973c0500002c4adc95c000000001
bootstrap.js
shktxcz.com/%7Bdname%7Djs/
0
0
Script
General
Full URL
http://shktxcz.com/%7Bdname%7Djs/bootstrap.js
Requested by
Host: shktxcz.com
URL: http://shktxcz.com/card.php
Protocol
HTTP/1.1
Server
2606:4700:3036::681c:4e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://shktxcz.com/card.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 15 Oct 2020 20:40:32 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602794432"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5e2c5b0cdd3d2c32-FRA
cf-request-id
05cf973c0b00002c324229b000000001
select2.min.js
shktxcz.com/%7Bdname%7Djs/
0
0
Script
General
Full URL
http://shktxcz.com/%7Bdname%7Djs/select2.min.js
Requested by
Host: shktxcz.com
URL: http://shktxcz.com/card.php
Protocol
HTTP/1.1
Server
2606:4700:3036::681c:4e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://shktxcz.com/card.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 15 Oct 2020 20:40:32 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602794432"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5e2c5b0cea991f55-FRA
cf-request-id
05cf973c1200001f55260e1000000001
jquery.easing.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/
5 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/jquery.easing.min.js
Requested by
Host: shktxcz.com
URL: http://shktxcz.com/card.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac3f3a757bfbfc9d92bc8f5e6e6362e5d4ae41dbf3cebacdda9b8f71afc82e5b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://shktxcz.com/card.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 20:40:31 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
82697
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1507
cf-request-id
05cf973c210000dff33f822000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:45 GMT
server
cloudflare
etag
"5eb03ec1-15b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602794432"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5e2c5b0d0b69dff3-FRA
expires
Tue, 05 Oct 2021 20:40:31 GMT
agency.js
shktxcz.com/%7Bdname%7Djs/
0
0
Script
General
Full URL
http://shktxcz.com/%7Bdname%7Djs/agency.js
Requested by
Host: shktxcz.com
URL: http://shktxcz.com/card.php
Protocol
HTTP/1.1
Server
2606:4700:3036::681c:4e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://shktxcz.com/card.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 15 Oct 2020 20:40:32 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602794432"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5e2c5b0cec7e2bdd-FRA
cf-request-id
05cf973c0e00002bdd6e8fd000000001
/
www.youtube.com/embed/%7Bvid%7D/ Frame B4C5
0
0
Document
General
Full URL
https://www.youtube.com/embed/%7Bvid%7D/?rel=0&showinfo=0
Requested by
Host: shktxcz.com
URL: http://shktxcz.com/card.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/%7Bvid%7D/?rel=0&showinfo=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://shktxcz.com/card.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://shktxcz.com/card.php

