tulisone.click Open in urlscan Pro
2606:4700:3037::6815:2ccb Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tulisone.click/
Submission: On October 18 via api (October 18th 2024, 2:23:25 am UTC) from IN — Scanned from DE

Summary HTTP 49 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 12 domains to perform 49 HTTP transactions. The main IP is 2606:4700:3037::6815:2ccb, located in United States and belongs to CLOUDFLARENET, US. The main domain is tulisone.click. The Cisco Umbrella rank of the primary domain is 748040.
TLS certificate: Issued by WE1 on August 28th 2024. Valid for: 3 months.

This is the only time tulisone.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2606:4700:303... 2606:4700:3037::6815:2ccb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 15	212.117.190.201 212.117.190.201	7979 (SERVERS-COM) (SERVERS-COM)
1	148.251.53.118 148.251.53.118	24940 (HETZNER-AS) (HETZNER-AS)
1 1	212.117.190.217 212.117.190.217	7979 (SERVERS-COM) (SERVERS-COM)
3	2606:4700:303... 2606:4700:3037::6815:233e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	139.45.197.244 139.45.197.244	9002 (RETN-AS) (RETN-AS)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	2606:4700:303... 2606:4700:3033::6815:bf5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	() ()
2	2a00:1450:400... 2a00:1450:4001:810::2003	() ()
49	12

14 2606:4700:3037::6815:2ccb (United States)

ASN13335 (CLOUDFLARENET, US)

tulisone.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 212.117.190.201 (Luxembourg, Luxembourg) 1 redirects

ASN7979 (SERVERS-COM, US)

t7cp4fldl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.53.118 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.118.53.251.148.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.117.190.217 (Luxembourg, Luxembourg) 1 redirects

ASN7979 (SERVERS-COM, US)

coosync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3037::6815:233e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.bncloudfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 139.45.197.244 (United Kingdom)

ASN9002 (RETN-AS, GB)

aistekso.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:bf5 (United States)

ASN13335 (CLOUDFLARENET, US)

tzegilo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)

fleraprt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

onmanectrictor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (None, )

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	t7cp4fldl.com 1 redirects t7cp4fldl.com — Cisco Umbrella Rank: 168971	118 KB
14	tulisone.click tulisone.click — Cisco Umbrella Rank: 748040	107 KB
7	aistekso.net aistekso.net — Cisco Umbrella Rank: 283229	40 KB
3	bncloudfl.com cdn.bncloudfl.com — Cisco Umbrella Rank: 20683	109 KB
2	gstatic.com fonts.gstatic.com	36 KB
2	onmanectrictor.com onmanectrictor.com — Cisco Umbrella Rank: 30523	7 KB
2	fleraprt.com fleraprt.com — Cisco Umbrella Rank: 19217	908 B
1	googleapis.com fonts.googleapis.com	1 KB
1	tzegilo.com tzegilo.com — Cisco Umbrella Rank: 19882	9 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 10912	542 B
1	coosync.com 1 redirects coosync.com — Cisco Umbrella Rank: 24276	498 B
1	a-ads.com ad.a-ads.com — Cisco Umbrella Rank: 31161
49	12

	Domain	Requested by
15	t7cp4fldl.com	1 redirects tulisone.click t7cp4fldl.com
14	tulisone.click	tulisone.click
7	aistekso.net	tulisone.click aistekso.net
3	cdn.bncloudfl.com	tulisone.click t7cp4fldl.com
2	fonts.gstatic.com	fonts.googleapis.com
2	onmanectrictor.com
2	fleraprt.com	tzegilo.com
1	fonts.googleapis.com	aistekso.net
1	tzegilo.com	aistekso.net
1	my.rtmark.net	aistekso.net
1	coosync.com	1 redirects
1	ad.a-ads.com	tulisone.click
49	12

This site contains no links.

Subject Issuer	Validity	Valid
tulisone.click WE1	`2024-08-28` - `2024-11-26`	3 months	crt.sh
Buypass Class 2 CA 5	`2024-09-20` - `2025-03-18`	6 months	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-27` - `2025-01-26`	a year	crt.sh
cdn.bncloudfl.com WE1	`2024-08-24` - `2024-11-22`	3 months	crt.sh
aistekso.net R11	`2024-08-31` - `2024-11-29`	3 months	crt.sh
rtmark.net R11	`2024-08-30` - `2024-11-28`	3 months	crt.sh
tzegilo.com WE1	`2024-09-23` - `2024-12-22`	3 months	crt.sh
fleraprt.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-09` - `2025-01-13`	a year	crt.sh
onmanectrictor.com WE1	`2024-09-23` - `2024-12-22`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://tulisone.click/
Frame ID: 7FE1EF928609C868463335EDE58E8CA8
Requests: 29 HTTP requests in this frame

Frame: https://ad.a-ads.com/2188118?size=300x250
Frame ID: 9A0621D84691B015E0F4287592398173
Requests: 1 HTTP requests in this frame

Frame: https://t7cp4fldl.com/check.html
Frame ID: D4D513025D16421EB7E0DFC5E5895C4F
Requests: 1 HTTP requests in this frame

Frame: https://t7cp4fldl.com/check.html
Frame ID: C7519ACEEEE8B3653B43127326A43A41
Requests: 1 HTTP requests in this frame

Frame: https://t7cp4fldl.com/check.html
Frame ID: 0B626D6B3B78BD77198F26B9CB4E0111
Requests: 1 HTTP requests in this frame

Frame: https://t7cp4fldl.com/sn/ps/2020808?freq=0&im=1&puid=0&so=1&wcks=1
Frame ID: 9DA54DA21D1DA17105215141AD607958
Requests: 1 HTTP requests in this frame

Frame: https://cdn.bncloudfl.com/bn/eac/8e8/369/eac8e8369f822993a74bcd42cff79241c50fd011.gif
Frame ID: 69A63C8A033C3B90B26BF2A7BCE27DCA
Requests: 3 HTTP requests in this frame

Frame: https://cdn.bncloudfl.com/bn/a85/8cd/6ff/a858cd6ffbcda44a7be1181395e5da1ee05ae400.gif
Frame ID: B2581992288FFFAFD43F25418708D5B6
Requests: 3 HTTP requests in this frame

Frame: https://cdn.bncloudfl.com/bn/a85/8cd/6ff/a858cd6ffbcda44a7be1181395e5da1ee05ae400.gif
Frame ID: 68B29199CB642BABA87E26B12E90D325
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
Frame ID: 4994E8F6D859D98A952F34A960314CCB
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tulisone - Bukan sekedar Info Biasa

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Page Statistics

49
Requests

98 %
HTTPS

50 %
IPv6

12
Domains

12
Subdomains

12
IPs

4
Countries

429 kB
Transfer

880 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://t7cp4fldl.com/sn/pr/2020808?zoneid=2020808&jp=_clmhfnzf9xpl8ydku2xuww&nojs=0&abvar=0&febuild=1.0.364&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&fn=2&es=14&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Linux%20x86_64&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&psu=VERLLXsaHR0cHM6Ly90dWxpc29uZS5jbGljay8&afid=4053975717820928&dl=10&eclog=0&snc=0&ssc=0&vp=0&im=1&cha=&chb=&chbr=&chf=&chm=false&chmd=&chp=&chv=&cs=5&freq=0&uf=0 HTTP 302
https://coosync.com/sn/c?zoneid=2020808&freq=0&srp=srYhYilOB0SYuI3f73UNcC_6DCszWoyHrEM-Bl6EzFU53HXQHjFg01w2BhT79rQjFdjWZCRNFC6e3fko0IkgPbtRtylTt3QgnEis7zscvTs=&im=1&wcks=1 HTTP 302
https://t7cp4fldl.com/sn/ps/2020808?freq=0&im=1&puid=0&so=1&wcks=1

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
tulisone.click/ 98 KB
30 KB 1047ms
1010ms Document
text/html 2606:4700:3037::6815:2ccb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tulisone.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:2ccb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a9a5a92e2847c1da4d12e7697019c19e8ff7ce715f8bc2748da0d39f0ffb60a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8d4510c5e966d350-FRA
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Fri, 18 Oct 2024 02:23:18 GMT
link: <https://tulisone.click/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yGgF1tPslQb%2Bg3AbTFXcHWHvebGcanFOSR6NknAFLiRa%2B4crDgpbfHvKZPiwNzCP6xqQt2LWWHCAb5aHgpgIaxuZsv7qDalc7UaE%2BgnO3W%2BoGq6GHQN8Yx%2Fc%2BGy1pB9L60AzZuhx%2FnZxqNA7Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H3 200 idblog-core.css
tulisone.click/wp-content/plugins/idblog-core/css/ 7 KB
3 KB 504ms
504ms Stylesheet
text/css 2606:4700:3037::6815:2ccb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tulisone.click/wp-content/plugins/idblog-core/css/idblog-core.css?ver=1.0.0

