yourerrorsplug.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tiny.ke/PYESFOUNDATION
Effective URL:
https://yourerrorsplug.com/l/?a=domain-ab&utm_source=3&utm_campaign=65b5a5216a6dad0001c091fe&title=Upgrade+Your+WhichBrowse...
Submission: On January 28 via manual (January 28th 2024, 12:51:48 am UTC) from GY — Scanned from DE

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 14 domains to perform 47 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is yourerrorsplug.com.
TLS certificate: Issued by GTS CA 1P5 on December 3rd 2023. Valid for: 3 months.

This is the only time yourerrorsplug.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	162.246.22.203 162.246.22.203	19318 (IS-AS-1) (IS-AS-1)
7	162.246.21.210 162.246.21.210	19318 (IS-AS-1) (IS-AS-1)
4	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	174.138.183.242 174.138.183.242	19318 (IS-AS-1) (IS-AS-1)
1	139.45.197.237 139.45.197.237	9002 (RETN-AS) (RETN-AS)
4	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
17	172.64.134.5 172.64.134.5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	217.20.112.104 217.20.112.104	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
1 2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
47	11

1 162.246.22.203 (United States) 1 redirects

ASN19318 (IS-AS-1, US)
PTR: ssf.messarogroup.com

tiny.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 162.246.21.210 (United States)

ASN19318 (IS-AS-1, US)
PTR: webhosting3005.is.cc

wz.takivi.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.138.183.242 (United States) 1 redirects

ASN19318 (IS-AS-1, US)

jiforo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)

thaudray.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.64.134.5 (United States)

ASN13335 (CLOUDFLARENET, US)

ourcommonnewz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.20.112.104 (Petershagen, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)

track.routes.name	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

yourerrorsplug.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	ourcommonnewz.com ourcommonnewz.com	67 KB
7	takivi.org wz.takivi.org	89 KB
4	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11663	2 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	23 KB
4	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1019	71 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	59 KB
2	yourerrorsplug.com 1 redirects yourerrorsplug.com	9 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 369	60 KB
1	routes.name track.routes.name — Cisco Umbrella Rank: 858093	2 KB
1	thaudray.com thaudray.com — Cisco Umbrella Rank: 216099	2 KB
1	jiforo.com 1 redirects jiforo.com	363 B
1	tiny.ke 1 redirects tiny.ke	512 B
0	baidu.com Failed hm.baidu.com Failed
0	supercounters.com Failed widget.supercounters.com Failed
47	14

	Domain	Requested by
17	ourcommonnewz.com	thaudray.com ourcommonnewz.com
7	wz.takivi.org	wz.takivi.org
4	my.rtmark.net	thaudray.com ourcommonnewz.com
4	cdnjs.cloudflare.com	wz.takivi.org yourerrorsplug.com
4	maxcdn.bootstrapcdn.com	wz.takivi.org
3	cdn.jsdelivr.net	yourerrorsplug.com
2	yourerrorsplug.com	1 redirects
2	ajax.googleapis.com	wz.takivi.org
1	track.routes.name	ourcommonnewz.com
1	thaudray.com	wz.takivi.org
1	jiforo.com	1 redirects
1	tiny.ke	1 redirects
0	hm.baidu.com Failed	wz.takivi.org
0	widget.supercounters.com Failed	wz.takivi.org
47	14

This site contains no links.