Response headers

status
200
content-encoding
br
x-content-type-options
nosniff
expires
Tue, 27 Apr 1971 19:44:06 GMT
content-length
8381
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
strict-transport-security
max-age=31536000
cache-control
no-cache
content-type
text/html; charset=utf-8
date
Thu, 15 Oct 2020 20:40:31 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=6hxE7Iek5H4; path=/; domain=.youtube.com; secure; expires=Tue, 13-Apr-2021 20:40:31 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=6hxE7Iek5H4; path=/; domain=.youtube.com; secure; expires=Tue, 13-Apr-2021 20:40:31 GMT; httponly; samesite=None YSC=g6BW0I4Rw9E; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Thu, 15-Oct-2020 21:10:31 GMT
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/
230 KB
87 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9387b372acec4b3b43903e7597b064818972267299879c050f584f625b122cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://shktxcz.com/card.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 20:40:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
88670
x-xss-protection
0
server
cafe
etag
13373283986949850894
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Oct 2020 20:40:31 GMT
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-174943768-5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://shktxcz.com/card.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
3066
date
Thu, 15 Oct 2020 19:49:25 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Thu, 15 Oct 2020 21:49:25 GMT
collect
www.google-analytics.com/j/
1 B
64 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1987094071&t=pageview&_s=1&dl=http%3A%2F%2Fshktxcz.com%2Fcard.php&dr=http%3A%2F%2Fgoraps.vip%2Ffullpage.php%3Fsection%3Dhide%26pub%3D592353%26ga%3Dg%26l%3Did%26v%3DfX6478dRoAE%26a%3Dclickbn&ul=en-us&de=UTF-8&dt=%7Btitle%7D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=904923214&gjid=149488023&cid=119267535.1602794432&tid=UA-174943768-5&_gid=1788909597.1602794432&_r=1&gtm=2ou9u1&z=318503156
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://shktxcz.com/card.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Oct 2020 20:40:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
http://shktxcz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
109 B
890 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=shktxcz.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://shktxcz.com/card.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Oct 2020 20:40:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
890 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=shktxcz.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://shktxcz.com/card.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Oct 2020 20:40:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0BDD
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-%7Bclient%7D&output=html&h=280&slotname=%7Bslot1%7D&adk=4103810136&adf=3601866025&pi=t.ma~as.%7Bslot1%7D&w=1200&fwrn=4&fwrnh=100&lmt=1602794431&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=http%3A%2F%2Fshktxcz.com%2Fcard.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602794431569&bpp=6&bdt=667&idt=73&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=120291995220&frm=20&pv=2&ga_vid=119267535.1602794432&ga_sid=1602794432&ga_hid=1987094071&ga_fc=0&iag=0&icsg=2603&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=28&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C21067555&oid=3&pvsid=2907272727256329&pem=686&ref=http%3A%2F%2Fgoraps.vip%2Ffullpage.php%3Fsection%3Dhide%26pub%3D592353%26ga%3Dg%26l%3Did%26v%3DfX6478dRoAE%26a%3Dclickbn&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=FOl68MbXEg&p=http%3A//shktxcz.com&dtd=93
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-%7Bclient%7D&output=html&h=280&slotname=%7Bslot1%7D&adk=4103810136&adf=3601866025&pi=t.ma~as.%7Bslot1%7D&w=1200&fwrn=4&fwrnh=100&lmt=1602794431&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=http%3A%2F%2Fshktxcz.com%2Fcard.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602794431569&bpp=6&bdt=667&idt=73&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=120291995220&frm=20&pv=2&ga_vid=119267535.1602794432&ga_sid=1602794432&ga_hid=1987094071&ga_fc=0&iag=0&icsg=2603&dssz=13&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=28&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C21067555&oid=3&pvsid=2907272727256329&pem=686&ref=http%3A%2F%2Fgoraps.vip%2Ffullpage.php%3Fsection%3Dhide%26pub%3D592353%26ga%3Dg%26l%3Did%26v%3DfX6478dRoAE%26a%3Dclickbn&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=FOl68MbXEg&p=http%3A//shktxcz.com&dtd=93
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://shktxcz.com/card.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://shktxcz.com/card.php