Requested by

Host: tulisone.click
URL: https://tulisone.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:2ccb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a83387259b3692c11920095e84a5eed0886d67203991f7d8115cfe0dd1723773

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tulisone.click/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"66d7529c-1a7a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=haP4g4XPQj96bMmSi80%2BV%2FD834kVbvn1kiTQ6Jc45X9AxeXF6%2BBJF4fvL9qgoAETJo2uCQE%2F4GfBSjbwEzlAT54Y%2FLMmgEKguvgcBLMCSt6IgG4q3SUv%2F0piqPpjo3iYmToCa08bxFaOfnJLUg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 18 Oct 2024 14:23:18 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 18 Oct 2024 02:23:18 GMT
content-type: text/css
last-modified: Tue, 03 Sep 2024 18:17:00 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4510cc4893d350-FRA
server: cloudflare

GET
H3 200 style.css
tulisone.click/wp-content/themes/superfast/ 45 KB
12 KB 515ms
513ms Stylesheet
text/css 2606:4700:3037::6815:2ccb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tulisone.click/wp-content/themes/superfast/style.css?ver=2.1.3

Requested by

Host: tulisone.click
URL: https://tulisone.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:2ccb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d4ccdb61fb27f34a2eb755463215c47acebc9ef0783264444fea77972b9f29d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tulisone.click/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"65e58efc-b290"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XNhk%2FnwViao0RgTsb4uvuV%2FLut88TkYBx48vji%2BFJSXKymFtKDx%2FTmRrsb24F308fEwMZ2Agi9e7XBzKZCmxh%2FwrNJX%2FEcKWReNwi3iCjo9X7qnvn6ZuSVWSNwinfHRv67ql%2B0yHoaAw93Ou7A%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 18 Oct 2024 14:23:18 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 18 Oct 2024 02:23:18 GMT
content-type: text/css
last-modified: Mon, 04 Mar 2024 09:06:04 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4510cc4896d350-FRA
server: cloudflare

GET
H3 200 Ini-Dia-Arti-Default-di-HP-Yang-Harus-Kamu-Pahami-200x135.webp
tulisone.click/wp-content/uploads/2024/09/ 9 KB
9 KB 486ms
484ms Image
image/webp 2606:4700:3037::6815:2ccb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tulisone.click/wp-content/uploads/2024/09/Ini-Dia-Arti-Default-di-HP-Yang-Harus-Kamu-Pahami-200x135.webp

Requested by

Host: tulisone.click
URL: https://tulisone.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:2ccb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3d5ed481790a54c11ed1efb9171c75dbea46f0662600fc10654754787858025

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tulisone.click/

Response headers

cf-cache-status: REVALIDATED
etag: "66d75ac6-2384"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tGJ4gzCtLTUo2lDcXuJwi%2BGrFct48fRvX%2F3z%2FAjyWGYxVWJHhDIy4FIMtqPKSIh%2FT2yoxKIgknvWKNytCmmtMboYnyz8fcDLrEs%2BiQZMvUIsTmPMuCFhuomsmfc6xKWkg4EUJlC39mmMxelntg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 18 Oct 2024 02:23:18 GMT
content-type: image/webp
last-modified: Tue, 03 Sep 2024 18:51:50 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4510cc4897d350-FRA
accept-ranges: bytes
content-length: 9092
server: cloudflare

GET
H3 200 Perbedaan-Authentic-dan-Original-Panduan-Lengkap-untuk-Konsumen-Cerdas-200x135.webp
tulisone.click/wp-content/uploads/2024/09/ 10 KB
11 KB 486ms
485ms Image
image/webp 2606:4700:3037::6815:2ccb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tulisone.click/wp-content/uploads/2024/09/Perbedaan-Authentic-dan-Original-Panduan-Lengkap-untuk-Konsumen-Cerdas-200x135.webp

Requested by

Host: tulisone.click
URL: https://tulisone.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:2ccb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46c76cea8a9c1c2d1d188a1aa96f8441fb346318645dc037bd1dc1f1f215161f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tulisone.click/

Response headers

cf-cache-status: REVALIDATED
etag: "66d75795-2946"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2F9owBUHVy5SnY11DZ2doucwVO9WpJzlIW0RH7KB8OADyW7kwowfyMbVu3WTjSHIpl3bNi9KOBNyembCHQTzrhaVY3IyIpvBKbB%2F9PCrEjoyazavkIXtJ9xynuzqhByG8rilk%2FsrTR7X44XPYg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 18 Oct 2024 02:23:18 GMT
content-type: image/webp
last-modified: Tue, 03 Sep 2024 18:38:13 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4510cc4898d350-FRA
accept-ranges: bytes
content-length: 10566
server: cloudflare

GET
H3 200 1000222187-200x135.jpg
tulisone.click/wp-content/uploads/2024/06/ 10 KB
11 KB 16ms
15ms Image
image/jpeg 2606:4700:3037::6815:2ccb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tulisone.click/wp-content/uploads/2024/06/1000222187-200x135.jpg

Requested by

Host: tulisone.click
URL: https://tulisone.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:2ccb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8762176523e67bffbdb848407ebe023aa0880122117758e6cb4f7267b0cd03cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tulisone.click/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"666a07f7-293a"
age: 90964
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FBptH8RPKMXoxLB%2FQsxY333gTZSkpRnZACogyYXb%2BGVntvgxucTJeN1PnE%2FRdLugWPeD6pUkV1YkSVYUKFlqTmkz%2BjSniToJVejssTSr1CPeEeE7Ef2WxB6LrDDdNmjaA3Su3%2FMwXnNdkr7M7g%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 16 Nov 2024 01:07:14 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 18 Oct 2024 02:23:18 GMT
content-type: image/jpeg
last-modified: Wed, 12 Jun 2024 20:41:27 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4510cc58b1d350-FRA
server: cloudflare

GET
H2 200 code.js Show response
t7cp4fldl.com/lv/esnk/2020808/ 147 KB
55 KB 64ms
26ms Script
application/javascript 212.117.190.201
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://t7cp4fldl.com/lv/esnk/2020808/code.js
Requested by: Host: tulisone.click
URL: https://tulisone.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: b181f4bfb6681cf6bfd3a459143a6813e2d07e7c3772c54ef41017500cf46b8d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tulisone.click/

Response headers

timing-allow-origin: *
content-encoding: gzip
etag: W/"6710d0ac-24c12"
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
x-js-ab2: current
date: Fri, 18 Oct 2024 02:23:18 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 17 Oct 2024 08:54:04 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 code.js Show response
t7cp4fldl.com/lv/esnk/2020809/ 147 KB
55 KB 81ms
43ms Script
application/javascript 212.117.190.201
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://t7cp4fldl.com/lv/esnk/2020809/code.js
Requested by: Host: tulisone.click
URL: https://tulisone.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: acd7de4a35d36b1ca87cb5a2228e4ea3fd39e91a4df344058055ad4b233fd423

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tulisone.click/

Response headers

timing-allow-origin: *
content-encoding: gzip
etag: W/"6710d0ac-24c12"
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
x-js-ab2: current
date: Fri, 18 Oct 2024 02:23:18 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 17 Oct 2024 08:54:04 GMT
server: nginx
vary: Accept-Encoding

GET 3a358466-c993-446e-971f-3a182f33842e
https://tulisone.click/ Frame 0
0

GET
H2 200 2188118
ad.a-ads.com/ Frame 9A06 0
0 49ms
16ms Document
text/html 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2188118?size=300x250

Requested by

Host: tulisone.click
URL: https://tulisone.click/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.118.53.251.148.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tulisone.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Fri, 18 Oct 2024 02:23:18 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://tulisone.click/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H3 200 customscript.js Show response
tulisone.click/wp-content/themes/superfast/js/ 14 KB
5 KB 500ms
500ms Script
application/javascript 2606:4700:3037::6815:2ccb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tulisone.click/wp-content/themes/superfast/js/customscript.js?ver=2.1.3

