downscrs.xyz Open in urlscan Pro
2606:4700:e6::ac40:c504 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://downscrs.xyz/?p=61527
Submission: On January 07 via manual (January 7th 2022, 6:30:12 am UTC) from IN — Scanned from DE

Summary HTTP 53 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 17 domains to perform 53 HTTP transactions. The main IP is 2606:4700:e6::ac40:c504, located in United States and belongs to CLOUDFLARENET, US. The main domain is downscrs.xyz.
TLS certificate: Issued by R3 on December 29th 2021. Valid for: 3 months.

This is the only time downscrs.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700:e6:... 2606:4700:e6::ac40:c504	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
8	2606:4700:303... 2606:4700:3033::ac43:bc88	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	139.45.197.237 139.45.197.237	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3037::6815:293c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	139.45.197.241 139.45.197.241	9002 (RETN-AS) (RETN-AS)
2	139.45.197.250 139.45.197.250	9002 (RETN-AS) (RETN-AS)
3	139.45.197.236 139.45.197.236	9002 (RETN-AS) (RETN-AS)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	2606:4700:303... 2606:4700:3037::ac43:8e31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	139.45.197.188 139.45.197.188	9002 (RETN-AS) (RETN-AS)
1	130.211.31.231 130.211.31.231	15169 (GOOGLE) (GOOGLE)
1 5	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
53	15

6 2606:4700:e6::ac40:c504 (United States)

ASN13335 (CLOUDFLARENET, US)

downscrs.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

urgesick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3033::ac43:bc88 (United States)

ASN13335 (CLOUDFLARENET, US)

streamtape.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)

offfurreton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
betotodilea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:293c (United States)

ASN13335 (CLOUDFLARENET, US)

superonclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 139.45.197.241 (United Kingdom)

ASN9002 (RETN-AS, GB)

cdn.itphanpytor.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)

pushagim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.236 (United Kingdom)

ASN9002 (RETN-AS, GB)

cdn.itskiddoan.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:8e31 (United States)

ASN13335 (CLOUDFLARENET, US)

ufpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.188 (United Kingdom)

ASN9002 (RETN-AS, GB)

static.cdnativepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.31.231 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 231.31.211.130.bc.googleusercontent.com

discovernative.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	itphanpytor.club cdn.itphanpytor.club — Cisco Umbrella Rank: 39775	131 KB
8	streamtape.to streamtape.to	122 KB
6	offfurreton.com offfurreton.com — Cisco Umbrella Rank: 161513	33 KB
6	downscrs.xyz downscrs.xyz	55 KB
4	yandex.com 1 redirects mc.yandex.com — Cisco Umbrella Rank: 29691	2 KB
3	cdnativepush.com static.cdnativepush.com — Cisco Umbrella Rank: 21966	61 KB
3	itskiddoan.club cdn.itskiddoan.club — Cisco Umbrella Rank: 24985	5 KB
3	betotodilea.com betotodilea.com — Cisco Umbrella Rank: 89208	30 KB
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 10218	1 KB
2	pushagim.com pushagim.com — Cisco Umbrella Rank: 139537	23 KB
2	superonclick.com superonclick.com — Cisco Umbrella Rank: 150084	6 KB
1	yandex.ru mc.yandex.ru — Cisco Umbrella Rank: 3317	66 KB
1	discovernative.com discovernative.com — Cisco Umbrella Rank: 167609	71 B
1	ufpcdn.com ufpcdn.com — Cisco Umbrella Rank: 100451	2 KB
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 44	5 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 94	51 KB
1	urgesick.com urgesick.com
53	17

	Domain	Requested by
9	cdn.itphanpytor.club	offfurreton.com betotodilea.com cdn.itphanpytor.club
8	streamtape.to	downscrs.xyz streamtape.to
6	offfurreton.com	streamtape.to offfurreton.com downscrs.xyz
6	downscrs.xyz	downscrs.xyz
4	mc.yandex.com	1 redirects streamtape.to mc.yandex.ru
3	static.cdnativepush.com	downscrs.xyz offfurreton.com
3	cdn.itskiddoan.club	betotodilea.com cdn.itphanpytor.club
3	betotodilea.com	streamtape.to betotodilea.com
2	my.rtmark.net	pushagim.com offfurreton.com
2	pushagim.com	offfurreton.com pushagim.com
2	superonclick.com	downscrs.xyz
1	mc.yandex.ru	streamtape.to
1	discovernative.com	downscrs.xyz
1	ufpcdn.com	superonclick.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	pagead2.googlesyndication.com	downscrs.xyz
1	urgesick.com	downscrs.xyz
53	17

This site contains links to these domains. Also see Links.

Domain
discovernative.com

Subject Issuer	Validity	Valid
*.downscrs.xyz R3	`2021-12-29` - `2022-03-29`	3 months	crt.sh
urgesick.com R3	`2021-12-25` - `2022-03-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-31` - `2022-10-30`	a year	crt.sh
offfurreton.com R3	`2021-12-19` - `2022-03-19`	3 months	crt.sh
betotodilea.com R3	`2022-01-03` - `2022-04-03`	3 months	crt.sh
itphanpytor.club R3	`2021-12-22` - `2022-03-22`	3 months	crt.sh
pushagim.com R3	`2021-12-15` - `2022-03-15`	3 months	crt.sh
cdn.itskiddoan.club Sectigo RSA Domain Validation Secure Server CA	`2021-10-04` - `2022-10-04`	a year	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-20` - `2022-11-26`	a year	crt.sh
cdnativepush.com R3	`2021-12-21` - `2022-03-21`	3 months	crt.sh
discovernative.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-04` - `2022-03-04`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh

This page contains 4 frames:

Primary Page: https://downscrs.xyz/?p=61527
Frame ID: 5A7E2340EFA1CA56D4E2AA3E4BBE5903
Requests: 11 HTTP requests in this frame

Frame: https://streamtape.to/blocked
Frame ID: 0411EC4D0175807D8E52ADF4C6AAF455
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20190131/zrt_lookup.html
Frame ID: EC4E5A1F8CE373B5FDB259E8B5A89301
Requests: 1 HTTP requests in this frame

Frame: https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: E60CF1A4B91C70F7D6926A5FACBCDD3C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rehdtel…. embed source mixdrop | Embed Streaming Videos

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

98 %
HTTPS

47 %
IPv6

17
Domains

17
Subdomains

15
IPs

4
Countries

591 kB
Transfer

1550 kB
Size

20
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://discovernative.com/al/visit.php?al=1,7

Search URL Search Domain Scan URL

URL: https://discovernative.com/al/visit.php?al=1,4

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://mc.yandex.com/watch/61426822?wmode=7&page-url=https%3A%2F%2Fstreamtape.to%2Fblocked&page-ref=https%3A%2F%2Fstreamtape.to%2Fe%2FOr1pW6wZJvf7BZ%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A174%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A967475780994%3Ahid%3A1032735971%3Az%3A0%3Ai%3A20220107063008%3Aet%3A1641537009%3Ac%3A1%3Arn%3A347377689%3Arqn%3A1%3Au%3A1641537009784104719%3Aw%3A980x490%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1641537008454%3Ads%3A0%2C0%2C76%2C1%2C0%2C0%2C%2C76%2C0%2C%2C%2C%2C158%3Adsn%3A0%2C0%2C76%2C1%2C0%2C0%2C%2C80%2C0%2C%2C%2C%2C158%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1641537009%3At%3A&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/61426822/1?wmode=7&page-url=https%3A%2F%2Fstreamtape.to%2Fblocked&page-ref=https%3A%2F%2Fstreamtape.to%2Fe%2FOr1pW6wZJvf7BZ%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A174%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A967475780994%3Ahid%3A1032735971%3Az%3A0%3Ai%3A20220107063008%3Aet%3A1641537009%3Ac%3A1%3Arn%3A347377689%3Arqn%3A1%3Au%3A1641537009784104719%3Aw%3A980x490%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1641537008454%3Ads%3A0%2C0%2C76%2C1%2C0%2C0%2C%2C76%2C0%2C%2C%2C%2C158%3Adsn%3A0%2C0%2C76%2C1%2C0%2C0%2C%2C80%2C0%2C%2C%2C%2C158%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1641537009%3At%3A&t=gdpr%2814%29aw%281%29ti%282%29