Response headers

status
400
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 15 Oct 2020 20:40:31 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 15-Oct-2020 20:55:31 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/
72 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
836fc07bb6d6aee6e3629fa16163878359c1136b854fd3891193e44e9dbd6f56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://shktxcz.com/card.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 20:40:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1602674900477171"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27594
x-xss-protection
0
expires
Thu, 15 Oct 2020 20:40:31 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 3599
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-%7Bclient%7D&output=html&h=250&slotname=%7Bslot2%7D&adk=4171819723&adf=1578542503&pi=t.ma~as.%7Bslot2%7D&w=300&lmt=1602794431&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fshktxcz.com%2Fcard.php&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602794431575&bpp=1&bdt=673&idt=96&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=120291995220&frm=20&pv=1&ga_vid=119267535.1602794432&ga_sid=1602794432&ga_hid=1987094071&ga_fc=0&iag=0&icsg=35371&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=308&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C21067555&oid=3&pvsid=2907272727256329&pem=686&ref=http%3A%2F%2Fgoraps.vip%2Ffullpage.php%3Fsection%3Dhide%26pub%3D592353%26ga%3Dg%26l%3Did%26v%3DfX6478dRoAE%26a%3Dclickbn&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jaWXNIF0Jl&p=http%3A//shktxcz.com&dtd=101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-%7Bclient%7D&output=html&h=250&slotname=%7Bslot2%7D&adk=4171819723&adf=1578542503&pi=t.ma~as.%7Bslot2%7D&w=300&lmt=1602794431&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=http%3A%2F%2Fshktxcz.com%2Fcard.php&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602794431575&bpp=1&bdt=673&idt=96&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=120291995220&frm=20&pv=1&ga_vid=119267535.1602794432&ga_sid=1602794432&ga_hid=1987094071&ga_fc=0&iag=0&icsg=35371&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=308&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C21067555&oid=3&pvsid=2907272727256329&pem=686&ref=http%3A%2F%2Fgoraps.vip%2Ffullpage.php%3Fsection%3Dhide%26pub%3D592353%26ga%3Dg%26l%3Did%26v%3DfX6478dRoAE%26a%3Dclickbn&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jaWXNIF0Jl&p=http%3A//shktxcz.com&dtd=101
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://shktxcz.com/card.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://shktxcz.com/card.php

Response headers

status
400
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 15 Oct 2020 20:40:31 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 15-Oct-2020 20:55:31 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame C3FE
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-%7Bclient%7D&output=html&h=280&slotname=%7Bslot3%7D&adk=3893789337&adf=3009760884&pi=t.ma~as.%7Bslot3%7D&w=1200&fwrn=4&fwrnh=100&lmt=1602794431&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=http%3A%2F%2Fshktxcz.com%2Fcard.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602794431576&bpp=1&bdt=673&idt=103&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C300x250&correlator=120291995220&frm=20&pv=1&ga_vid=119267535.1602794432&ga_sid=1602794432&ga_hid=1987094071&ga_fc=0&iag=0&icsg=35371&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=1668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C21067555&oid=3&pvsid=2907272727256329&pem=686&ref=http%3A%2F%2Fgoraps.vip%2Ffullpage.php%3Fsection%3Dhide%26pub%3D592353%26ga%3Dg%26l%3Did%26v%3DfX6478dRoAE%26a%3Dclickbn&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Iy6yko920q&p=http%3A//shktxcz.com&dtd=107
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-%7Bclient%7D&output=html&h=280&slotname=%7Bslot3%7D&adk=3893789337&adf=3009760884&pi=t.ma~as.%7Bslot3%7D&w=1200&fwrn=4&fwrnh=100&lmt=1602794431&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=http%3A%2F%2Fshktxcz.com%2Fcard.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602794431576&bpp=1&bdt=673&idt=103&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C300x250&correlator=120291995220&frm=20&pv=1&ga_vid=119267535.1602794432&ga_sid=1602794432&ga_hid=1987094071&ga_fc=0&iag=0&icsg=35371&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=1668&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C21067555&oid=3&pvsid=2907272727256329&pem=686&ref=http%3A%2F%2Fgoraps.vip%2Ffullpage.php%3Fsection%3Dhide%26pub%3D592353%26ga%3Dg%26l%3Did%26v%3DfX6478dRoAE%26a%3Dclickbn&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Iy6yko920q&p=http%3A//shktxcz.com&dtd=107
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://shktxcz.com/card.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://shktxcz.com/card.php