Subject Issuer	Validity	Valid
wz.takivi.org cPanel, Inc. Certification Authority	`2023-11-18` - `2024-02-16`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
thaudray.com R3	`2023-11-17` - `2024-02-15`	3 months	crt.sh
rtmark.net R3	`2023-12-23` - `2024-03-22`	3 months	crt.sh
ourcommonnewz.com GTS CA 1P5	`2024-01-11` - `2024-04-10`	3 months	crt.sh
track.routes.name ZeroSSL RSA Domain Secure Site CA	`2024-01-05` - `2024-04-04`	3 months	crt.sh
yourerrorsplug.com GTS CA 1P5	`2023-12-03` - `2024-03-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://yourerrorsplug.com/l/?a=domain-ab&utm_source=3&utm_campaign=65b5a5216a6dad0001c091fe&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Your+Errors+Plug+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.
Frame ID: 67F06C3759A91F4A45469F529B435149
Requests: 51 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://tiny.ke/PYESFOUNDATION HTTP 301
https://wz.takivi.org/ Page URL
https://wz.takivi.org/go.php Page URL
https://jiforo.com/activate HTTP 302
https://thaudray.com/4/5186603 Page URL
https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z... Page URL
https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z... Page URL
https://track.routes.name/6517545af1a71e0001de416a?sub1=4662728&sub2=7481977&sub3=broadband&sub4=chrom... Page URL
https://yourerrorsplug.com/l/?a=domain-ab&utm_source=3&utm_campaign=65b5a5216a6dad0001c091fe&title=Upgr... HTTP 302
https://yourerrorsplug.com/l/?a=domain-ab&utm_source=3&utm_campaign=65b5a5216a6dad0001c091fe&title=Upgr... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

47
Requests

94 %
HTTPS

42 %
IPv6

14
Domains

14
Subdomains

11
IPs

3
Countries

383 kB
Transfer

1209 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tiny.ke/PYESFOUNDATION HTTP 301
https://wz.takivi.org/ Page URL
https://wz.takivi.org/go.php Page URL
https://jiforo.com/activate HTTP 302
https://thaudray.com/4/5186603 Page URL
https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto= Page URL
https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2 Page URL
https://track.routes.name/6517545af1a71e0001de416a?sub1=4662728&sub2=7481977&sub3=broadband&sub4=chrome&sub5=windows&sub6=DE&sub7=19120475&sub8=keyweb%20ag&sub9=desktop&ref_id=775273414075359529&cost=0.000241&oaid=9e25c1c5201af980f18814b74a042aeb Page URL
https://yourerrorsplug.com/l/?a=domain-ab&utm_source=3&utm_campaign=65b5a5216a6dad0001c091fe&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&subid=master&text1=Your+Errors+Plug+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages. HTTP 302
https://yourerrorsplug.com/l/?a=domain-ab&utm_source=3&utm_campaign=65b5a5216a6dad0001c091fe&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Your+Errors+Plug+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages. Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://tiny.ke/PYESFOUNDATION HTTP 301
https://wz.takivi.org/

Request Chain 18

https://jiforo.com/activate HTTP 302
https://thaudray.com/4/5186603

47 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
wz.takivi.org/
Redirect Chain

https://tiny.ke/PYESFOUNDATION
https://wz.takivi.org/

39 KB
11 KB

541ms
111ms

Document
text/html

162.246.21.210
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://wz.takivi.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.21.210 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: webhosting3005.is.cc
Software: LiteSpeed /
Resource Hash: b7c8dd8e039c1d77ff08efce4cf17e8bd4f20a84fbaab4f51b17429ea1c93dcd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 10994
content-type: text/html
date: Sun, 28 Jan 2024 00:51:42 GMT
last-modified: Fri, 26 Jan 2024 22:30:11 GMT
server: LiteSpeed
vary: Accept-Encoding

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 28 Jan 2024 00:51:41 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked
location: https://wz.takivi.org/

GET
H2 200 sa20gb2.js
wz.takivi.org/ 331 B
325 B 111ms
109ms Script
application/javascript 162.246.21.210
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://wz.takivi.org/sa20gb2.js
Requested by: Host: wz.takivi.org
URL: https://wz.takivi.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.21.210 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: webhosting3005.is.cc
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wz.takivi.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:51:42 GMT
content-encoding: br
last-modified: Sat, 18 Nov 2023 23:14:31 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 213
expires: Sun, 04 Feb 2024 00:51:42 GMT