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
downscrs.xyz/ 9 KB
4 KB 100ms
66ms Document
text/html 2606:4700:e6::ac40:c504
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://downscrs.xyz/?p=61527
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c504 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9d0a508ef216388cf226d05b3389e5b34e0178f0989250492fe135662607aa5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 07 Jan 2022 06:30:07 GMT
content-type: text/html; charset=UTF-8
x-pingback: http://downscrs.xyz/xmlrpc.php
link: <http://downscrs.xyz/index.php?rest_route=/>; rel="https://api.w.org/", <http://downscrs.xyz/index.php?rest_route=/wp/v2/posts/61527>; rel="alternate"; type="application/json", <http://downscrs.xyz/?p=61527>; rel=shortlink
x-microcachable: 0
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2B8%2FeMrODor1naEGqEm40hbZaprkv05%2F1l6kl%2BiRAEKoh51SJ2gRm5s5aj5VOtXMnlN7eyrJrdYQ3NYznMakJ3a2OPE6XsGumPQrtYcvq8A2ucGFQ5zWdAONZ%2FfNb4KbWmQkqzebuye9qU0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6c9b22b6da2f2bca-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style.min.css
downscrs.xyz/wp-includes/css/dist/block-library/ 79 KB
11 KB 45ms
44ms Stylesheet
text/css 2606:4700:e6::ac40:c504
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://downscrs.xyz/wp-includes/css/dist/block-library/style.min.css?ver=5.8.2
Requested by: Host: downscrs.xyz
URL: https://downscrs.xyz/?p=61527
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c504 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downscrs.xyz/?p=61527
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 06:30:07 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Mon, 20 Sep 2021 08:43:40 GMT
server: cloudflare
x-microcachable: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NRxkDESfKuQ3S%2BV3iojtjyv92RgvOILzCclYV3NvQhJ7msoENI2arkcGi6z7oGQ8BgIQRasvRqIqzKmKQhgdLZApLtZsh5fkJR2qgHOb7fIYozxvPvIW%2Ff95GYFyQ4Xqr%2Bo5%2FQJRRd6HjZ8%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c9b22b76b6c2bca-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style.css
downscrs.xyz/wp-content/themes/ivideo/ 2 KB
1 KB 42ms
41ms Stylesheet
text/css 2606:4700:e6::ac40:c504
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://downscrs.xyz/wp-content/themes/ivideo/style.css?ver=5.8.2
Requested by: Host: downscrs.xyz
URL: https://downscrs.xyz/?p=61527
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c504 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb22ff6d3ebaa2ec79921696a704f2126bb7c5c5e52537dfb3b2e00e3ee34a63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downscrs.xyz/?p=61527
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 06:30:07 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Mon, 20 Sep 2021 08:40:55 GMT
server: cloudflare
x-microcachable: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TDC3wVQPMtqyUkHnzTCaVfoOAWGE465aqBIA%2BpaVdnUd4PBJBPLMvRl09LCFYHnR52uac9oNPY4g5u4daolStBygFPB47nvdpVAC%2BIAYBJA5cG8XzMfbJZN6eIwBjBtYgxSwZYOULKfXg0Y%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c9b22b76b6d2bca-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 invisible.js Show response
downscrs.xyz/cdn-cgi/challenge-platform/h/g/scripts/ 42 KB
15 KB 42ms
42ms Script
text/javascript 2606:4700:e6::ac40:c504
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://downscrs.xyz/cdn-cgi/challenge-platform/h/g/scripts/invisible.js
Requested by: Host: downscrs.xyz
URL: https://downscrs.xyz/?p=61527
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c504 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e9439ee3b44a1514f397a9ba75c7d35c39b5a28bb23af8461ae0b5755c4433d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downscrs.xyz/?p=61527
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 06:30:07 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rEhFelTJHKCV5qdYpL5UZzBTslURJ424%2B3Qw2sfY6wUDFCeiHK43Ar9A5lXHYmt%2BkuDaq2oT771ggVyfKDjaZHCvu4%2B%2FE%2BulJt%2BJjgFV0KY3%2Fhn%2Fugefsz5G2M6PEDA0%2BVjR5lp6NRw7hc0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 6c9b22b76b6f2bca-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 wp-embed.min.js Show response
downscrs.xyz/wp-includes/js/ 1 KB
1 KB 27ms
26ms Script
application/javascript 2606:4700:e6::ac40:c504
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://downscrs.xyz/wp-includes/js/wp-embed.min.js?ver=5.8.2
Requested by: Host: downscrs.xyz
URL: https://downscrs.xyz/?p=61527
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c504 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downscrs.xyz/?p=61527
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 06:30:07 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 29 Apr 2021 17:06:39 GMT
server: cloudflare
x-microcachable: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQVjT9LSw7eGveP5rech8JnGHDWDafZrjvZxFU2mRW6Mo5y6qe6BI8dp8UMAlwg%2FcH%2B4Vm4jkd1tbo1zFb6vckRn1hwYPSW4LAeLH4kXmgLY%2F7tckOJLF0psEHsYb49whHWPw4xjA8jRuwg%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c9b22b76b6e2bca-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 403 68881dd8b72caf0194422455d0b10d44.js
urgesick.com/68/88/1d/ 0
0 1003ms
130ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://urgesick.com/68/88/1d/68881dd8b72caf0194422455d0b10d44.js
Requested by: Host: downscrs.xyz
URL: https://downscrs.xyz/?p=61527
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downscrs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 07 Jan 2022 06:30:08 GMT
server: nginx/1.17.6
content-type: application/javascript
content-length: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 151ms
61ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: downscrs.xyz
URL: https://downscrs.xyz/?p=61527

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce18071d0330e062b11a77c9642cce3db3858e6646738b4b71e46f1e1d74c8ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downscrs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 06:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51798
x-xss-protection: 0
server: cafe
etag: 10827832173659444370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 07 Jan 2022 06:30:07 GMT

GET
H2 200 white_sand.png
downscrs.xyz/wp-content/themes/ivideo/images/ 21 KB
22 KB 37ms
36ms Image
image/png 2606:4700:e6::ac40:c504
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://downscrs.xyz/wp-content/themes/ivideo/images/white_sand.png
Requested by: Host: downscrs.xyz
URL: https://downscrs.xyz/wp-content/themes/ivideo/style.css?ver=5.8.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c504 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10055ac3c9d72bba0edcf7813858f543e085183da9a554fe1cded14a7dc1b00f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downscrs.xyz/wp-content/themes/ivideo/style.css?ver=5.8.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 06:30:07 GMT
cf-cache-status: BYPASS
last-modified: Mon, 20 Jul 2015 14:56:46 GMT
server: cloudflare
x-microcachable: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojD55SthQmbP4cZx2ZmsK8kOPt0Ei42BKok5JO0GGuaQonXpGEQKsExJvLDEkXJ5N7lFwneNwnHKz3hlU9U9Cc7adCzbaTfFXSjjN6IoJb05hd3uXeaIHhZ3P9sa80i26btMRFD3XHst5lQ%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c9b22b7bbda2bca-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21591