Response headers

status
400
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 15 Oct 2020 20:40:31 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 15-Oct-2020 20:55:31 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame B8B6
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-%7Bclient%7D&output=html&h=280&slotname=%7Bslot5%7D&adk=3102648319&adf=1098747289&pi=t.ma~as.%7Bslot5%7D&w=1200&fwrn=4&fwrnh=100&lmt=1602794431&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=http%3A%2F%2Fshktxcz.com%2Fcard.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602794431577&bpp=1&bdt=675&idt=108&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C300x250%2C1200x280&correlator=120291995220&frm=20&pv=1&ga_vid=119267535.1602794432&ga_sid=1602794432&ga_hid=1987094071&ga_fc=0&iag=0&icsg=35371&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=2187&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C21067555&oid=3&pvsid=2907272727256329&pem=686&ref=http%3A%2F%2Fgoraps.vip%2Ffullpage.php%3Fsection%3Dhide%26pub%3D592353%26ga%3Dg%26l%3Did%26v%3DfX6478dRoAE%26a%3Dclickbn&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=VKLwjACCG0&p=http%3A//shktxcz.com&dtd=111
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-%7Bclient%7D&output=html&h=280&slotname=%7Bslot5%7D&adk=3102648319&adf=1098747289&pi=t.ma~as.%7Bslot5%7D&w=1200&fwrn=4&fwrnh=100&lmt=1602794431&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=http%3A%2F%2Fshktxcz.com%2Fcard.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602794431577&bpp=1&bdt=675&idt=108&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C300x250%2C1200x280&correlator=120291995220&frm=20&pv=1&ga_vid=119267535.1602794432&ga_sid=1602794432&ga_hid=1987094071&ga_fc=0&iag=0&icsg=35371&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=2187&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C21067555&oid=3&pvsid=2907272727256329&pem=686&ref=http%3A%2F%2Fgoraps.vip%2Ffullpage.php%3Fsection%3Dhide%26pub%3D592353%26ga%3Dg%26l%3Did%26v%3DfX6478dRoAE%26a%3Dclickbn&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=VKLwjACCG0&p=http%3A//shktxcz.com&dtd=111
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://shktxcz.com/card.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://shktxcz.com/card.php

Response headers

status
400
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 15 Oct 2020 20:40:31 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 15-Oct-2020 20:55:31 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
bootstrap.js
shktxcz.com/%7Bdname%7Djs/
0
0
Script
General
Full URL
http://shktxcz.com/%7Bdname%7Djs/bootstrap.js
Requested by
Host: shktxcz.com
URL: http://shktxcz.com/card.php
Protocol
HTTP/1.1
Server
2606:4700:3036::681c:4e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://shktxcz.com/card.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 15 Oct 2020 20:40:32 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
0
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602794432"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5e2c5b107dcf2bdd-FRA
cf-request-id
05cf973e4600002bddb6815000000001
select2.min.js
shktxcz.com/%7Bdname%7Djs/
0
0
Script
General
Full URL
http://shktxcz.com/%7Bdname%7Djs/select2.min.js
Requested by
Host: shktxcz.com
URL: http://shktxcz.com/card.php
Protocol
HTTP/1.1
Server
2606:4700:3036::681c:4e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://shktxcz.com/card.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 15 Oct 2020 20:40:32 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
0
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602794432"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5e2c5b108e262bdd-FRA
cf-request-id
05cf973e5500002bdda699b000000001
agency.js
shktxcz.com/%7Bdname%7Djs/
0
0
Script
General
Full URL
http://shktxcz.com/%7Bdname%7Djs/agency.js
Requested by
Host: shktxcz.com
URL: http://shktxcz.com/card.php
Protocol
HTTP/1.1
Server
2606:4700:3036::681c:4e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://shktxcz.com/card.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 15 Oct 2020 20:40:32 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
0
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602794432"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5e2c5b10ae7b2bdd-FRA
cf-request-id
05cf973e6800002bdd9bb5e000000001
ads
googleads.g.doubleclick.net/pagead/ Frame BE37
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-%7Bclient%7D&output=html&adk=2020088507&adf=637443794&lmt=1602794432&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fshktxcz.com%2Fcard.php&ea=0&flash=0&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602794432124&bpp=2&bdt=1222&idt=2&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C300x250%2C1200x280%2C1200x280&nras=1&correlator=120291995220&frm=20&pv=1&ga_vid=119267535.1602794432&ga_sid=1602794432&ga_hid=1987094071&ga_fc=0&iag=0&icsg=9055219&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C21067555&oid=3&pvsid=2907272727256329&pem=686&ref=http%3A%2F%2Fgoraps.vip%2Ffullpage.php%3Fsection%3Dhide%26pub%3D592353%26ga%3Dg%26l%3Did%26v%3DfX6478dRoAE%26a%3Dclickbn&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-%7Bclient%7D&output=html&adk=2020088507&adf=637443794&lmt=1602794432&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fshktxcz.com%2Fcard.php&ea=0&flash=0&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602794432124&bpp=2&bdt=1222&idt=2&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C300x250%2C1200x280%2C1200x280&nras=1&correlator=120291995220&frm=20&pv=1&ga_vid=119267535.1602794432&ga_sid=1602794432&ga_hid=1987094071&ga_fc=0&iag=0&icsg=9055219&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066432%2C21067555&oid=3&pvsid=2907272727256329&pem=686&ref=http%3A%2F%2Fgoraps.vip%2Ffullpage.php%3Fsection%3Dhide%26pub%3D592353%26ga%3Dg%26l%3Did%26v%3DfX6478dRoAE%26a%3Dclickbn&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&dtd=7
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://shktxcz.com/card.php
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnyyWJL14EX5Jy1EM4h2LA3g5SZHR5QJdYXtQXul4jfvp7Kuw8s_opOb5iY
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://shktxcz.com/card.php