Requested by

Host: tulisone.click
URL: https://tulisone.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:2ccb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfa6d59d57e3b6ae87dfa5ce893036f4255a2b9d9dcc56898b41ee1091a2ca97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tulisone.click/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"65e58efc-36ac"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZVI%2ByRBnvaFHIN4NdTbWgDaodoxxkbrLztnSZs94oCQtNYTcW9D41Z0Q7fjkBRmZ9L8M8Qvlqp4CQnvLztQgJLeLS6a8Xedd%2BHr0VgWhIXtmVR9sYcHM%2B6jy4jnByxXqcN%2Bi8oCjd6JBcCu4NA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 18 Oct 2024 14:23:18 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 18 Oct 2024 02:23:18 GMT
content-type: application/javascript
last-modified: Mon, 04 Mar 2024 09:06:04 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4510cc68bbd350-FRA
server: cloudflare

GET
H2 200 check.html
t7cp4fldl.com/ Frame D4D5 0
0 40ms
13ms Document
text/html 212.117.190.201
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://t7cp4fldl.com/check.html
Requested by: Host: t7cp4fldl.com
URL: https://t7cp4fldl.com/lv/esnk/2020808/code.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://tulisone.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 18 Oct 2024 02:23:18 GMT
etag: W/"66fa4ab0-394"
last-modified: Mon, 30 Sep 2024 06:52:32 GMT
server: nginx
timing-allow-origin: *
vary: Accept-Encoding
x-js-ab: current

GET
H2 200 check.html
t7cp4fldl.com/ Frame C751 0
0 39ms
39ms Document
text/html 212.117.190.201
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://t7cp4fldl.com/check.html
Requested by: Host: t7cp4fldl.com
URL: https://t7cp4fldl.com/lv/esnk/2020808/code.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://tulisone.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 18 Oct 2024 02:23:18 GMT
etag: W/"66fa4ab0-394"
last-modified: Mon, 30 Sep 2024 06:52:32 GMT
server: nginx
timing-allow-origin: *
vary: Accept-Encoding
x-js-ab: current

GET
H2 200 check.html
t7cp4fldl.com/ Frame 0B62 0
0 19ms
19ms Document
text/html 212.117.190.201
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://t7cp4fldl.com/check.html
Requested by: Host: t7cp4fldl.com
URL: https://t7cp4fldl.com/lv/esnk/2020809/code.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://tulisone.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 18 Oct 2024 02:23:18 GMT
etag: W/"66fa4ab0-394"
last-modified: Mon, 30 Sep 2024 06:52:32 GMT
server: nginx
timing-allow-origin: *
vary: Accept-Encoding
x-js-ab: current

GET
H2 200 2020808 Show response
t7cp4fldl.com/get/ 4 KB
2 KB 17ms
16ms Script
text/javascript 212.117.190.201
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://t7cp4fldl.com/get/2020808?zoneid=2020808&jp=_clmhfnzf9xpl8ydku2xuww&nojs=0&abvar=0&febuild=1.0.364&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&fn=2&es=14&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Linux%20x86_64&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&psu=VERLLXsaHR0cHM6Ly90dWxpc29uZS5jbGljay8&afid=4053975717820928&dl=10&eclog=0&snc=0&ssc=0&vp=0&im=1&cha=&chb=&chbr=&chf=&chm=false&chmd=&chp=&chv=&cs=5&freq=0&uf=0
Requested by: Host: t7cp4fldl.com
URL: https://t7cp4fldl.com/lv/esnk/2020808/code.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 6c8bc8cba19cef9f0c31425e33a6cd0a10ba75a23b673ea94d835d4ac3509fe4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tulisone.click/

Response headers

timing-allow-origin: *
x-route-id: config
content-encoding: gzip
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
date: Fri, 18 Oct 2024 02:23:18 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H2 200 2020808 Show response
t7cp4fldl.com/get/ 4 KB
2 KB 18ms
18ms Script
text/javascript 212.117.190.201
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://t7cp4fldl.com/get/2020808?zoneid=2020808&jp=_clyh05m1tlb3vdyy8agfhg&nojs=0&abvar=0&febuild=1.0.364&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&fn=2&es=14&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Linux%20x86_64&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&psu=8jPsM5QaHR0cHM6Ly90dWxpc29uZS5jbGljay8&afid=394801020587008&dl=10&eclog=0&snc=0&ssc=0&vp=0&im=1&cha=&chb=&chbr=&chf=&chm=false&chmd=&chp=&chv=&cs=5&freq=0&uf=0
Requested by: Host: t7cp4fldl.com
URL: https://t7cp4fldl.com/lv/esnk/2020808/code.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 76263e672565bdd9a198590e46c046734c7a0a82d31ca600fe27f31899be0346

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tulisone.click/

Response headers

timing-allow-origin: *
x-route-id: config
content-encoding: gzip
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
date: Fri, 18 Oct 2024 02:23:18 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H2 200 2020809 Show response
t7cp4fldl.com/get/ 4 KB
2 KB 18ms
18ms Script
text/javascript 212.117.190.201
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://t7cp4fldl.com/get/2020809?zoneid=2020809&jp=_clxufa4tc63h9b9wx5ccyb&nojs=0&abvar=0&febuild=1.0.364&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&fn=2&es=14&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Linux%20x86_64&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&psu=XxMb0GiaHR0cHM6Ly90dWxpc29uZS5jbGljay8&afid=7431675438352896&dl=10&eclog=0&snc=0&ssc=0&vp=0&im=1&cha=&chb=&chbr=&chf=&chm=false&chmd=&chp=&chv=&cs=5&freq=0&uf=0
Requested by: Host: t7cp4fldl.com
URL: https://t7cp4fldl.com/lv/esnk/2020809/code.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 0e04cfbe84824669f8fce771acc0de5ff64f773c588d831e2782a4b4656a9667

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tulisone.click/

Response headers

timing-allow-origin: *
x-route-id: config
content-encoding: gzip
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
date: Fri, 18 Oct 2024 02:23:18 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H2

200

2020808
t7cp4fldl.com/sn/ps/ Frame 9DA5
Redirect Chain

https://t7cp4fldl.com/sn/pr/2020808?zoneid=2020808&jp=_clmhfnzf9xpl8ydku2xuww&nojs=0&abvar=0&febuild=1.0.364&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&fn=2&es=14&plu=PDF...
https://coosync.com/sn/c?zoneid=2020808&freq=0&srp=srYhYilOB0SYuI3f73UNcC_6DCszWoyHrEM-Bl6EzFU53HXQHjFg01w2BhT79rQjFdjWZCRNFC6e3fko0IkgPbtRtylTt3QgnEis7zscvTs=&im=1&wcks=1
https://t7cp4fldl.com/sn/ps/2020808?freq=0&im=1&puid=0&so=1&wcks=1

0
0

17ms
16ms

Document
text/html

212.117.190.201
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://t7cp4fldl.com/sn/ps/2020808?freq=0&im=1&puid=0&so=1&wcks=1
Requested by: Host: t7cp4fldl.com
URL: https://t7cp4fldl.com/lv/esnk/2020808/code.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://tulisone.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 18 Oct 2024 02:23:18 GMT
server: nginx
timing-allow-origin: *
vary: Accept-Encoding
x-route-id: cookie.user_id.pre_sync.final

Redirect headers

accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-length: 105
content-type: text/html; charset=utf-8
date: Fri, 18 Oct 2024 02:23:18 GMT
location: https://t7cp4fldl.com/sn/ps/2020808?freq=0&im=1&puid=0&so=1&wcks=1
server: nginx
timing-allow-origin: *
x-route-id: cookie.user_id.sync

GET
H3 200 eac8e8369f822993a74bcd42cff79241c50fd011.gif
cdn.bncloudfl.com/bn/eac/8e8/369/ Frame 69A6 42 KB
43 KB 48ms
18ms Image
image/webp 2606:4700:3037::6815:233e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bncloudfl.com/bn/eac/8e8/369/eac8e8369f822993a74bcd42cff79241c50fd011.gif
Requested by: Host: tulisone.click
URL: https://tulisone.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:233e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36b92415e51bccb974a8b2870d70b5b86072b23e17ad6856eb88b029113b4102

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cf-bgj: imgq:100,h2pri
etag: 8288ed0e1e132023537dfdcdda356cd2
age: 104661
cf-cache-status: HIT
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
expires: Fri, 18 Oct 2024 21:18:57 GMT
x-proxy-cache: HIT
cf-polished: origFmt=gif, origSize=59549
x-trans-id: tx4d3e9c348ad64f868763b-0066cf3357
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 02:23:18 GMT
content-type: image/webp
x-openstack-request-id: tx4d3e9c348ad64f868763b-0066cf3357
vary: Accept
x-cdn-host-id: ds7288,ds5859
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
content-disposition: inline; filename="eac8e8369f822993a74bcd42cff79241c50fd011.webp"
cache-control: max-age=432000
last-modified: Fri, 22 Dec 2023 14:10:57 GMT
x-timestamp: 1703254256.26044
cf-ray: 8d4510ce1bec9a15-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43008
server: cloudflare