GET
H2 404 / Show response
streamtape.to/e/Or1pW6wZJvf7BZ/ Frame 0411 94 KB
30 KB 108ms
78ms Document
text/html 2606:4700:3033::ac43:bc88
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streamtape.to/e/Or1pW6wZJvf7BZ/
Requested by: Host: downscrs.xyz
URL: https://downscrs.xyz/?p=61527
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94e9c32efd05d001129bc80f2475e1bac5e6ff0d8d81f711472183218661eea9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://downscrs.xyz/

Response headers

date: Fri, 07 Jan 2022 06:30:07 GMT
content-type: text/html; charset=UTF-8
cache-control: private
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YB%2B%2BCE5LpO0J%2BJyqBVYlAFHe1RYjSHp4xB9wNFa1lGxNzUI2nGJCZ4brEbriqjH6K3iy%2BBDu9aNDfoph%2Fcu9KC83KNw9y%2Ft%2BjkJKTMmavS6gW5xS78FGyjVCgiyILx56RDI0r13hWu74r4WW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6c9b22b7f9305b7a-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
streamtape.to/js/ Frame 0411 86 KB
31 KB 20ms
19ms Script
application/javascript 2606:4700:3033::ac43:bc88
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streamtape.to/js/jquery.min.js
Requested by: Host: streamtape.to
URL: https://streamtape.to/e/Or1pW6wZJvf7BZ/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://streamtape.to/e/Or1pW6wZJvf7BZ/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 06:30:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Dec 2020 18:16:59 GMT
server: cloudflare
age: 2615
etag: W/"5fc6889b-15851"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2FRNbe85f4pQ57F%2Bb6k9TZogFBFvl2bt%2B78aut9y4GXGRgCRDJhZbJwIK9YZWPv1YqmifrQ3U1bRTrh9WNlnK%2FzQEmX5h%2B26nQVbS8hCqwqAzsUA8QZgitCwnrhdnSFP4c4vHnPe17hbTasR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=28800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c9b22b88a3b5b7a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 player3.css
streamtape.to/scss/ Frame 0411 31 KB
6 KB 19ms
19ms Stylesheet
text/css 2606:4700:3033::ac43:bc88
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streamtape.to/scss/player3.css
Requested by: Host: streamtape.to
URL: https://streamtape.to/e/Or1pW6wZJvf7BZ/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea0946f40ecdf9c3d9116352371c651fa24a45c4d9e75029bb5d66cf5553547f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://streamtape.to/e/Or1pW6wZJvf7BZ/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 06:30:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 13 Dec 2020 16:27:48 GMT
server: cloudflare
age: 6540
etag: W/"5fd64104-7afc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hWExmxDWYr5vXOjgONUjJ%2FGadOfm%2BeN9R2aSmB5bVegI0YnKtOw78l2sdmLNQBOkUHRRRal0fG02RKHbGH9Udo4qhP5ZzQEURU826mTZzwwJm6nIlp9MC5rLKBl%2F2gTdPeN%2FFxdUYWFe%2BeWv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=28800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c9b22b88a3e5b7a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 ad.js Show response
streamtape.to/ Frame 0411 20 B
404 B 13ms
13ms Script
application/javascript 2606:4700:3033::ac43:bc88
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streamtape.to/ad.js
Requested by: Host: streamtape.to
URL: https://streamtape.to/e/Or1pW6wZJvf7BZ/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8964d85afd6d5d84b97872464646809c952ab900cdf5c5d7c3b7b4bdb74202fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://streamtape.to/e/Or1pW6wZJvf7BZ/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 06:30:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1698
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20
last-modified: Thu, 20 Aug 2020 18:55:14 GMT
server: cloudflare
etag: "5f3ec712-14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9aZuA%2FV6BvMUCDNXEgeCYcbvC%2FDwMtiHig2g%2Fdg12wwmjJ0OCanCHVC1gnHACZkTO34UHbjVQi3yGL2hFwI0hBRXHyG30aC1h6hEgqj51cTy5IWthO8C60lGI5ckGmdzWaX%2BrCaS64qE8m%2FD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 6c9b22b88a405b7a-FRA

GET
H2 200 ppmain.js Show response
streamtape.to/ Frame 0411 59 KB
18 KB 16ms
16ms Script
application/javascript 2606:4700:3033::ac43:bc88
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streamtape.to/ppmain.js
Requested by: Host: streamtape.to
URL: https://streamtape.to/e/Or1pW6wZJvf7BZ/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cc590d3ea853ec1ad45fe19cad2ac7bef1bf04e4b5747712767efee5454337a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://streamtape.to/e/Or1pW6wZJvf7BZ/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 06:30:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Sep 2021 13:34:11 GMT
server: cloudflare
age: 2210
etag: W/"61488dd3-eaab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1qpoaP544jkkWq3x1k4pPgUQUyt9m799i4SMagiHYUlhNiMnN5TpM5VdcJxlcfrq2KWZ%2F2cvugO5xqwJPdFZcLmCM%2Flx3ffuW2QtIM8pMljLZF90A3m7F6NEGtNYk55ZXTvLO0fUGI59KKq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=28800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c9b22b88a445b7a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 player.svg
streamtape.to/ Frame 0411 5 KB
3 KB 16ms
16ms Other
image/svg+xml 2606:4700:3033::ac43:bc88
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streamtape.to/player.svg
Requested by: Host: streamtape.to
URL: https://streamtape.to/e/Or1pW6wZJvf7BZ/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b0a89316b4c4edfcaecd47b2cd0a992c29219a6bf57a9f6dcda37a3f037a02e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://streamtape.to/e/Or1pW6wZJvf7BZ/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 06:30:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Aug 2020 18:55:14 GMT
server: cloudflare
age: 1698
etag: W/"5f3ec712-15ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XI%2BVOJ4wVKcRCdAcUi4wnIawhLPF91j%2B%2FpwK1etvNEHUIVZh619mlD2Zj1cS8OHPs5XVb6YopVMHrqttblFEyPBHylibjmiAuY3B8ll0dgjRYk3wRi6jdkk2hEtVMPgenWvx2m%2Fc4vPJbYAp"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=28800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c9b22b8c8bb8beb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 3395407 Show response
offfurreton.com/400/ Frame 0411 70 KB
27 KB 78ms
30ms Script
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://offfurreton.com/400/3395407

Requested by

Host: streamtape.to
URL: https://streamtape.to/e/Or1pW6wZJvf7BZ/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

55cd989e2cf4c8802e9fe793c3317a6999ffbe83744edaf4295cf72470eb3478

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://streamtape.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-trace-id: ff3b0c9800aa35f142ae09b0fe476d99
pragma: no-cache
date: Fri, 07 Jan 2022 06:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 4167545 Show response
betotodilea.com/400/ Frame 0411 70 KB
27 KB 82ms
34ms Script
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://betotodilea.com/400/4167545