Response headers

status
400
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 15 Oct 2020 20:40:32 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/
8 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201008&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
810c7eddc945bef4622107b84ec35da9e056725b6bb388479b8f77ef8c2179e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://shktxcz.com/card.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Oct 2020 20:40:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6374
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://shktxcz.com/card.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 20:40:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1601061966610483"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6293
x-xss-protection
0
expires
Thu, 15 Oct 2020 20:40:32 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 5870
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/217/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://shktxcz.com/card.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://shktxcz.com/card.php

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Thu, 15 Oct 2020 18:59:57 GMT
expires
Fri, 15 Oct 2021 18:59:57 GMT
last-modified
Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
6035
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/
0
49 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gda_r20201008&jk=2907272727256329&bg=!ICOlIwPNAAUZK2QAGViCeWnrO31RkwIAAABCUgAAAAsKAR_QB7WIP7DPEGEr5Z890PTGqJYo8hKI1-kMe7AUkCMXffrPrAAlfPXM4-QYNbHaa_2nVDbsblZPrduVtJwR4wEpH4fCBHxeuZrs57Bp3Gv4HMhY2uI5snLGdzqcZEWs-tYgc6msVCbDTRI7qnqY4sdC-KqJABTIFCWrwe6QyMzAnWKnvToh8xELgjR3kDGU_u-qfpqfk08P4N3Svhma0mHu-Q95DrYL7Rh81lFjTfNcGOLF2weXk9ReXBVoyRRX3zu_31yANWVB2--t4o-q9mgkA6lO9XGzJlqglde8K9tkYvun_L8Y0L8O0q2tvI2TEr_obyht3wVDJuoRD7blN16IQ2aRDOoNCMuDaCX5NvI0MkJqSI0ys6BbkKxuI2GTAZkBo7Ceaax2VYtuuTwJLXeX6snvP5uwZhbvjjVAsL-fDDjh_DpvWxAPiuOzKplnT0pGRqvB2F_I_ExbYkmbcypHkhbdibZ_kVYFYmExv1COQVChRXRYoTDxIG3VMEW6fXJMeXMtV5kSFFwivPjXtAZLfrPDJN33E_hZ0xfa0v6edLJg6NBIBR-OhGaP-NjX8zp_3PTdOkVbCHJKWOQaqdDUWds_kzs-k88g6tzLJ3Hl0oH7uywCzmrNrwwor8BGGnrhGsiYIEbKup0Sw1OuLMLrW7zfao1fZuglA05rot95r1Obr7iW1pdK4wazpsIJsy1BGzb7AoUkzRZf3Z7W6ndcgBEIqrEavwXQE5Q3pugCrDRuufF1MFkcfNR0fRDXi7Kjs84iFFv12Oop8eY72hZTTHpWcJxPFQ9TnniRWTt8QRnLwik5nHJvvDfJNK4W2DYAiKZBaijTEDSLBVO-T3donXUKPOiXom3UN5v1KHHQtevVfiCo4LWmh9dwWAUZnxWJQ0WTeZuCzKCgcPsvF_qq7Fx35ehpbWZfJd6ZKSbfBs3ndhXJ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://shktxcz.com/card.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Oct 2020 20:40:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| trustedTypes function| set_Cookie function| bonus_Cookie function| get_Cookie function| getQueryString function| gtag object| dataLayer object| adsbygoogle object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_redemption_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| addiv function| playVideo function| ad undefined| _box undefined| _interval function| gdb function| incrementValue1 function| incrementValue function| incrementValue_r function| tx function| btnshare function| sharebonus function| newuser function| watchbonus function| getRandom function| randomString function| showBonus function| closeBonus function| tips function| tipsoff function| numFormat function| record function| hh function| jp function| fh undefined| _hmt object| GoogleGcLKhOms object| google_image_requests