GET
H3 200 a858cd6ffbcda44a7be1181395e5da1ee05ae400.gif
cdn.bncloudfl.com/bn/a85/8cd/6ff/ Frame B258 66 KB
66 KB 59ms
38ms Image
image/webp 2606:4700:3037::6815:233e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bncloudfl.com/bn/a85/8cd/6ff/a858cd6ffbcda44a7be1181395e5da1ee05ae400.gif
Requested by: Host: tulisone.click
URL: https://tulisone.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:233e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b326790c090962d34a5d257dea0f73d4c033e517cd7dccd1e453715e661a01e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cf-bgj: imgq:100,h2pri
etag: 06d021e28e360b552e552e5946dc892c
age: 100630
cf-cache-status: HIT
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
expires: Fri, 18 Oct 2024 22:26:08 GMT
x-proxy-cache: HIT
cf-polished: origFmt=gif, origSize=79652
x-trans-id: txb9f9ea8050b14717a11f8-0066cf31e7
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 02:23:18 GMT
content-type: image/webp
x-openstack-request-id: txb9f9ea8050b14717a11f8-0066cf31e7
vary: Accept
x-cdn-host-id: ds7288,ds5859
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
content-disposition: inline; filename="a858cd6ffbcda44a7be1181395e5da1ee05ae400.webp"
cache-control: max-age=432000
last-modified: Tue, 23 Jan 2024 12:38:23 GMT
x-timestamp: 1706013502.15521
cf-ray: 8d4510ce1bed9a15-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 67198
server: cloudflare

GET
H3 200 a858cd6ffbcda44a7be1181395e5da1ee05ae400.gif
cdn.bncloudfl.com/bn/a85/8cd/6ff/ Frame 68B2 66 KB
0 59ms
59ms Image
image/webp 2606:4700:3037::6815:233e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bncloudfl.com/bn/a85/8cd/6ff/a858cd6ffbcda44a7be1181395e5da1ee05ae400.gif
Requested by: Host: t7cp4fldl.com
URL: https://t7cp4fldl.com/lv/esnk/2020809/code.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:233e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b326790c090962d34a5d257dea0f73d4c033e517cd7dccd1e453715e661a01e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cf-bgj: imgq:100,h2pri
etag: 06d021e28e360b552e552e5946dc892c
age: 100630
cf-cache-status: HIT
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
expires: Fri, 18 Oct 2024 22:26:08 GMT
x-proxy-cache: HIT
cf-polished: origFmt=gif, origSize=79652
x-trans-id: txb9f9ea8050b14717a11f8-0066cf31e7
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 02:23:18 GMT
content-type: image/webp
x-openstack-request-id: txb9f9ea8050b14717a11f8-0066cf31e7
vary: Accept
x-cdn-host-id: ds7288,ds5859
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
content-disposition: inline; filename="a858cd6ffbcda44a7be1181395e5da1ee05ae400.webp"
cache-control: max-age=432000
last-modified: Tue, 23 Jan 2024 12:38:23 GMT
x-timestamp: 1706013502.15521
cf-ray: 8d4510ce1bed9a15-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 67198
server: cloudflare

GET
H2 200 chicken.gif
t7cp4fldl.com/ Frame 69A6 43 B
479 B 16ms
15ms Image
image/gif 212.117.190.201
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t7cp4fldl.com/chicken.gif?z=2020808&pb=1f888d3bad518b762f7b1275320a87981729225398&psp=mAiUEaACXI6smsUweuIWmdnKYqjqjq_JTtjbzGmpcnoFT70KUJsas7fRelQxUOKb7s4iQ1ZE1bdPpMkyD4NY8pZM5ySqrwNF0E_P2Q4z5Ax73HZFTqssbQRweGJuclvtO9lcP2p3H-vNtaBDxGk3eZEzOSft0yPdMybr4eEjZNEahwBc8hC1VVpUDVK6uMG7W5-1JElT0g00slLk85essGCkzrCMyi1k4JIIPNduM5Knx2ebH_ldc2X2PlcUdqvE1SuvmAri4mMcIHgfPIWhSDzvG0YzxLt891jmzUn54c2uvXTCzxsY5x_yejcpZ4NRD2RdAfgaT15XA2EBlG5_8fX8nIpaNGp7uqnlfaLcpdfjr26ofRMwel9W1IuB-F_MS0I-pPhHBTIid-mMs43XAi15iqiJRNeyWUyeMvpSgMpW_rGWkT0bH1Gqz0SfqXOMLjVQz-1aBa6JJOjphnaYX3P3Q2IJc6_HDy94ySxDp9KkflXylTKTyuPHeR9fLF1KiyH0RIBrkabOYBPwuFw-PmHXR31RE_qxcEBenyAPX0MUpY95U5ah8IP4mMk99kjLz3kEN_bsy7m3cJSEZnwgmuro8TDAxUBaZdT1Y9nQoto-4I5m2GI=&freq=0&nojs=0&abvar=0&febuild=1.0.364&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&fn=2&es=14&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Linux%20x86_64&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&psu=VERLLXsaHR0cHM6Ly90dWxpc29uZS5jbGljay8&afid=4053975717820928&dl=10&eclog=0&snc=0&ssc=0&vp=0&im=1&cha=&chb=&chbr=&chf=&chm=false&chmd=&chp=&chv=&cs=5&pload=74
Requested by: Host: tulisone.click
URL: https://tulisone.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-route-id: stats.impression
content-length: 43
date: Fri, 18 Oct 2024 02:23:18 GMT
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-type: image/gif
timing-allow-origin: *
server: nginx

GET
H2 200 chicken.gif
t7cp4fldl.com/ Frame B258 43 B
479 B 15ms
15ms Image
image/gif 212.117.190.201
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t7cp4fldl.com/chicken.gif?z=2020808&pb=1f888d3bad518b762f7b1275320a87981729225398&psp=34ubh_QH9kYDBVfnUMSPSc44Nr_UZIi2t_h29QhAwVQZWcUKaWm7sOMKSy95uxCXZxMnWGWRF4yCNbnBI9albsF64r-OF1YfnIdbSJqqQoNzfdsY0s2PKVR35r3YtV7I6Bl8daqIQEmMwhZWUzGOfVgFvD56zJt7XtC8KHEV2XjglPg9Z9nVM05gF7JkwFI9AeqzqFoCyGXsu_oXvBxeDgRHZRs5bsMLZ0Fm8GPa4wYcOJ9o9R78W7Yy69y3hoL51U-OW6luX1j68BGMr3KwzcAWK4clInqedv_iVG7PqOFxSxHWuzGYsoXwNrT1Ox1wU-EgdEnt3tuyqQ3vDJ-1krcH5fU7ZjjS06U1-pPMk3CetkPlzt0CKryxMNmpc7CzGvV_r2EgwcDQtwEswmHGDfLJBhlUX8NJ3OrsbTM9XzdR-F4ZX4mXLR3u9U2FQBn3vhf4B7MwOzgnMxxcRxWIMmcLxXl7cdY9qApbBDC15J57l6oH-Dx5CoCz1cbUDmdV5e0aYSGY2-bnxLljQjYdnDOzw4vXExElANGAPdfIXWVIr02wKowate7F8qF3-SC-X6ktLiEp4W_pWSEM1BSl7C4Cw5zJTKr6hi9lSsCId9UnN0b54rs=&freq=0&nojs=0&abvar=0&febuild=1.0.364&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&fn=2&es=14&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Linux%20x86_64&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&psu=8jPsM5QaHR0cHM6Ly90dWxpc29uZS5jbGljay8&afid=394801020587008&dl=10&eclog=0&snc=0&ssc=0&vp=0&im=1&cha=&chb=&chbr=&chf=&chm=false&chmd=&chp=&chv=&cs=5&pload=69
Requested by: Host: tulisone.click
URL: https://tulisone.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-route-id: stats.impression
content-length: 43
date: Fri, 18 Oct 2024 02:23:18 GMT
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-type: image/gif
timing-allow-origin: *
server: nginx