Requested by

Host: streamtape.to
URL: https://streamtape.to/ppmain.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e4bc5cc8616d240b02eece346b06d18fb279042a48323ec6a24be379de2ac840

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://streamtape.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-trace-id: 2d03b71b714135f20cbb87e11c827302
pragma: no-cache
date: Fri, 07 Jan 2022 06:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220104/r20190131/ Frame EC4E 11 KB
5 KB 130ms
41ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220104/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73271f83e0d89e09da51434a964dde15ced7b91331f3b96357eb05ee81a85567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://downscrs.xyz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 06 Jan 2022 16:07:35 GMT
expires: Thu, 20 Jan 2022 16:07:35 GMT
content-type: text/html; charset=UTF-8
etag: 2196020943555189384
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4873
x-xss-protection: 0
age: 51752
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 native_render.js Show response
superonclick.com/script/ 4 KB
3 KB 40ms
14ms Script
application/javascript 2606:4700:3037::6815:293c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://superonclick.com/script/native_render.js
Requested by: Host: downscrs.xyz
URL: https://downscrs.xyz/?p=61527
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downscrs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=rXethw==, md5=i4AdaMb2P574qaeqSEucdQ==
date: Fri, 07 Jan 2022 06:30:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2283
x-guploader-uploadid: ADPycdvoa8H_yL7lng1wpll3kZDUKdtyrMQHUfofmTSSw4FbaYvV70MglspfwFyZCZ1GC86N3MmGDqxEUa_j862MIEp3TxS09Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 13 Feb 2019 10:15:50 GMT
server: cloudflare
etag: W/"8b801d68c6f63f9ef8a9a7aa484b9c75"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fyGsl9bep70uulOBNG2h7loxlW6aPGyeck2hKcjK72vYiFLn8siiX5h%2FmOdCjwnjHUc3FtljW4pIX6IzXtlfKN2cShrRyldD80Lt%2BIDbMfzIdgD%2FVdHDqtHXya1UJp%2BY9NOXmeW3z5ScihOhk2bH"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1550052950916101
access-control-allow-origin: *
content-type: application/javascript
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
x-goog-stored-content-length: 4285
cf-ray: 6c9b22b98faf4a6d-FRA
expires: Fri, 07 Jan 2022 06:22:56 GMT

GET
H2 200 native_server.js Show response
superonclick.com/script/ 9 KB
3 KB 43ms
17ms Script
application/javascript 2606:4700:3037::6815:293c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://superonclick.com/script/native_server.js
Requested by: Host: downscrs.xyz
URL: https://downscrs.xyz/?p=61527
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downscrs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=RAjq/g==, md5=Udh+nr2DH8yragFgeaYHkw==
date: Fri, 07 Jan 2022 06:30:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2286
x-guploader-uploadid: ADPycdt9-0Neg4qFlc1_qS1vxIkTfSADI55e8o4DTVjsirsAtnZdG2zERZgfrvWjZCvKfo0PVKip84u1VR0PJqBrt3wCn5XggA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 13 Feb 2019 10:15:52 GMT
server: cloudflare
etag: W/"51d87e9ebd831fccab6a016079a60793"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lpoRJzHt5IbcJD6Z66q01jGBFJk51CloRoxu3kW13hLNwT7zMwdO35H%2B4PhWph5k2FXtidzNfyR%2ByKaWurDGZtG8Ayhj4BMjtn7JhxpexJyq1D8v3mRjcMHsY7cxB4dYjqdp%2BnEkYm5GJTwGgYxj"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1550052952705094
access-control-allow-origin: *
content-type: application/javascript
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
x-goog-stored-content-length: 9260
cf-ray: 6c9b22b98fb14a6d-FRA
expires: Fri, 07 Jan 2022 06:01:30 GMT

GET
H2 200 1 Show response
cdn.itphanpytor.club/ Frame 0411 5 KB
3 KB 65ms
15ms Script
text/javascript 139.45.197.241
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.itphanpytor.club/1?z=3634077
Requested by: Host: offfurreton.com
URL: https://offfurreton.com/400/3395407
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.241 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6b5d20c4a79f6a6eb4c0c6872c3731d0da6eff8c0f5c222651a98e764db1962e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://streamtape.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-trace-id: 355fdef47f3e75a1840d32345243dd27
pragma: no-cache
date: Fri, 07 Jan 2022 06:30:07 GMT
content-encoding: gzip
x-sc: u4fqj6bNA1WFo28Swy_m43kmlNHVcPOSUMeqD1E697lrCBQQ3flGO3p6eGiHfI1GBOxfMF_6s4SlqBdk-D0KlbC0gW0=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 extra.min.js Show response
pushagim.com/pfe/current/ Frame 0411 60 KB
22 KB 74ms
12ms Script
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pushagim.com/pfe/current/extra.min.js?z=3682798
Requested by: Host: offfurreton.com
URL: https://offfurreton.com/400/3395407
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: c9c1d4114b9db8e4879bb72d132aab3104462bd6d8ab1344a33d8446e1da1cdf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://streamtape.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jan 2022 06:30:07 GMT
content-encoding: gzip
last-modified: Tue, 21 Dec 2021 09:37:58 GMT
server: nginx
etag: W/"61c1a076-f1eb"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 apu.php Show response
cdn.itskiddoan.club/ Frame 0411 968 B
2 KB 53ms
15ms Script
application/javascript 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.itskiddoan.club/apu.php?zoneid=4277954

Requested by

Host: betotodilea.com
URL: https://betotodilea.com/400/4167545

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d7b8a309cbf1eb2136a1cc5792fb620ee0ab4718b71de4338ca3dedba6578989

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://streamtape.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 06:30:07 GMT
x-content-type-options: nosniff
access-control-max-age: 86400
content-length: 968
x-trace-id: 77cc21b3185b8d31fb433e5a2a4b28d7
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 1 Show response
cdn.itphanpytor.club/ Frame 0411 5 KB
3 KB 25ms
14ms Script
text/javascript 139.45.197.241
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.itphanpytor.club/1?z=4282425
Requested by: Host: betotodilea.com
URL: https://betotodilea.com/400/4167545
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.241 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 933390dcdc0a449ff4c060850f57068a6c9ab70371d9f8c1c0e4fe608e8e00be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://streamtape.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-trace-id: f2645d889627e20ccdd9e611865e7d31
pragma: no-cache
date: Fri, 07 Jan 2022 06:30:07 GMT
content-encoding: gzip
x-sc: 38NjZobPAZ6fK4u8Jm9Tlx-LE46j8Ohq_5Jy34ItPnvJmUNYGAQGTFU9ZLUkFi_TEG0j9As3APCPEdk0hsuRe0y37Ro=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 27c03f0fa2d4e3f08359be655ccb85fe Show response
cdn.itphanpytor.club/27/ Frame 0411 381 KB
122 KB 21ms
21ms Script
application/javascript 139.45.197.241
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.itphanpytor.club/27/27c03f0fa2d4e3f08359be655ccb85fe

Requested by

Host: cdn.itphanpytor.club
URL: https://cdn.itphanpytor.club/1?z=4282425

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.241 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

845f3bd26c45d4513054f9f1a9da06bfb0f3d2ebdf3feb3f346ef698f9577297

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://streamtape.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 06:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Dec 2021 05:23:46 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
cache-control: max-age:290304000, public
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Thu, 22 Jan 2082 05:23:46 GMT