GET
H2 200 sa20gb3.js
wz.takivi.org/ 119 B
172 B 112ms
110ms Script
application/javascript 162.246.21.210
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://wz.takivi.org/sa20gb3.js
Requested by: Host: wz.takivi.org
URL: https://wz.takivi.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.21.210 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: webhosting3005.is.cc
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wz.takivi.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:51:42 GMT
last-modified: Sat, 18 Nov 2023 23:14:46 GMT
server: LiteSpeed
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 119
expires: Sun, 04 Feb 2024 00:51:42 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.4.1/css/ 156 KB
24 KB 94ms
35ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css

Requested by

Host: wz.takivi.org
URL: https://wz.takivi.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wz.takivi.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:51:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1078
age: 5082577
cdn-cachedat: 10/31/2023 19:00:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"7cc40c199d128af6b01e74a28c5900b0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: fba254e3da91f749a341ebf2a8f00848
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 84c53f9dac095c6e-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: wz.takivi.org
URL: https://wz.takivi.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wz.takivi.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 07:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Jan 2025 07:26:38 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/ 21 KB
7 KB 73ms
30ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js

Requested by

Host: wz.takivi.org
URL: https://wz.takivi.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wz.takivi.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:51:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 337312
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6696
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-5309"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YIqMs51WQ1p5hzunwJEVS71E9HtMhHvubrXR%2FGZvher4UQW2qb31o4Wx2QziKgJisNexUJcaC6AN5NBKmdjoTyWy%2F287fRdTYhK1UyrDbQ0EOX2fcRpZ%2BQ1htCe%2Fljqfy2cE8HzbU5j4ks5myAOKNYU7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84c53f9d88c92bca-FRA
expires: Fri, 17 Jan 2025 00:51:42 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/ 59 KB
16 KB 92ms
33ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js

Requested by

Host: wz.takivi.org
URL: https://wz.takivi.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wz.takivi.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:51:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1075
age: 5163856
cdn-cachedat: 01/04/2023 07:40:19
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"61f338f870fcd0ff46362ef109d28533"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 483316c42f262c13f1414a0ec9c05fa8
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 84c53f9dac0b5c6e-FRA
cdn-requestpullsuccess: True

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 95ms
37ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: wz.takivi.org
URL: https://wz.takivi.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wz.takivi.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:51:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1078
age: 6805449
cdn-cachedat: 10/31/2023 18:59:36
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"ec3bb52a00e176a7181d454dffaea219"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: a99131ed71793c235969f4741b45dd0f
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 84c53f9dac0a5c6e-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 90ms
42ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: wz.takivi.org
URL: https://wz.takivi.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wz.takivi.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 349618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:44:44 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
11 KB 90ms
32ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: wz.takivi.org
URL: https://wz.takivi.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wz.takivi.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:51:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1053
age: 6367982
cdn-cachedat: 10/31/2023 19:27:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"5869c96cc8f19086aee625d670d741f9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 1a04ea32b2f4b219188fda8349c8680c
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 84c53f9dac0d5c6e-FRA
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 69ms
27ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: wz.takivi.org
URL: https://wz.takivi.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wz.takivi.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:51:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1925384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T81FMgZlg3%2FxduxBOkd9wDZGvRjHjCQBGoDbP1PrAxIJ9OE6MiRYz9vax39jAqShkacIEbV5JaS2azZ6UpoliOSILKp2Fb%2F7mptLEhEy4V19dk7%2BZWkNis%2F5lexBj9w09lRGwG%2FCUnomEWoBJXxfiN2V"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84c53f9d88c82bca-FRA
expires: Fri, 17 Jan 2025 00:51:42 GMT

GET
H2 200 pyes1.png
wz.takivi.org/ 7 KB
7 KB 112ms
111ms Image
image/png 162.246.21.210
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wz.takivi.org/pyes1.png
Requested by: Host: wz.takivi.org
URL: https://wz.takivi.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.21.210 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: webhosting3005.is.cc
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wz.takivi.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:51:42 GMT
last-modified: Sat, 18 Nov 2023 23:21:27 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7046
expires: Sun, 04 Feb 2024 00:51:42 GMT