GET
H2 200 chicken.gif
t7cp4fldl.com/ Frame 68B2 43 B
479 B 16ms
16ms Image
image/gif 212.117.190.201
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t7cp4fldl.com/chicken.gif?z=2020809&pb=1f888d3bad518b762f7b1275320a87981729225398&psp=Av63pp5PjrqcN2ighzXV00sJgVADI6n_Df3Jk2MCzKb-GQKmen5NbEMQU_Vpx8OQ-k_B8jLu7tCpA6e-WnRQC9V6hzxX-DBtk9-fgHRIIHTJpdydlmwLrZ78WS8Xcr-dHnSEbfhjxY9xwIt70zh7Sxn4GxWWpWeUDYxYGFFE2o2eNg64JlBe52V2U1P7yke9oFUm8RbnzSLV0GgnEwg7G1wTgtjIyxf73xag4QdF3bUZmS9NgvMg1n0vNJnnWpqwyuxR-QHTRt85DP9lYl8qnXZoraNJ5LouCPMDCZR8i7mpqpXsiAriElBdgYj0K_0DLAwpoLgqrK0ZPFJidoN-dCZmXYqCV673kXkqclBq2AXSRV-3hPFbWncYmszcDxkvjQSIS5epM_92X0XING37eJUzs1irYlQ9IEUFF8YcZiCwqkoUR8hGnWgF6WnGHXUYKMsqYAcTGL5T7OnrA9Cbrsm2zFNwAm8v2P_E0A5N4x7QR_Wg441aZ4QCArMueUSZmzWDAaRCitz-Nw_T3Xk6pnMTeJXY9MnJDNJ9wVnVY7gZSYaSmD9jrdgNoiqmaEEeNHONQYgeVcBUN6ClD5F6MFTEdiiJbzQoD_6Rw3aLf-TZQZCs6zY=&freq=0&nojs=0&abvar=0&febuild=1.0.364&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&fn=2&es=14&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Linux%20x86_64&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&psu=XxMb0GiaHR0cHM6Ly90dWxpc29uZS5jbGljay8&afid=7431675438352896&dl=10&eclog=0&snc=0&ssc=0&vp=0&im=1&cha=&chb=&chbr=&chf=&chm=false&chmd=&chp=&chv=&cs=5&pload=71
Requested by: Host: tulisone.click
URL: https://tulisone.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-route-id: stats.impression
content-length: 43
date: Fri, 18 Oct 2024 02:23:18 GMT
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-type: image/gif
timing-allow-origin: *
server: nginx

HEAD
H3 200 / Show response
tulisone.click/ 0
497 B 351ms
351ms XHR
text/html 2606:4700:3037::6815:2ccb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tulisone.click/

Requested by

Host: tulisone.click
URL: https://tulisone.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:2ccb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tulisone.click/

Response headers

strict-transport-security: max-age=31536000
link: <https://tulisone.click/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GqlL2FLfCOA3SRFQaF%2FAbfIql8WOsebLy6%2BtNh18gKiUw3il1WfEzTXlrKYGjb1e6FDpgdWItApZCE6zrdPVi4UJOSRalapRN8KV22rKc4U7nUSiQJSPmCUQ2VhvfREb60PCnZ3wAEET%2BsX%2FrA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d4510cfac95d350-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 18 Oct 2024 02:23:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET
H3 200 Keunggulan-WhatsApp-Aero-Hazar-dalam-Dunia-MOD-WhatsApp-200x135.jpeg
tulisone.click/wp-content/uploads/2024/04/ 3 KB
4 KB 15ms
14ms Image
image/jpeg 2606:4700:3037::6815:2ccb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tulisone.click/wp-content/uploads/2024/04/Keunggulan-WhatsApp-Aero-Hazar-dalam-Dunia-MOD-WhatsApp-200x135.jpeg

Requested by

Host: tulisone.click
URL: https://tulisone.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:2ccb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

163c271207084e2fc0d10c18dc4eaef5883a3f0947147d0755b8cf7ab0834d8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tulisone.click/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"662bd4df-d95"
age: 291856
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dg%2B6w2S2tLW2Ejpt%2FUVZO45lQDY%2FHRU3%2FNIaD0FbBPQ1wpp9TXBqmc40SKMSZFw5%2FHjhlVCODVBnIR83gjKnK0yHuj%2B5H%2B8r8XrHtCxuh5FXI67T3NDVD1GT7pszu8qqvIfHpYJT5Ywf%2FW5W%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 13 Nov 2024 17:19:03 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 18 Oct 2024 02:23:19 GMT
content-type: image/jpeg
last-modified: Fri, 26 Apr 2024 16:22:55 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4510cfbca6d350-FRA
server: cloudflare

GET
H3 200 WA-Immune-Apk-min-200x135.webp
tulisone.click/wp-content/uploads/2024/04/ 2 KB
2 KB 501ms
500ms Image
image/webp 2606:4700:3037::6815:2ccb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tulisone.click/wp-content/uploads/2024/04/WA-Immune-Apk-min-200x135.webp

Requested by

Host: tulisone.click
URL: https://tulisone.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:2ccb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fee68a5a352443c68740b81eeb7a21953baef90118718014edc5b878217dd1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tulisone.click/

Response headers

cf-cache-status: REVALIDATED
etag: "66235745-7f8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sqXbOaHiwZvUTitTBg79VIOcIZwIH6QA%2FVD1YXEYukyj%2BT3dDHTzqbeJAU7Mx679aOWn14UR1Qyj638ZFKYvIfR3WlKUDPjZHJDWaHjaMfZilf7MQoJJNFf7h%2FdUYnWaQoKZcivT9Y9xt%2FIEJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 18 Oct 2024 02:23:19 GMT
content-type: image/webp
last-modified: Sat, 20 Apr 2024 05:48:53 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4510cfcca7d350-FRA
accept-ranges: bytes
content-length: 2040
server: cloudflare

GET
H3 200 Game-yang-Bisa-Menghasilkan-Uang-Nyata-Langsung-Cair-ke-Akun-Dana-Anda-200x135.jpeg
tulisone.click/wp-content/uploads/2024/03/ 6 KB
6 KB 15ms
14ms Image
image/jpeg 2606:4700:3037::6815:2ccb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tulisone.click/wp-content/uploads/2024/03/Game-yang-Bisa-Menghasilkan-Uang-Nyata-Langsung-Cair-ke-Akun-Dana-Anda-200x135.jpeg

Requested by

Host: tulisone.click
URL: https://tulisone.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:2ccb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1111c23ead2824e0beb40e2c20be36d4aae2e213375e55c6987c61889c3ad5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tulisone.click/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"65ee0705-1804"
age: 273318
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aJQdxXvqtG0FJHub5XumEBM1dCGfCtXZI1J%2FlazlhlLSvN5tnoCW9ba6zW%2F7xOPGZQUYLGJYHNaFE3EaNw8zrlCUgX5EO0zH1LSLbKcBVk4ixieyoeUyZYGNT82SltNgLMI8B%2BnLJcQg8hW3NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 13 Nov 2024 22:28:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 18 Oct 2024 02:23:19 GMT
content-type: image/jpeg
last-modified: Sun, 10 Mar 2024 19:16:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4510cfcca8d350-FRA
server: cloudflare

GET
H3 200 office-594132_1280-200x135.jpg
tulisone.click/wp-content/uploads/2024/03/ 5 KB
6 KB 14ms
13ms Image
image/jpeg 2606:4700:3037::6815:2ccb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tulisone.click/wp-content/uploads/2024/03/office-594132_1280-200x135.jpg

Requested by

Host: tulisone.click
URL: https://tulisone.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:2ccb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d8a420ba91b326b2f7ccad60f3f84a7c297c8eea761a86e3614caa975df4d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tulisone.click/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"65e655ac-1581"
age: 273318
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fY4HAlbJ%2BaK3M%2Fyb3fD64Ab2eK376Wk1Ps3Ojif6SrVibOkFHEcOPI6c6Wo4ZrIp%2B8aych1h6UV9aPydLLG87ZGOvYmPpTIMRErrI8431drtWuGrQtznJMPmk3jk1RFJGtgd95CQKYMTpLDdfA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 13 Nov 2024 22:28:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 18 Oct 2024 02:23:19 GMT
content-type: image/jpeg
last-modified: Mon, 04 Mar 2024 23:13:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4510cfcca9d350-FRA
server: cloudflare

GET
H2 200 7680434 Show response
aistekso.net/400/ 91 KB
36 KB 69ms
28ms Script
application/javascript 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://aistekso.net/400/7680434