GET
H2 200 apu.php Show response
cdn.itskiddoan.club/ Frame 0411 968 B
2 KB 22ms
15ms Script
application/javascript 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.itskiddoan.club/apu.php?zoneid=4680843

Requested by

Host: cdn.itphanpytor.club
URL: https://cdn.itphanpytor.club/1?z=4282425

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

c21f4718c3a95b7ecdf8ef4211986cb3741b5277ff54218400d6d4b5f52285e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://streamtape.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 06:30:07 GMT
x-content-type-options: nosniff
access-control-max-age: 86400
content-length: 968
x-trace-id: ea6d027461af4a4d29c98a398727f841
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 38 Show response
cdn.itphanpytor.club/42/ Frame 0411 0
528 B 46ms
45ms Script
text/plain 139.45.197.241
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.itphanpytor.club/42/38?z=4282425
Requested by: Host: cdn.itphanpytor.club
URL: https://cdn.itphanpytor.club/1?z=4282425
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.241 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://streamtape.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-trace-id: 2dd23f49b985deef37ebcdacefa91fbb
pragma: no-cache
date: Fri, 07 Jan 2022 06:30:07 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 apu.php Show response
cdn.itskiddoan.club/ Frame 0411 968 B
2 KB 20ms
16ms Script
application/javascript 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.itskiddoan.club/apu.php?zoneid=4680832

Requested by

Host: cdn.itphanpytor.club
URL: https://cdn.itphanpytor.club/1?z=3634077

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

23cd56eab7b6e6beac0e9755818d921eb39788da2309804e8b72ec67c5ce783e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://streamtape.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 06:30:07 GMT
x-content-type-options: nosniff
access-control-max-age: 86400
content-length: 968
x-trace-id: 37d73aff086fea4507c1f13bf0b79c91
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 38 Show response
cdn.itphanpytor.club/42/ Frame 0411 0
528 B 43ms
42ms Script
text/plain 139.45.197.241
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.itphanpytor.club/42/38?z=3634077
Requested by: Host: cdn.itphanpytor.club
URL: https://cdn.itphanpytor.club/1?z=3634077
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.241 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://streamtape.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-trace-id: ae48475d8eb7568fd8080bd95b1042bf
pragma: no-cache
date: Fri, 07 Jan 2022 06:30:07 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ Frame 0411 65 B
542 B 48ms
13ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=3682798&checkDuplicate=true&ymid=&var=

Requested by

Host: pushagim.com
URL: https://pushagim.com/pfe/current/extra.min.js?z=3682798

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

53f8b740f9c45923cfa31d5e337e2cde3df2369f2b50400ac4eba1540b80e843

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://streamtape.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 06:30:07 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://streamtape.to
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 zone Show response
pushagim.com/ Frame 0411 777 B
1 KB 40ms
13ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pushagim.com/zone?pub=0&zone_id=3682798&is_mobile=false&domain=streamtape.to&var=&ymid=&var_3=

Requested by

Host: pushagim.com
URL: https://pushagim.com/pfe/current/extra.min.js?z=3682798

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

5c18c1097cc4ffc2942bbf40b5e6a91297afc42f350af9fe1cf729348252c153

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://streamtape.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-trace-id: 2506895772057f82e3f37acc7049be6e
date: Fri, 07 Jan 2022 06:30:07 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://streamtape.to
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 777

POST
H2 200 9 Show response
cdn.itphanpytor.club/ Frame 0411 7 B
577 B 17ms
17ms XHR
application/javascript 139.45.197.241
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.itphanpytor.club/9?z=4282425&ng=1&ix=1&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fstreamtape.to%2Fe%2FOr1pW6wZJvf7BZ%2F&wy=0&wx=0&ww=1600&wh=1200&cw=980&wiw=980&wih=490&wfc=1&sah=1200&drf=https%3A%2F%2Fdownscrs.xyz%2F&hil=1&ist=0
Requested by: Host: cdn.itphanpytor.club
URL: https://cdn.itphanpytor.club/27/27c03f0fa2d4e3f08359be655ccb85fe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.241 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Request headers

Referer: https://streamtape.to/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: e38d7a55e1bb0f7211622d70bb544653
pragma: no-cache
date: Fri, 07 Jan 2022 06:30:07 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://streamtape.to
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 7
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 204 9
cdn.itphanpytor.club/ Frame 0
0 38ms
12ms Preflight 139.45.197.241
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.itphanpytor.club/9?z=4282425&ng=1&ix=1&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fstreamtape.to%2Fe%2FOr1pW6wZJvf7BZ%2F&wy=0&wx=0&ww=1600&wh=1200&cw=980&wiw=980&wih=490&wfc=1&sah=1200&drf=https%3A%2F%2Fdownscrs.xyz%2F&hil=1&ist=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.241 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://streamtape.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Fri, 07 Jan 2022 06:30:07 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://streamtape.to
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 9 Show response
cdn.itphanpytor.club/ Frame 0411 7 B
577 B 17ms
17ms XHR
application/javascript 139.45.197.241
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.itphanpytor.club/9?z=3634077&ng=1&ix=1&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fstreamtape.to%2Fe%2FOr1pW6wZJvf7BZ%2F&wy=0&wx=0&ww=1600&wh=1200&cw=980&wiw=980&wih=490&wfc=1&sah=1200&drf=https%3A%2F%2Fdownscrs.xyz%2F&hil=1&ist=0
Requested by: Host: cdn.itphanpytor.club
URL: https://cdn.itphanpytor.club/27/27c03f0fa2d4e3f08359be655ccb85fe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.241 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Request headers

Referer: https://streamtape.to/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 4eb59ade0777016f06417a3b5aa53e13
pragma: no-cache
date: Fri, 07 Jan 2022 06:30:07 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://streamtape.to
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 7
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 204 9
cdn.itphanpytor.club/ Frame 0
0 17ms
12ms Preflight 139.45.197.241
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.itphanpytor.club/9?z=3634077&ng=1&ix=1&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fstreamtape.to%2Fe%2FOr1pW6wZJvf7BZ%2F&wy=0&wx=0&ww=1600&wh=1200&cw=980&wiw=980&wih=490&wfc=1&sah=1200&drf=https%3A%2F%2Fdownscrs.xyz%2F&hil=1&ist=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.241 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://streamtape.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Fri, 07 Jan 2022 06:30:07 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://streamtape.to
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ Frame 0411 65 B
541 B 13ms
12ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: offfurreton.com
URL: https://offfurreton.com/400/3395407

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

53f8b740f9c45923cfa31d5e337e2cde3df2369f2b50400ac4eba1540b80e843

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://streamtape.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 06:30:07 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://streamtape.to
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 identify.html Show response
ufpcdn.com/script/ Frame E60C 2 KB
2 KB 195ms
135ms Document
text/html 2606:4700:3037::ac43:8e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufpcdn.com/script/identify.html?frmt=0
Requested by: Host: superonclick.com
URL: https://superonclick.com/script/native_server.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://downscrs.xyz/