GET
H2 200 p.jpg
wz.takivi.org/ 18 KB
18 KB 112ms
112ms Image
image/jpeg 162.246.21.210
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wz.takivi.org/p.jpg
Requested by: Host: wz.takivi.org
URL: https://wz.takivi.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.21.210 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: webhosting3005.is.cc
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wz.takivi.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:51:42 GMT
last-modified: Sat, 18 Nov 2023 23:21:27 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 18693
expires: Sun, 04 Feb 2024 00:51:42 GMT

GET
H2 200 pyes2.png
wz.takivi.org/ 52 KB
52 KB 110ms
110ms Image
image/png 162.246.21.210
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wz.takivi.org/pyes2.png
Requested by: Host: wz.takivi.org
URL: https://wz.takivi.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.21.210 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: webhosting3005.is.cc
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wz.takivi.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:51:42 GMT
last-modified: Sat, 18 Nov 2023 23:21:27 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 52880
expires: Sun, 04 Feb 2024 00:51:42 GMT

GET rxz.png
wz.takivi.org/ 0
0

GET online_i.js
widget.supercounters.com/ssl/ 0
0

GET
H2 200 go.php Show response
wz.takivi.org/ 612 B
483 B 213ms
212ms Document
text/html 162.246.21.210
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://wz.takivi.org/go.php
Requested by: Host: wz.takivi.org
URL: https://wz.takivi.org/sa20gb3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.246.21.210 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: webhosting3005.is.cc
Software: LiteSpeed /
Resource Hash: 30b38cadbfce53aab8409dcb51113d3fb60261d8d0c3f80b6f5dd0f9ffc215a8

Request headers

Referer: https://wz.takivi.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-length: 426
content-type: text/html; charset=UTF-8
date: Sun, 28 Jan 2024 00:51:42 GMT
server: LiteSpeed
vary: Accept-Encoding

GET hm.js
hm.baidu.com/ 0
0

GET
H2

200

5186603
thaudray.com/4/
Redirect Chain

https://jiforo.com/activate
https://thaudray.com/4/5186603

2 KB
2 KB

113ms
32ms

Document
text/html

139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://thaudray.com/4/5186603
Requested by: Host: wz.takivi.org
URL: https://wz.takivi.org/go.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: * *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Sun, 28 Jan 2024 00:51:43 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://ourcommonnewz.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
pragma: no-cache no-cache
server: nginx
timing-allow-origin: *
x-trace-id: 23dd24e6f66eceee8ef1870bae6b8376

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 28 Jan 2024 00:51:43 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://thaudray.com/4/5186603
pragma: no-cache
server: LiteSpeed

POST
H2 200 img.gif
my.rtmark.net/ 43 B
505 B 95ms
27ms Ping
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=ec2e39e01e2f49f9a5cf04aef91ad9fc

Requested by

Host: thaudray.com
URL: https://thaudray.com/4/5186603

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:51:43 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: https://thaudray.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 / Show response
ourcommonnewz.com/ 40 KB
14 KB 372ms
300ms Document
text/html 172.64.134.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Requested by: Host: thaudray.com
URL: https://thaudray.com/4/5186603
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.134.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: cf430b12ec14f64f5d2bdaea071163b9f33f874ff49df5fafe51a73726c36f75

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84c53fa55bb96ff3-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 28 Jan 2024 00:51:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8O5VeScInxcdq49RmZz9Hwz0vqZORDlCBa%2FTD5AfWqD%2BGdmJy59yVUb3njdJGetyjzfQhlqRE0Z5UJRD8pJd9KmbNoF4fu7At09Eu6j5sBO6mxebt7xwxg8bFN88VdZz9pLfpg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
544 B 27ms
27ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=9e25c1c5201af980f18814b74a042aeb