Requested by

Host: tulisone.click
URL: https://tulisone.click/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

79d352f43504e5c45ce3ae7de683c42020b83d2ce336f36d6c061e2d55cca398

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tulisone.click/

Response headers

access-control-expose-headers: Link
content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
date: Fri, 18 Oct 2024 02:23:19 GMT
content-type: application/javascript
vary: Origin
strict-transport-security: max-age=1
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
timing-allow-origin: *, *
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
x-trace-id: b31f14c0b068fb5c334d65f03e475ccb
access-control-allow-origin: *
server: nginx

GET
H3 200 wp-emoji-release.min.js Show response
tulisone.click/wp-includes/js/ 18 KB
6 KB 494ms
493ms Script
application/javascript 2606:4700:3037::6815:2ccb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tulisone.click/wp-includes/js/wp-emoji-release.min.js?ver=6.6.2

Requested by

Host: tulisone.click
URL: https://tulisone.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:2ccb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tulisone.click/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"660c6c66-4926"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Acvh66s1OROrWDo04pcTk5ghSCJDMlyupMXlITqyQtTfl0E7nsvp0FVHZLPsM8cb30RtzxWFlnyi4q9LZ%2Bn%2FpNj6J4TW%2Bo%2F9hTe2lZr2h7veqA2bEMdLkasCaYeMt2ATFtcbsYG4696NZ8Clg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Fri, 18 Oct 2024 14:23:19 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 18 Oct 2024 02:23:19 GMT
content-type: application/javascript
last-modified: Tue, 02 Apr 2024 20:36:54 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4510cfdcbad350-FRA
server: cloudflare

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
542 B 89ms
14ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: aistekso.net
URL: https://aistekso.net/400/7680434

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

7058d5808762e3f2f31a66470ab1302d8483a47a8eec9d030b29470c11ea4f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tulisone.click/

Response headers

strict-transport-security: max-age=1
access-control-expose-headers: Authorization
timing-allow-origin: *, *
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
access-control-allow-origin: https://tulisone.click
content-length: 65
date: Fri, 18 Oct 2024 02:23:19 GMT
content-type: application/json; charset=utf-8
server: nginx
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token

GET
H2 200 7680434 Show response
aistekso.net/401/ 2 KB
1 KB 17ms
17ms XHR
application/json 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://aistekso.net/401/7680434?oo=1&oaid=0800f9382a9b4eb4f8d1c10407abae22&sw_version=v1.417.0

Requested by

Host: aistekso.net
URL: https://aistekso.net/400/7680434

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e9f04cba7536c674dc8e7970dd83b739fda57c706d088af3f14902d85f3cffe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tulisone.click/

Response headers

access-control-expose-headers: Link
content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
date: Fri, 18 Oct 2024 02:23:19 GMT
content-type: application/json
vary: Origin
strict-transport-security: max-age=1
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
timing-allow-origin: *, *
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
x-trace-id: 9aafa2a78b57d8315711f39f6e018e52
access-control-allow-origin: https://tulisone.click
server: nginx

GET
H3 200 stattag.js Show response
tzegilo.com/ 17 KB
9 KB 36ms
15ms Script
application/javascript 2606:4700:3033::6815:bf5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tzegilo.com/stattag.js
Requested by: Host: aistekso.net
URL: https://aistekso.net/400/7680434
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:bf5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tulisone.click/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"668fb2be-45d7"
age: 6332
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aG4d5JYb5e3nJeQvvqAPai2u1NMWH%2FzlKWWcTp0bHhxeyEMxbc%2FxO4BRDIKTi%2BgmIGWclKeVx1wH%2BtAbauJG60%2Fh9JxrKUMSNvqMu9Yq40qoI%2Fb1Des%2FvbZqtMUyQue%2BANtReaHHuqxRpg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 18 Oct 2024 02:23:19 GMT
content-type: application/javascript
last-modified: Thu, 11 Jul 2024 10:23:58 GMT
vary: Accept-Encoding
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4510d12a8adbf3-FRA
server: cloudflare

POST
H/1.1 200
OK add Show response
fleraprt.com/log/ 12 B
484 B 207ms
15ms XHR
application/json 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=7f97fc11-36b0-49a0-abd5-4e95e3cc349f
Requested by: Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://tulisone.click/

Response headers

Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://tulisone.click
Content-Length: 12
Date: Fri, 18 Oct 2024 02:23:19 GMT
Content-Type: application/json; charset=utf-8
Server: nginx/1.19.10
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

POST
H/1.1 200
OK add Show response
fleraprt.com/async_log/ 0
424 B 202ms
13ms XHR
text/plain 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fleraprt.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=7f97fc11-36b0-49a0-abd5-4e95e3cc349f
Requested by: Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://tulisone.click/

Response headers

Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://tulisone.click
Content-Length: 0
Date: Fri, 18 Oct 2024 02:23:19 GMT
Server: nginx/1.19.10
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

GET
H2 200 7680434 Show response
aistekso.net/500/ 2 KB
2 KB 98ms
97ms XHR
application/javascript 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://aistekso.net/500/7680434?excludes=&oaid=0800f9382a9b4eb4f8d1c10407abae22&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=670&wy=670&ww=1600&wh=1285&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Ftulisone.click%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&btz=Europe%2FBerlin&bto=-120&jsp=1&is_mobile=false&js_build=8&branchId=2410201&sw_version=v1.417.0

Requested by

Host: aistekso.net
URL: https://aistekso.net/400/7680434

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

72ce0a77af39db9a7fef2aa74ec3fb6379fa29017f9c027b9e6d2477ebddaa23

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://tulisone.click/

Response headers

access-control-expose-headers: Link
content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
date: Fri, 18 Oct 2024 02:23:19 GMT
content-type: application/javascript
vary: Origin
strict-transport-security: max-age=1
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
timing-allow-origin: *, *
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
x-trace-id: 713c715f07fc4d772c4971cc612e378f
access-control-allow-origin: https://tulisone.click
server: nginx

OPTIONS
H2 200 7680434
aistekso.net/500/ Frame 0
0 39ms
13ms Preflight 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://tulisone.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://tulisone.click
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Fri, 18 Oct 2024 02:23:19 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H2 200 whob.gif
t7cp4fldl.com/ Frame B258 43 B
650 B 16ms
15ms Image
image/gif 212.117.190.201
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t7cp4fldl.com/whob.gif?z=2020808&pb=1f888d3bad518b762f7b1275320a87981729225398&psp=34ubh_QH9kYDBVfnUMSPSc44Nr_UZIi2t_h29QhAwVQZWcUKaWm7sOMKSy95uxCXZxMnWGWRF4yCNbnBI9albsF64r-OF1YfnIdbSJqqQoNzfdsY0s2PKVR35r3YtV7I6Bl8daqIQEmMwhZWUzGOfVgFvD56zJt7XtC8KHEV2XjglPg9Z9nVM05gF7JkwFI9AeqzqFoCyGXsu_oXvBxeDgRHZRs5bsMLZ0Fm8GPa4wYcOJ9o9R78W7Yy69y3hoL51U-OW6luX1j68BGMr3KwzcAWK4clInqedv_iVG7PqOFxSxHWuzGYsoXwNrT1Ox1wU-EgdEnt3tuyqQ3vDJ-1krcH5fU7ZjjS06U1-pPMk3CetkPlzt0CKryxMNmpc7CzGvV_r2EgwcDQtwEswmHGDfLJBhlUX8NJ3OrsbTM9XzdR-F4ZX4mXLR3u9U2FQBn3vhf4B7MwOzgnMxxcRxWIMmcLxXl7cdY9qApbBDC15J57l6oH-Dx5CoCz1cbUDmdV5e0aYSGY2-bnxLljQjYdnDOzw4vXExElANGAPdfIXWVIr02wKowate7F8qF3-SC-X6ktLiEp4W_pWSEM1BSl7C4Cw5zJTKr6hi9lSsCId9UnN0b54rs=&freq=0&nojs=0&abvar=0&febuild=1.0.364&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&fn=2&es=14&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Linux%20x86_64&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&psu=8jPsM5QaHR0cHM6Ly90dWxpc29uZS5jbGljay8&afid=394801020587008&dl=10&eclog=0&snc=0&ssc=1&vp=0&im=1&cha=&chb=&chbr=&chf=&chm=false&chmd=&chp=&chv=&cs=5&pload=69
Requested by: Host: tulisone.click
URL: https://tulisone.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-route-id: stats.banner.view
content-length: 43
date: Fri, 18 Oct 2024 02:23:19 GMT
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-type: image/gif
timing-allow-origin: *
server: nginx