Response headers

date: Fri, 07 Jan 2022 06:30:08 GMT
content-type: text/html
last-modified: Tue, 15 May 2018 06:39:25 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2vPKuoDZJ65wVmsrQRkSeP3in35wXjoOj2SpoGh3HkuwBLP06jHbn9fLBdCGUP4FPvUw%2FIe0e3kpYrMX8kBlOA%2BeYAW%2Fu0s0IBj7f4oYwqjw4UE3vJzVzKR1FBwgLhliZIgLMHtG%2B32"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6c9b22bb5d8b7045-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 3395407 Show response
offfurreton.com/500/ Frame 0411 4 KB
2 KB 28ms
27ms XHR
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://offfurreton.com/500/3395407?excludes=&oaid=dc516f52269e4b92b00b3c783ade3bd2&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=980&wiw=980&wih=490&wfc=3&pl=https%3A%2F%2Fstreamtape.to%2Fe%2FOr1pW6wZJvf7BZ%2F&drf=https%3A%2F%2Fdownscrs.xyz%2F&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false

Requested by

Host: offfurreton.com
URL: https://offfurreton.com/400/3395407

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

657ebd773c3dbe377f6105fe04583dec084ad80b874ce5e067681839383d7fdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://streamtape.to/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 22d46b0bfaaff4aa05375ddc8303300f
pragma: no-cache
date: Fri, 07 Jan 2022 06:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://streamtape.to
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 3395407
offfurreton.com/500/ Frame 0
0 87ms
32ms Preflight 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://streamtape.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Fri, 07 Jan 2022 06:30:07 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin: https://streamtape.to
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 4167545 Show response
betotodilea.com/500/ Frame 0411 4 KB
2 KB 25ms
25ms XHR
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://betotodilea.com/500/4167545?excludes=&oaid=dc516f52269e4b92b00b3c783ade3bd2&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=980&wiw=980&wih=490&wfc=3&pl=https%3A%2F%2Fstreamtape.to%2Fe%2FOr1pW6wZJvf7BZ%2F&drf=https%3A%2F%2Fdownscrs.xyz%2F&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false

Requested by

Host: betotodilea.com
URL: https://betotodilea.com/400/4167545

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

3dbafe65120ce0aa1286858de35d0c3ea03c1ad8be9fd118f9c96adff853fedb

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://streamtape.to/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 1b0b9bba19ec4d7c438f8bc76a7ece20
pragma: no-cache
date: Fri, 07 Jan 2022 06:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://streamtape.to
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 4167545
betotodilea.com/500/ Frame 0
0 77ms
15ms Preflight 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://streamtape.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Fri, 07 Jan 2022 06:30:07 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin: https://streamtape.to
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H/1.1 200
OK 0377052970676.png
static.cdnativepush.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/ Frame 0411 2 KB
3 KB 103ms
21ms Image
image/png 139.45.197.188
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/0377052970676.png
Requested by: Host: downscrs.xyz
URL: https://downscrs.xyz/?p=61527
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: dfc621aca09ed0c1488b5131d842363a53b81589c81e60fd0de8d639f927acc6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://streamtape.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 07 Jan 2022 06:30:08 GMT
Last-Modified: Thu, 08 Apr 2021 14:22:06 GMT
Server: nginx
ETag: "606f118e-932"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 2354

GET
H/1.1 200
OK 0681716941931.png
static.cdnativepush.com/contents/s/ba/3b/46/54d3cbe2954ccac41195d3a660/ Frame 0411 29 KB
29 KB 112ms
41ms Image
image/png 139.45.197.188
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/ba/3b/46/54d3cbe2954ccac41195d3a660/0681716941931.png
Requested by: Host: downscrs.xyz
URL: https://downscrs.xyz/?p=61527
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: ed1c101ea5482672805e702f55c3912b16abe3deb2fce44424c52616657abd41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://streamtape.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 07 Jan 2022 06:30:08 GMT
Last-Modified: Fri, 12 Nov 2021 13:27:55 GMT
Server: nginx
ETag: "618e6bdb-723a"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 29242

GET
H2 204 native.php Show response
discovernative.com/script/ 0
71 B 211ms
142ms Script
text/plain 130.211.31.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://discovernative.com/script/native.php?nwpsv=1&r=4910187&cbrandom=0.31557950354992537&cbWidth=1600&cbHeight=1200&cbtitle=Rehdtel%E2%80%A6.%20embed%20source%20mixdrop%20%7C%20Embed%20Streaming%20Videos&cbref=&cbdescription=&cbkeywords=&cbiframe=0&&callback=jsonp659531
Requested by: Host: downscrs.xyz
URL: https://downscrs.xyz/?p=61527
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.31.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.31.211.130.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://downscrs.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 07 Jan 2022 06:30:08 GMT
via: 1.1 google
server: openresty
alt-svc: clear

GET
H2 200 PsqMt4KRc83X31YlZ50VrqwpfsMP56jyLG0M8K1u283kEwoX1cmWZolml70Gyrzt-iVzN8PVOR_sgK6-g9zxt25YjIyVaTtE9se08g8PEaaVybCntu7zfVsX9CumwTHD97kroT_usFyw60dZdc_9nwHand8Ck_eyZTcK5YJzTjCEV20DXqfvpERS9lU3G8tPsfmFF...
offfurreton.com/impression/ Frame 0411 43 B
421 B 31ms
31ms Image
image/gif 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offfurreton.com/impression/PsqMt4KRc83X31YlZ50VrqwpfsMP56jyLG0M8K1u283kEwoX1cmWZolml70Gyrzt-iVzN8PVOR_sgK6-g9zxt25YjIyVaTtE9se08g8PEaaVybCntu7zfVsX9CumwTHD97kroT_usFyw60dZdc_9nwHand8Ck_eyZTcK5YJzTjCEV20DXqfvpERS9lU3G8tPsfmFFUbIydxEw5B4U4butfWONPFcxaaVlhyeMga-KB3fCZpzmnH0t6H_U9-VGsAjGat22w2r5ehNEDP3SOXqXPUAApMfhqlEPz3ocYSN1xFZKhCPiC38KkyxXpNOQOqA3CtJahHOfrkHPYrV1BmMVp98tku-Rfq-3Nn1TcdW0V7qBfokVA_NJ-szlQuaT3-gqSqoq_Frj1M=?_z=3395407&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=980&wiw=980&wih=490&wfc=3&pl=https%3A%2F%2Fstreamtape.to%2Fe%2FOr1pW6wZJvf7BZ%2F&drf=https%3A%2F%2Fdownscrs.xyz%2F&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false

Requested by

Host: downscrs.xyz
URL: https://downscrs.xyz/?p=61527

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://streamtape.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-trace-id: da63b5b5f6aa25e6b4082c5b8167fa1d
pragma: no-cache
date: Fri, 07 Jan 2022 06:30:08 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
content-length: 43
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 3395407 Show response
offfurreton.com/500/ Frame 0411 4 KB
2 KB 35ms
34ms XHR
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://offfurreton.com/500/3395407?excludes=11367779&oaid=dc516f52269e4b92b00b3c783ade3bd2&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=980&wiw=980&wih=490&wfc=3&pl=https%3A%2F%2Fstreamtape.to%2Fe%2FOr1pW6wZJvf7BZ%2F&drf=https%3A%2F%2Fdownscrs.xyz%2F&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false