Requested by

Host: ourcommonnewz.com
URL: https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

aeb13809f6b33d7f152d50dcfa5e1141072f5a5845ea7a20469ed6e706971deb

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ourcommonnewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:51:43 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ourcommonnewz.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 micro.tag.min.js Show response
ourcommonnewz.com/pfe/current/ 28 KB
11 KB 51ms
50ms Script
application/javascript 172.64.134.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ourcommonnewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=775273410149495036&var=5186603&sw=/sw-check-permissions/4662709&uhd=1
Requested by: Host: ourcommonnewz.com
URL: https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.134.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc5f2967a33d6cd3df5091e31bd1fecb3d19094ba3f563fe26287a8ce7117b7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 00:51:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 25 Jan 2024 09:37:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b22bc5-704a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tKMdFnxDWzk%2FjHH9VlKkpoWIG0%2BCxufn%2FYSwFZinVC3Ui13Gaa0kH0hhpl0l%2Bi8tnb1uf4SFVhGVS8oPR1pZrAhTQc2Zw37rE%2BKNPMge8fnBK2OFgBNnaDMRwQbeivQD8pZ4Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 84c53fa74d196ff3-CDG
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 / Show response
ourcommonnewz.com/ 2 B
394 B 53ms
52ms XHR
application/json 172.64.134.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&mprtr=1
Requested by: Host: ourcommonnewz.com
URL: https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.134.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:51:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S3lQ4btmf2vOYv2zUyWb9sptp3UfYOzcBE0nC%2BxJNXVGNkCFgLcYPfVzGqZlE5wIJPUC7U1t2Pa3nmwR7IhfL1wLXjQQiu6vfqX4%2B%2FNBx8cyZ%2BTtGtoQs%2Fv0VP3XFRsOGo67NA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 84c53fa75d1b6ff3-CDG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
ourcommonnewz.com/19/4662728/ 3 KB
2 KB 49ms
49ms XHR
application/json 172.64.134.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ourcommonnewz.com/19/4662728/?abt_opts=1&var=5186603&var3=775273410149495036&ymid=&rhd=1

Requested by

Host: ourcommonnewz.com
URL: https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.134.5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9af03f311ea52887f25502a6be6914758fa01bb9c5e3986f36af1834eea31623

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:51:43 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 4ab9d838ba57d17f87bed7f8eb9d8a50
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8k%2FnCHKDdq8KTiN8wPghwYDlhDbbCRA3BHqVrJAbGa%2BDxMPuD9SUnoh3jfcJOiPAKXjWvg%2BKyWaZNkR%2FNm%2B9WXlTxo1g8S7I1SN5LX2Z2iR4gr1xxh9OwxPlXW0oYjaWqjC%2Brg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 84c53fa75d296ff3-CDG
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 4662709
ourcommonnewz.com/sw-check-permissions/ 0
951 B 48ms
47ms Other
application/javascript 172.64.134.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ourcommonnewz.com/sw-check-permissions/4662709?var=5186603&ymid=775273410149495036&uhd=1&zoneId=4662709
Requested by: Host: ourcommonnewz.com
URL: https://ourcommonnewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=775273410149495036&var=5186603&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.134.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:51:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vpdQHe6hnS9uEa%2BfpxjomFpkpG9tUBODNyzGbSRqwNwsSRP2r8099WcIkOLe9enwejbGEZS62SolR1JyIv86E7oDpiRXfITLppLimlqSEcFoLCIBC%2FWMn5mNpwcEpf4ck9EwVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 84c53fa7acaa18e6-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H3 200 zone
ourcommonnewz.com/ 0
536 B 35ms
35ms Ping
text/plain 172.64.134.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ourcommonnewz.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=ourcommonnewz.com&var=5186603&ymid=775273410149495036&var_3=&var_4=&dsig=&tg=1&sw=3.1.477&trace_id=d32cb044-0a12-4698-9157-a01673b3b6e7&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: ourcommonnewz.com
URL: https://ourcommonnewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=775273410149495036&var=5186603&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.134.5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-trace-id: 8f6cebfd2ca8975155d7f69514f8fcab
date: Sun, 28 Jan 2024 00:51:43 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zRRd9jsTX%2FwLrMpNn355XG%2BRlP2IF%2Bm%2FxHn5e57C3b%2BMgnKK%2BoONFItO76sorRex21iexLiqnSQ%2BVHKYNDf7dq06Vku40EpJT%2Fh1NOp8XUC2ob4LQ78m9DYyPpfUrTmRYVtdBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ourcommonnewz.com
access-control-allow-credentials: true
cf-ray: 84c53fa7acad18e6-FRA
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
544 B 28ms
28ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=775273410149495036&var=5186603