GET
H2 200 whob.gif
t7cp4fldl.com/ Frame 69A6 43 B
644 B 16ms
16ms Image
image/gif 212.117.190.201
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t7cp4fldl.com/whob.gif?z=2020808&pb=1f888d3bad518b762f7b1275320a87981729225398&psp=mAiUEaACXI6smsUweuIWmdnKYqjqjq_JTtjbzGmpcnoFT70KUJsas7fRelQxUOKb7s4iQ1ZE1bdPpMkyD4NY8pZM5ySqrwNF0E_P2Q4z5Ax73HZFTqssbQRweGJuclvtO9lcP2p3H-vNtaBDxGk3eZEzOSft0yPdMybr4eEjZNEahwBc8hC1VVpUDVK6uMG7W5-1JElT0g00slLk85essGCkzrCMyi1k4JIIPNduM5Knx2ebH_ldc2X2PlcUdqvE1SuvmAri4mMcIHgfPIWhSDzvG0YzxLt891jmzUn54c2uvXTCzxsY5x_yejcpZ4NRD2RdAfgaT15XA2EBlG5_8fX8nIpaNGp7uqnlfaLcpdfjr26ofRMwel9W1IuB-F_MS0I-pPhHBTIid-mMs43XAi15iqiJRNeyWUyeMvpSgMpW_rGWkT0bH1Gqz0SfqXOMLjVQz-1aBa6JJOjphnaYX3P3Q2IJc6_HDy94ySxDp9KkflXylTKTyuPHeR9fLF1KiyH0RIBrkabOYBPwuFw-PmHXR31RE_qxcEBenyAPX0MUpY95U5ah8IP4mMk99kjLz3kEN_bsy7m3cJSEZnwgmuro8TDAxUBaZdT1Y9nQoto-4I5m2GI=&freq=0&nojs=0&abvar=0&febuild=1.0.364&t=0&wcks=1&wgl=1&cnvs=1&os=-120&tz=Europe/Berlin&ss=1&ls=1&bb=0&cti=0&fn=2&es=14&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=de-DE&pf=Linux%20x86_64&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&psu=VERLLXsaHR0cHM6Ly90dWxpc29uZS5jbGljay8&afid=4053975717820928&dl=10&eclog=0&snc=0&ssc=1&vp=0&im=1&cha=&chb=&chbr=&chf=&chm=false&chmd=&chp=&chv=&cs=5&pload=74
Requested by: Host: tulisone.click
URL: https://tulisone.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-route-id: stats.banner.view
content-length: 43
date: Fri, 18 Oct 2024 02:23:19 GMT
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-type: image/gif
timing-allow-origin: *
server: nginx

GET
H3 200 icon-60x60.png
tulisone.click/wp-content/uploads/2023/03/ 1 KB
2 KB 14ms
14ms Other
image/png 2606:4700:3037::6815:2ccb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tulisone.click/wp-content/uploads/2023/03/icon-60x60.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:2ccb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2c93e2bac2686bf37bb25dd34a3933b2389f96a505d225ca97a694ed467ff1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tulisone.click/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"641605b1-5fc"
age: 287782
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pwrcar9%2BJOlmFRebltORHMBAUPwVuOIH8eDi3JSDv38XeMGG5R88JolvRPibv8P%2FMvnTs%2BH2K0U6l2JKd6N%2Bu60i%2BQYDjoFuGDaOxEdZku1Y5D5%2Bd3jPFII2SkAKKkh5r2r5YzOllsvwd2alyA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 13 Nov 2024 18:26:57 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 18 Oct 2024 02:23:19 GMT
content-type: image/png
last-modified: Sat, 18 Mar 2023 18:40:49 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4510d2fffcd350-FRA
server: cloudflare

OPTIONS
H2 200 /
aistekso.net/mtg/ Frame 0
0 12ms
12ms Preflight 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://aistekso.net/mtg/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://tulisone.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://tulisone.click
access-control-max-age: 600
allow: OPTIONS, POST
content-length: 0
date: Fri, 18 Oct 2024 02:23:19 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

POST
H2 200 /
aistekso.net/mtg/ 0
505 B 17ms
15ms Ping
text/plain 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://aistekso.net/mtg/

Requested by

Host: aistekso.net
URL: https://aistekso.net/400/7680434

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/json
Referer: https://tulisone.click/

Response headers

strict-transport-security: max-age=1
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
timing-allow-origin: *, *
access-control-expose-headers: Link
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
x-trace-id: 5421c93f27069432d40a1d1d941a3cc8
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
access-control-allow-origin: https://tulisone.click
content-length: 0
date: Fri, 18 Oct 2024 02:23:19 GMT
vary: Origin
server: nginx

GET
H3 200 68de238c6f7b44b8eef4c9079fad30e1.png
onmanectrictor.com/www/images/ 6 KB
7 KB 510ms
252ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onmanectrictor.com/www/images/68de238c6f7b44b8eef4c9079fad30e1.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19cdbfafb58b56beb740010c03af86e1849aee641648bca8b63e4e58b3a06dbe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tulisone.click/

Response headers

cf-cache-status: HIT
etag: "664de316-19b5"
age: 704
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=piXB3uXPXh94aWwT8UkYOgYas%2FAlZ6%2FAlCaysKnM4n6Emw%2B%2BBUJ1XU%2BsJyK02VRIqwZJThv41PoEFJkkD1SgxaxqCDO%2F720pUy91971gVGE2yYcL46AIvg1TjzKxoy%2FeSihDR0lG8RIPgR3c7dkAPdQ%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 19 Oct 2024 02:11:34 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 18 Oct 2024 02:23:19 GMT
content-type: image/png
last-modified: Wed, 22 May 2024 12:20:38 GMT
vary: Accept-Encoding
cache-control: max-age=86400
timing-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4510d57936af55-NRT
accept-ranges: bytes
content-length: 6581
server: cloudflare

GET
H2 200 xbwGwRoyE-bcx4yy6kpYYrc-9gNtgSAaAnxLF-xs4RvyD1kgB3LyA5NOtandyJ4vQb-ayagBGxaCFU2E79rCSlH3htqBEGCzQ2oCAp9nYaeoSVecs7WIa7mKCfW-R0kIm2lrrQy25skD1KIZckoI2lUUmb3M3ItNm0HVnC3cZ9kJOQXgVEJqxNxU0XgVT-DCTNTOH...
aistekso.net/impression/ 43 B
552 B 16ms
16ms Image
image/gif 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aistekso.net/impression/xbwGwRoyE-bcx4yy6kpYYrc-9gNtgSAaAnxLF-xs4RvyD1kgB3LyA5NOtandyJ4vQb-ayagBGxaCFU2E79rCSlH3htqBEGCzQ2oCAp9nYaeoSVecs7WIa7mKCfW-R0kIm2lrrQy25skD1KIZckoI2lUUmb3M3ItNm0HVnC3cZ9kJOQXgVEJqxNxU0XgVT-DCTNTOHYu1Y3FPtptLkR0Bg1eGiDauEYGvJFl4lNBMhw_aoMh5CqvgnBQU33xbJvMkajfdOIOtaroQYhju3qOA032L9CTDEHre20VzUbDQB23Zmp7ktN2q0ZaY7EASFkdEEiYhcjo4MpUHlCPs07TxYPx23TfolI_5qbnEmi1CS4a7cKGKqCV4WWJOgpWaDHSxBCGhedSsJ4P9SU5s9wDRCJKW2W1_3r4ca49marEIjLYUDQgkZHo6yRK9tGgq2vU19Lp0EEMrr8-vLDiRIguGAGt8nZ9X9Nr8E31hQmHH9sLqWTyycLxVSLvHYunR3qrOk6CYmYakEqOSjAJfIyYmIoWDTb0L2gqx3pTaN-umrs_i-Bg4FZVnjY0DB2KL8Wb35Gw3J16tiElIijw0OWvg4xsAYRYSgnh36N1sQkdI725iqh0bCoAVSuYHmkNZFugcU8zEc0acBUxX5r8u9I5VW0UINAJj_7m7BMI46a-pY9mGgRN3M_aWk0_Dy7Eo4_yId8nKAcm-fqv8sD_c0lsZA-rrGgbr952FMn22m57tOIfBuoFt0yjOMXBLfqbO1BpgQTDkaDr1i7tuH3LU1TYCunl5fn8S3DV_kWgm89o0WAZwhYZXqW_i9Z4-JAnYtyZv0XOBfcXFeO4XyVHRIJA4FLN_o8KGu17iB8Cj_WWpy5A=?_z=7680434&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=670&wy=670&ww=1600&wh=1285&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Ftulisone.click%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&btz=Europe%2FBerlin&bto=-120&jsp=1&is_mobile=false&js_build=8&branchId=2410201&sw_version=v1.417.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://tulisone.click/