Requested by

Host: offfurreton.com
URL: https://offfurreton.com/400/3395407

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

7e3734b864e63aa9d733ab9fde3423bb587ce999dc5fcba822fcd1c8f62bc12e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://streamtape.to/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: d96cb530e314382429a73760327781b4
pragma: no-cache
date: Fri, 07 Jan 2022 06:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://streamtape.to
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 3395407
offfurreton.com/500/ Frame 0
0 21ms
21ms Preflight 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://streamtape.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Fri, 07 Jan 2022 06:30:08 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin: https://streamtape.to
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H3 200 blocked Show response
streamtape.to/ Frame 0411 2 KB
1 KB 76ms
76ms Document
text/html 2606:4700:3033::ac43:bc88
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streamtape.to/blocked
Requested by: Host: streamtape.to
URL: https://streamtape.to/e/Or1pW6wZJvf7BZ/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b50191f53fbded68d27f85731cb4253cdcf31d892193f5d09769d936cac7e2b0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://streamtape.to/e/Or1pW6wZJvf7BZ/

Response headers

date: Fri, 07 Jan 2022 06:30:08 GMT
content-type: text/html; charset=UTF-8
cache-control: private
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nX%2FG4ISoooEA9F44MD6e10OBx83Bv5JL7g93yuOo39OVSZIEPWz0pRjV51lIkPK0KGSxy5jHTF9hQvdQvJHATFXC8NIgGqwZTQzMvLsEeYGiASEUbZU0ttn%2BpTTOZwtU%2Ba3xvxloXwQ02qE6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6c9b22bedd958beb-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK 0681716941931.png
static.cdnativepush.com/contents/s/ba/3b/46/54d3cbe2954ccac41195d3a660/ Frame 0411 29 KB
29 KB 23ms
22ms Image
image/png 139.45.197.188
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/ba/3b/46/54d3cbe2954ccac41195d3a660/0681716941931.png
Requested by: Host: offfurreton.com
URL: https://offfurreton.com/400/3395407
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: ed1c101ea5482672805e702f55c3912b16abe3deb2fce44424c52616657abd41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://streamtape.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 07 Jan 2022 06:30:08 GMT
Last-Modified: Fri, 12 Nov 2021 13:27:55 GMT
Server: nginx
ETag: "618e6bdb-723a"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 29242

GET
H3 200 jquery.min.js Show response
streamtape.to/js/ Frame 0411 86 KB
32 KB 33ms
33ms Script
application/javascript 2606:4700:3033::ac43:bc88
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streamtape.to/js/jquery.min.js
Requested by: Host: streamtape.to
URL: https://streamtape.to/blocked
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:bc88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://streamtape.to/blocked
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 06:30:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Dec 2020 18:16:59 GMT
server: cloudflare
age: 2616
etag: W/"5fc6889b-15851"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1KyoEeKARL6N%2BuZ8Mjs8x5bUqdcvx%2FnBKM%2BSQgvuQ2yiMoZCcnZVWUXe462z0Wykkd5h1LWZiHV96LOJX0WEp7UaWM3mpLrGRx2kdKBf1xiMyxqNMshke3IG27lCCSffjCJkwsBMYc6KH2QR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=28800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c9b22bf6eb68beb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ Frame 0411 194 KB
66 KB 145ms
37ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: streamtape.to
URL: https://streamtape.to/blocked

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

7dd8628b76c6beda76cf46db9ac1e54437ac90edc487c7f8e08b0c1f716656ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://streamtape.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 06:30:08 GMT
content-encoding: br
last-modified: Tue, 28 Dec 2021 12:05:22 GMT
etag: "61cad352-10765"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 67429
expires: Fri, 07 Jan 2022 07:30:08 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/61426822/ Frame 0411
Redirect Chain

https://mc.yandex.com/watch/61426822?wmode=7&page-url=https%3A%2F%2Fstreamtape.to%2Fblocked&page-ref=https%3A%2F%2Fstreamtape.to%2Fe%2FOr1pW6wZJvf7BZ%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A1...
https://mc.yandex.com/watch/61426822/1?wmode=7&page-url=https%3A%2F%2Fstreamtape.to%2Fblocked&page-ref=https%3A%2F%2Fstreamtape.to%2Fe%2FOr1pW6wZJvf7BZ%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3...

350 B
432 B

32ms
31ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/61426822/1?wmode=7&page-url=https%3A%2F%2Fstreamtape.to%2Fblocked&page-ref=https%3A%2F%2Fstreamtape.to%2Fe%2FOr1pW6wZJvf7BZ%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A174%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A967475780994%3Ahid%3A1032735971%3Az%3A0%3Ai%3A20220107063008%3Aet%3A1641537009%3Ac%3A1%3Arn%3A347377689%3Arqn%3A1%3Au%3A1641537009784104719%3Aw%3A980x490%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1641537008454%3Ads%3A0%2C0%2C76%2C1%2C0%2C0%2C%2C76%2C0%2C%2C%2C%2C158%3Adsn%3A0%2C0%2C76%2C1%2C0%2C0%2C%2C80%2C0%2C%2C%2C%2C158%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1641537009%3At%3A&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: streamtape.to
URL: https://streamtape.to/blocked

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

4371f57a8859d637ac42bd35ac7eeb19374a644e51aa7a06eadd8e6aac3c9894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://streamtape.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jan 2022 06:30:08 GMT
x-content-type-options: nosniff
last-modified: Fri, 07-Jan-2022 06:30:08 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://streamtape.to
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Fri, 07-Jan-2022 06:30:08 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 Jan 2022 06:30:08 GMT
last-modified: Fri, 07-Jan-2022 06:30:08 GMT
location: /watch/61426822/1?wmode=7&page-url=https%3A%2F%2Fstreamtape.to%2Fblocked&page-ref=https%3A%2F%2Fstreamtape.to%2Fe%2FOr1pW6wZJvf7BZ%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A174%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A967475780994%3Ahid%3A1032735971%3Az%3A0%3Ai%3A20220107063008%3Aet%3A1641537009%3Ac%3A1%3Arn%3A347377689%3Arqn%3A1%3Au%3A1641537009784104719%3Aw%3A980x490%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1641537008454%3Ads%3A0%2C0%2C76%2C1%2C0%2C0%2C%2C76%2C0%2C%2C%2C%2C158%3Adsn%3A0%2C0%2C76%2C1%2C0%2C0%2C%2C80%2C0%2C%2C%2C%2C158%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1641537009%3At%3A&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://streamtape.to
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 07-Jan-2022 06:30:08 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame 0411 43 B
136 B 41ms
41ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: streamtape.to
URL: https://streamtape.to/blocked

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://streamtape.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 06:30:08 GMT
last-modified: Thu, 23 Dec 2021 16:10:01 GMT
etag: "61c47529-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Jan 2022 07:30:08 GMT

GET
H2 200 61426822 Show response
mc.yandex.com/watch/ Frame 0411 43 B
73 B 33ms
32ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/61426822?page-url=goal%3A%2F%2Fstreamtape.to%2Fsbox_bl&page-ref=https%3A%2F%2Fstreamtape.to%2Fblocked&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A1%3Als%3A967475780994%3Ahid%3A1032735971%3Az%3A0%3Ai%3A20220107063008%3Aet%3A1641537009%3Ac%3A1%3Arn%3A623901538%3Arqn%3A2%3Au%3A1641537009784104719%3Aw%3A980x490%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1641537008454%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C461%2C461%2C0%2C%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C461%2C461%2C0%2C%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1641537009%3At%3A&t=gdpr(14)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://streamtape.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jan 2022 06:30:08 GMT
last-modified: Fri, 07-Jan-2022 06:30:08 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://streamtape.to
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 07-Jan-2022 06:30:08 GMT