8 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUnyyWJL14EX5Jy1EM4h2LA3g5SZHR5QJdYXtQXul4jfvp7Kuw8s_opOb5iY
.youtube.com/ Name: YSC
Value: g6BW0I4Rw9E
shktxcz.com/ Name: shared
Value: 1
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 6hxE7Iek5H4
.shktxcz.com/ Name: __cfduid
Value: d6a61cac659f0e6232fde0b6042abda681602794430
.shktxcz.com/ Name: _gat_gtag_UA_174943768_5
Value: 1
.shktxcz.com/ Name: _gid
Value: GA1.2.1788909597.1602794432
.shktxcz.com/ Name: _ga
Value: GA1.2.119267535.1602794432

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.jsdelivr.net
cdnjs.cloudflare.com
googleads.g.doubleclick.net
goraps.vip
i.ytimg.com
pagead2.googlesyndication.com
shktxcz.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
2606:4700:3036::681c:4e0
2606:4700::6811:4e6b
2a00:1450:4001:801::2001
2a00:1450:4001:801::200e
2a00:1450:4001:806::2002
2a00:1450:4001:809::200e
2a00:1450:4001:81b::200e
2a00:1450:4001:81e::2002
2a00:1450:4001:821::2016
2a00:1450:4001:824::2008
2a04:4e42:1b::621
34.101.121.237
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
10c0a5f290ccaa46aff0fb7061c865a96b5879fcc3a0f112b4d292b62f59348b
2673eb302b2e74c7539b74cf923bcd8b4ec3cf761d615a1cb57a12389b7089d1
3e228f5fb6608838d0fc61b797006b2587faaf2a6b4bc1fec0966e24dfdb553c
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7a87377af9198254a131d1430e2ad74c90f576bda0e6311667a571c60eacb75a
7afd2201eca73736f66694ece438637b181cd3a76ed27211ad1aec1d02285870
810c7eddc945bef4622107b84ec35da9e056725b6bb388479b8f77ef8c2179e6
836fc07bb6d6aee6e3629fa16163878359c1136b854fd3891193e44e9dbd6f56
8b0883d8e254cd86fc46665e6c17048e92904284fba02bdb94536267bf264f83
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
ac3f3a757bfbfc9d92bc8f5e6e6362e5d4ae41dbf3cebacdda9b8f71afc82e5b
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d9387b372acec4b3b43903e7597b064818972267299879c050f584f625b122cc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f107e430b0d18d6345b495ae32fbc4bd52337624f6f0b33e155fe88b8dd5c9ba
f6cee41fb9ce4ec1d47964380d0d272f01a70d80c9ae15df705a49f5521dd185