Response headers

access-control-expose-headers: Link
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
date: Fri, 18 Oct 2024 02:23:24 GMT
content-type: image/gif
vary: Origin
strict-transport-security: max-age=1
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
timing-allow-origin: *, *
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
x-trace-id: d7e06b8ec5c7a8d0e4430013d0fc3836
access-control-allow-origin: *
content-length: 43
server: nginx

GET
H2 200 css2
fonts.googleapis.com/ Frame 4994 11 KB
1 KB 56ms
35ms Stylesheet
text/css 2a00:1450:4001:831::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700

Requested by

Host: aistekso.net
URL: https://aistekso.net/400/7680434

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

6bb88125bf9791b4f1b29ace16454069152663f037096117fe60858053f9176a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 18 Oct 2024 02:23:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 02:23:24 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 18 Oct 2024 01:17:11 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 68de238c6f7b44b8eef4c9079fad30e1.png
onmanectrictor.com/www/images/ Frame 4994 6 KB
0 0ms
0ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onmanectrictor.com/www/images/68de238c6f7b44b8eef4c9079fad30e1.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19cdbfafb58b56beb740010c03af86e1849aee641648bca8b63e4e58b3a06dbe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status: HIT
etag: "664de316-19b5"
age: 704
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=piXB3uXPXh94aWwT8UkYOgYas%2FAlZ6%2FAlCaysKnM4n6Emw%2B%2BBUJ1XU%2BsJyK02VRIqwZJThv41PoEFJkkD1SgxaxqCDO%2F720pUy91971gVGE2yYcL46AIvg1TjzKxoy%2FeSihDR0lG8RIPgR3c7dkAPdQ%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 19 Oct 2024 02:11:34 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 18 Oct 2024 02:23:19 GMT
content-type: image/png
last-modified: Wed, 22 May 2024 12:20:38 GMT
vary: Accept-Encoding
cache-control: max-age=86400
timing-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4510d57936af55-NRT
accept-ranges: bytes
content-length: 6581
server: cloudflare

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ Frame 4994 18 KB
18 KB 33ms
7ms Font
font/woff2 2a00:1450:4001:810::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://tulisone.click
Referer: https://fonts.googleapis.com/

Response headers

age: 261639
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 15 Oct 2025 01:42:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 01:42:45 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ Frame 4994 18 KB
18 KB 37ms
11ms Font
font/woff2 2a00:1450:4001:810::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://tulisone.click
Referer: https://fonts.googleapis.com/

Response headers

age: 219882
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 15 Oct 2025 13:18:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 13:18:42 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tulisone.click
URL: blob:https://tulisone.click/3a358466-c993-446e-971f-3a182f33842e

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tulisone.click/	1970-01-21 09:54:48	Name: UGVyc2lzdFN0b3JhZ2U Value: %7B%7D
t7cp4fldl.com/	1970-01-21 00:20:21	Name: cart Value: 1
t7cp4fldl.com/	1970-01-21 00:20:21	Name: cart_p Value: 2
t7cp4fldl.com/	1970-01-21 09:54:51	Name: CHCK Value: 1
t7cp4fldl.com/	1970-01-21 09:54:51	Name: UID Value: 24101721232d9c5032d690491b93b1ead8aa
tulisone.click/	1969-12-31 23:59:59	Name: bnState_2020808 Value: {"impressions":2,"delayStarted":0}
tulisone.click/	1969-12-31 23:59:59	Name: bnState_2020809 Value: {"impressions":1,"delayStarted":0}
my.rtmark.net/	1970-01-21 09:05:54	Name: ID Value: 0800f9382a9b4eb4f8d1c10407abae22
aistekso.net/	1970-01-21 09:05:54	Name: OAID Value: 0800f9382a9b4eb4f8d1c10407abae22
t7cp4fldl.com/	1970-01-21 01:03:30	Name: CRICAP Value: mjf8VQAAAAAAAAAB
t7cp4fldl.com/	1970-01-21 01:03:30	Name: CRIBLOCK Value: mjf8VQAAAABnEcEg

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://t7cp4fldl.com/lv/esnk/2020808/code.js(Line 16) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://t7cp4fldl.com/lv/esnk/2020808/code.js(Line 16) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://t7cp4fldl.com/lv/esnk/2020809/code.js(Line 16) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
aistekso.net
cdn.bncloudfl.com
coosync.com
fleraprt.com
fonts.googleapis.com
fonts.gstatic.com
my.rtmark.net
onmanectrictor.com
t7cp4fldl.com
tulisone.click
tzegilo.com
tulisone.click
139.45.195.254
139.45.195.8
139.45.197.244
148.251.53.118
212.117.190.201
212.117.190.217
2606:4700:3033::6815:bf5
2606:4700:3037::6815:233e
2606:4700:3037::6815:2ccb
2a00:1450:4001:810::2003
2a00:1450:4001:831::200a
2a06:98c1:3121::3
0d4ccdb61fb27f34a2eb755463215c47acebc9ef0783264444fea77972b9f29d
0e04cfbe84824669f8fce771acc0de5ff64f773c588d831e2782a4b4656a9667
163c271207084e2fc0d10c18dc4eaef5883a3f0947147d0755b8cf7ab0834d8b
19cdbfafb58b56beb740010c03af86e1849aee641648bca8b63e4e58b3a06dbe
1d8a420ba91b326b2f7ccad60f3f84a7c297c8eea761a86e3614caa975df4d74
36b92415e51bccb974a8b2870d70b5b86072b23e17ad6856eb88b029113b4102
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
46c76cea8a9c1c2d1d188a1aa96f8441fb346318645dc037bd1dc1f1f215161f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4fee68a5a352443c68740b81eeb7a21953baef90118718014edc5b878217dd1a
6a9a5a92e2847c1da4d12e7697019c19e8ff7ce715f8bc2748da0d39f0ffb60a
6bb88125bf9791b4f1b29ace16454069152663f037096117fe60858053f9176a
6c8bc8cba19cef9f0c31425e33a6cd0a10ba75a23b673ea94d835d4ac3509fe4
7058d5808762e3f2f31a66470ab1302d8483a47a8eec9d030b29470c11ea4f50
72ce0a77af39db9a7fef2aa74ec3fb6379fa29017f9c027b9e6d2477ebddaa23
75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2
76263e672565bdd9a198590e46c046734c7a0a82d31ca600fe27f31899be0346
79d352f43504e5c45ce3ae7de683c42020b83d2ce336f36d6c061e2d55cca398
8762176523e67bffbdb848407ebe023aa0880122117758e6cb4f7267b0cd03cb
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
a83387259b3692c11920095e84a5eed0886d67203991f7d8115cfe0dd1723773
acd7de4a35d36b1ca87cb5a2228e4ea3fd39e91a4df344058055ad4b233fd423
b181f4bfb6681cf6bfd3a459143a6813e2d07e7c3772c54ef41017500cf46b8d
b326790c090962d34a5d257dea0f73d4c033e517cd7dccd1e453715e661a01e2
b3d5ed481790a54c11ed1efb9171c75dbea46f0662600fc10654754787858025
c1111c23ead2824e0beb40e2c20be36d4aae2e213375e55c6987c61889c3ad5b
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
dfa6d59d57e3b6ae87dfa5ce893036f4255a2b9d9dcc56898b41ee1091a2ca97
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9f04cba7536c674dc8e7970dd83b739fda57c706d088af3f14902d85f3cffe2
f2c93e2bac2686bf37bb25dd34a3933b2389f96a505d225ca97a694ed467ff1a
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

tulisone.click Open in urlscan Pro 2606:4700:3037::6815:2ccb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

49 Requests

98 %HTTPS

50 %IPv6

12 Domains

12 Subdomains

12 IPs

4 Countries

429 kBTransfer

880 kBSize

11 Cookies

0 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tulisone.click Open in urlscan Pro
2606:4700:3037::6815:2ccb Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

98 %
HTTPS

50 %
IPv6

12
Domains

12
Subdomains

12
IPs

4
Countries

429 kB
Transfer

880 kB
Size

11
Cookies

49 HTTP transactions
0 data transactions