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cdn.itphanpytor.club/42	1970-01-20 08:44:33	Name: OAID Value: e071c71839b443be8bb52581cfd92549
cdn.itphanpytor.club/42	1970-01-20 08:44:33	Name: oaidts Value: 1641537007
cdn.itphanpytor.club/	1970-01-20 08:44:33	Name: scm Value: 1
cdn.itphanpytor.club/	1970-01-20 08:44:33	Name: oaidts Value: 1641537007
cdn.itphanpytor.club/	1970-01-20 08:44:33	Name: OAID Value: e071c71839b443be8bb52581cfd92549
cdn.itskiddoan.club/	1970-01-20 08:44:33	Name: oaidts Value: 1641537007
cdn.itskiddoan.club/	1970-01-20 08:44:33	Name: OAID Value: a1fdff2e182d401a9bce678674ab8a56
my.rtmark.net/	1970-01-20 08:44:33	Name: ID Value: dc516f52269e4b92b00b3c783ade3bd2
offfurreton.com/	1970-01-20 08:44:33	Name: OAID Value: dc516f52269e4b92b00b3c783ade3bd2
betotodilea.com/	1970-01-20 08:44:33	Name: OAID Value: dc516f52269e4b92b00b3c783ade3bd2
.ufpcdn.com/	1970-01-19 23:58:58	Name: __cf_bm Value: _zSE0xGLJ6CVy0zIhy65u4ixXg1kq_me1TT1Wq6nCLU-1641537008-0-AV2NpDHTtjNZVOSQs9BxE49oCqJ3FUmufVDTtKAheOhiSmwdjma3s/x2Rn3mnWD+eTxO1va6gFzVHZGYw92vUhw=
downscrs.xyz/	1970-01-20 01:25:21	Name: adcashufpv3 Value: 142786002315637511231086859021
.streamtape.to/	1970-01-20 08:44:33	Name: _ym_uid Value: 1641537009784104719
.streamtape.to/	1970-01-20 08:44:33	Name: _ym_d Value: 1641537009
.yandex.com/	1970-01-20 08:44:33	Name: yandexuid Value: 3689812561641537008
.yandex.com/	1970-01-20 08:44:33	Name: yuidss Value: 3689812561641537008
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2094494491641537008
.yandex.com/	1970-01-23 15:34:57	Name: i Value: tkCeASAE0eOyDjZ0GT+o/c4U2VBlPpazI1FEjAhvW085WAFejXvEnEnS3Jw+fXqv5ipVY4G372zWHM50wPv9oNdQmGQ=
.yandex.com/	1970-01-20 08:44:33	Name: ymex Value: 1673073008.yrts.1641537008#1673073008.yrtsi.1641537008
.streamtape.to/	1970-01-20 00:00:09	Name: _ym_isad Value: 2

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://streamtape.to/e/Or1pW6wZJvf7BZ/ Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://urgesick.com/68/88/1d/68881dd8b72caf0194422455d0b10d44.js Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

betotodilea.com
cdn.itphanpytor.club
cdn.itskiddoan.club
discovernative.com
downscrs.xyz
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
my.rtmark.net
offfurreton.com
pagead2.googlesyndication.com
pushagim.com
static.cdnativepush.com
streamtape.to
superonclick.com
ufpcdn.com
urgesick.com
130.211.31.231
139.45.195.8
139.45.197.188
139.45.197.236
139.45.197.237
139.45.197.241
139.45.197.250
192.243.59.12
2606:4700:3033::ac43:bc88
2606:4700:3037::6815:293c
2606:4700:3037::ac43:8e31
2606:4700:e6::ac40:c504
2a00:1450:4001:80e::2002
2a00:1450:4001:830::2002
2a02:6b8::1:119
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
10055ac3c9d72bba0edcf7813858f543e085183da9a554fe1cded14a7dc1b00f
1b0a89316b4c4edfcaecd47b2cd0a992c29219a6bf57a9f6dcda37a3f037a02e
1e9439ee3b44a1514f397a9ba75c7d35c39b5a28bb23af8461ae0b5755c4433d
23cd56eab7b6e6beac0e9755818d921eb39788da2309804e8b72ec67c5ce783e
3dbafe65120ce0aa1286858de35d0c3ea03c1ad8be9fd118f9c96adff853fedb
4371f57a8859d637ac42bd35ac7eeb19374a644e51aa7a06eadd8e6aac3c9894
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53f8b740f9c45923cfa31d5e337e2cde3df2369f2b50400ac4eba1540b80e843
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55cd989e2cf4c8802e9fe793c3317a6999ffbe83744edaf4295cf72470eb3478
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c18c1097cc4ffc2942bbf40b5e6a91297afc42f350af9fe1cf729348252c153
5cc590d3ea853ec1ad45fe19cad2ac7bef1bf04e4b5747712767efee5454337a
657ebd773c3dbe377f6105fe04583dec084ad80b874ce5e067681839383d7fdf
6b5d20c4a79f6a6eb4c0c6872c3731d0da6eff8c0f5c222651a98e764db1962e
73271f83e0d89e09da51434a964dde15ced7b91331f3b96357eb05ee81a85567
7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51
7dd8628b76c6beda76cf46db9ac1e54437ac90edc487c7f8e08b0c1f716656ac
7e3734b864e63aa9d733ab9fde3423bb587ce999dc5fcba822fcd1c8f62bc12e
845f3bd26c45d4513054f9f1a9da06bfb0f3d2ebdf3feb3f346ef698f9577297
8964d85afd6d5d84b97872464646809c952ab900cdf5c5d7c3b7b4bdb74202fa
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
933390dcdc0a449ff4c060850f57068a6c9ab70371d9f8c1c0e4fe608e8e00be
94e9c32efd05d001129bc80f2475e1bac5e6ff0d8d81f711472183218661eea9
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
b50191f53fbded68d27f85731cb4253cdcf31d892193f5d09769d936cac7e2b0
c21f4718c3a95b7ecdf8ef4211986cb3741b5277ff54218400d6d4b5f52285e4
c9c1d4114b9db8e4879bb72d132aab3104462bd6d8ab1344a33d8446e1da1cdf
ce18071d0330e062b11a77c9642cce3db3858e6646738b4b71e46f1e1d74c8ec
d7b8a309cbf1eb2136a1cc5792fb620ee0ab4718b71de4338ca3dedba6578989
d9d0a508ef216388cf226d05b3389e5b34e0178f0989250492fe135662607aa5
dfc621aca09ed0c1488b5131d842363a53b81589c81e60fd0de8d639f927acc6
e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bc5cc8616d240b02eece346b06d18fb279042a48323ec6a24be379de2ac840
ea0946f40ecdf9c3d9116352371c651fa24a45c4d9e75029bb5d66cf5553547f
eb22ff6d3ebaa2ec79921696a704f2126bb7c5c5e52537dfb3b2e00e3ee34a63
ed1c101ea5482672805e702f55c3912b16abe3deb2fce44424c52616657abd41
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

downscrs.xyz Open in urlscan Pro 2606:4700:e6::ac40:c504 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

53 Requests

98 %HTTPS

47 %IPv6

17 Domains

17 Subdomains

15 IPs

4 Countries

591 kBTransfer

1550 kBSize

20 Cookies

2 Outgoing links

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

downscrs.xyz Open in urlscan Pro
2606:4700:e6::ac40:c504 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

98 %
HTTPS

47 %
IPv6

17
Domains

17
Subdomains

15
IPs

4
Countries

591 kB
Transfer

1550 kB
Size

20
Cookies

53 HTTP transactions
0 data transactions