Requested by

Host: ourcommonnewz.com
URL: https://ourcommonnewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=775273410149495036&var=5186603&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

aeb13809f6b33d7f152d50dcfa5e1141072f5a5845ea7a20469ed6e706971deb

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ourcommonnewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:51:43 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ourcommonnewz.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 rhd
ourcommonnewz.com/ 3 KB
3 KB 117ms
116ms Fetch
application/json 172.64.134.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ourcommonnewz.com/rhd?rb=G03RGyLuHTdTY8OBeXGNkORjaaOhGPxl6S__-7o7Crrc46emJzGX1xtgbG3Ghivia2FLRlQl08v-U4izY8Cep48DSG0uzULmaceuMd1zdSbdXnq6Z5tepPF8Wb62f8QVTQalAyEexK5VB8jkQXakbU_BXdVdnHbTYG1FvCE1ehHeLXZ0SQvYtYkdqAQFRv0ROk7rEo4B8VRELxfW-Fz7VpfipiFGyfadl_mPnm84dISiu63NBchTWIjnpBKSt7EH2X1JOf-ushVuts5hrTVeGfxO1ohGfNs6Vn0vtsQ8dr0fdEc2YFtklTzi5PSs1ly0ogcsc7xQp916kkyxTDLxutNcesny5a899BVPVRxkjgbsGhOAKCnY-3cneZ8DHUBm-Tw0YNfiL59CGZXHi2nVETG_4hQOdT33VS_swKFJYfWY67TxHty7hUL6h2LdFnm8nOj1NCidqlnj7HlD47fJlVmmKm6TMU2UWa-5g7r3ELRmUR2AaDsyUZmgyLtMiL5rgXvAG8BQLGhvz0EmlHMunLYTY4NHGR06G3OkrXHJyZc%3D&request_ab2=150020&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fourcommonnewz.com%2F%3Fs%3D775273410149495036%26ssk%3Dbaaa447f46c9d033f88f0d2c8e380401%26svar%3D1706403103%26z%3D5186603%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3D%26bto%3D&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=5186603&var3=775273410149495036&ymid=&rhd=1&m=link

Requested by

Host: ourcommonnewz.com
URL: https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.134.5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:51:44 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: e8226512eccec73164c1dd8ecd11d520
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eirYiXPQ54qudVuocAW18xNnv0wiBU6p6b%2FdrShkBYCj38fGuBVvkY6QupIPleCWQkpuRIplQn38nvBJ%2BG6M%2FGyz19hjSo656mtfD8hbfaKr9Bi9SmxAV24TKH8fR%2FsMkj264Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 84c53fa7bcb218e6-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 zone
ourcommonnewz.com/ 797 B
985 B 43ms
43ms Fetch
application/json 172.64.134.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ourcommonnewz.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=ourcommonnewz.com&var=5186603&ymid=775273410149495036&var_3=&var_4=&dsig=&tg=1&sw=3.1.477&trace_id=d32cb044-0a12-4698-9157-a01673b3b6e7&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: ourcommonnewz.com
URL: https://ourcommonnewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=775273410149495036&var=5186603&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.134.5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:51:43 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: a0cf2ca0e2cb28abb10241824d09382f
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5bjSTL%2BYc8RnaSGzy9BDzFNVJrTq1yI7xShZE9Un0P9uYmPbqvZO9xOHcx4Lt0tLw6TnW5jCXOWrqiHnWuPBtQSdEuXHcdVJ3WQ5ZECGpjXvVtFrN9XWEgZzmTDuP05%2BGBl6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 84c53fa7bcb418e6-FRA
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept

GET
H3 200 / Show response
ourcommonnewz.com/ 40 KB
14 KB 331ms
331ms Document
text/html 172.64.134.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Requested by: Host: ourcommonnewz.com
URL: https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.134.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: db7df841d896926d6502af2a0560cd5baf89d53e5e8cc47debc3d08f9f4ff6d7

Request headers

Referer: https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84c53fa7dccd18e6-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 28 Jan 2024 00:51:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4MEbgXkLXjt4e7FsksqgOl9x1ahH65gz4DtPtpR6lxWwWKY1u5UOOhSQA%2Fenj6Cj0gMpGgSqJ0aezl9b1d8gSZCGQmAw0A2zb%2BFl%2FHUKhIBYbVdxJjpV0ywfMMcf3yPbzo3grg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3 200 micro.tag.min.js Show response
ourcommonnewz.com/pfe/current/ 28 KB
11 KB 39ms
38ms Script
application/javascript 172.64.134.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ourcommonnewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=775273410149495036&var=5186603&sw=/sw-check-permissions/4662709&uhd=1
Requested by: Host: ourcommonnewz.com
URL: https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.134.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc5f2967a33d6cd3df5091e31bd1fecb3d19094ba3f563fe26287a8ce7117b7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 00:51:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 25 Jan 2024 09:37:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b22bc5-704a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ixd3XIPllnXHwpAAkExnuCX%2FTGgCXnEf4jk074NZTPDCR9iMUdSziVo7bq5qsdgjcz4juIhJGmjCDa9OzdlIyg%2FKcQH4c6i0MSYGI3LrdmcXWfD5Zmoh3ZaauU7i48LLlsDvqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 84c53faa0e3218e6-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 / Show response
ourcommonnewz.com/19/4662728/ 3 KB
3 KB 40ms
40ms XHR
application/json 172.64.134.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ourcommonnewz.com/19/4662728/?abt_opts=1&var=5186603&var3=775273410149495036&ymid=&rhd=1

Requested by

Host: ourcommonnewz.com
URL: https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.134.5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e658b25358841d2c3c85e29fb71f3f61d9b1586ccd27b42a453bc3bb294452a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:51:44 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: ebeb05abb7dad85c56daee87c9be5128
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aompH%2BvIy713xEZ3gHug%2F%2FQzv6QrydqVym5zXPIWx5t%2B2Xl98tkPHiER7QQemTQr%2BGnhM1sRmkbVimFgbzCSkoYLdbnP9bMMR3UU8mIxVbK9dSLBFr8HoWwYp8peqJ09voHA2A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 84c53faa0e3418e6-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H3 200 / Show response
ourcommonnewz.com/ 2 B
534 B 42ms
41ms XHR
application/json 172.64.134.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2&mprtr=1
Requested by: Host: ourcommonnewz.com
URL: https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.134.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:51:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QD97y5O6asz0xFteyneuszx0%2FKWuMY7ZAkEIZJ6izLzKS6c5avewl879%2FqCovpH7Uq%2F2WEeaoMIKxDD1xsKTtm%2FMV3mNlyMFQiGDwkOs3QNZfE%2BPE3czp3mRRii6VZXtHbrmHg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 84c53faa1e3b18e6-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 4662709
ourcommonnewz.com/sw-check-permissions/ 0
954 B 43ms
43ms Other
application/javascript 172.64.134.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ourcommonnewz.com/sw-check-permissions/4662709?var=5186603&ymid=775273410149495036&uhd=1&zoneId=4662709
Requested by: Host: ourcommonnewz.com
URL: https://ourcommonnewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=775273410149495036&var=5186603&sw=/sw-check-permissions/4662709&uhd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.134.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:51:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BiZWmVLcfrTBenNykkiEvz9rbVd4SwFe95Z1RdER3%2BEOYoasJfiP4muLMVSeAPq1uyQQQNfkro%2FsudRPHWrhUl1qWaCaaqZ0%2FE3owx8WrVsnmlyep6UfeAkZHrtpI%2FFIAo0mIA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 84c53faa4e5018e6-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H3 200 zone
ourcommonnewz.com/ 0
497 B 33ms
33ms Ping
text/plain 172.64.134.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ourcommonnewz.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=ourcommonnewz.com&var=5186603&ymid=775273410149495036&var_3=&var_4=&dsig=&tg=1&sw=3.1.477&trace_id=5739aeb8-5b86-4a78-a1fc-5350194e4f2f&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: ourcommonnewz.com
URL: https://ourcommonnewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=775273410149495036&var=5186603&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.134.5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-trace-id: 420c0a36477840ee9cff3104a9a23c51
date: Sun, 28 Jan 2024 00:51:44 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oLN78WeFQYQjTkG7QUVZD5nS6OceZ7oMOABZnnNtOrH%2BxrUzMGDoJLaP34kPXUW5%2FSX6jaX7XaM%2FQ5awW%2BLluyQTlwtnURKtBLNoLdSVLBdh5nZSz80cWbYGMw2Md%2Fna47RecQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ourcommonnewz.com
access-control-allow-credentials: true
cf-ray: 84c53faa4e5318e6-FRA
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
544 B 27ms
27ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=775273410149495036&var=5186603

Requested by

Host: ourcommonnewz.com
URL: https://ourcommonnewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=775273410149495036&var=5186603&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

aeb13809f6b33d7f152d50dcfa5e1141072f5a5845ea7a20469ed6e706971deb

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ourcommonnewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:51:44 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ourcommonnewz.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 rhd Show response
ourcommonnewz.com/ 3 KB
3 KB 52ms
52ms Fetch
application/json 172.64.134.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ourcommonnewz.com/rhd?rb=whRuvElbZmWkshH43kd2UYRulTmf4UX6dBxhv7Z4V5OOFB82lXqdIn4kbfFkvF5e5uGupszUiSxqlFJdbhMIKnT0CnYKANg95zvxnAL8JtsTwDgm_nq_iRTdE-XvV0XnC3IY7_Kp9Y8CJPYhyw1EpVlPWCBG9AHnbEqZ-CUsnk0YOTCDNc1LdzlaNrmOyjl_RQflD7NeNeUeV0fmG-76LjBPT7o2vrzZl0vMs_d_KfPSWHJryRwMIjZCmHiZf-47JJRcea-0EISSH3tLxlXcsWWX3O_dYbpocgJpW8Mwz6i9xjATTO39xUguk6bhIOmyy3FpgN7Mxlvaf9ZK9O0Xf4Eslr7iZ732aKLax3mFHxULFCnKIPDRPEzb--s-LX5f2S4h_BPdPyBPlHz41GPBjBwP2mNObSaS5ZqJOLKDo1d-14acINX2uoO0DkE8mLzez99beu5BWkQyCUlfipXNrBzqBLX16SpJeY71SEB1klW6jy6ipqhSq4t7mPf5oJJEM9_NaQXcMHroB-hM6LbmarLTNT4Rr0rNiecLTwX4z_GndtiS&request_ab2=150020&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fourcommonnewz.com%2F%3Fs%3D775273410149495036%26ssk%3Dbaaa447f46c9d033f88f0d2c8e380401%26svar%3D1706403103%26z%3D5186603%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3D%26bto%3D%26rdc%3D2&drf=https%3A%2F%2Fourcommonnewz.com%2F%3Fs%3D775273410149495036%26ssk%3Dbaaa447f46c9d033f88f0d2c8e380401%26svar%3D1706403103%26z%3D5186603%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3D%26bto%3D&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=5186603&var3=775273410149495036&ymid=&rhd=1&m=link

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.134.5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e66dcf2be3268a6365904319126b49a659bcc79e61eee02561d4e36c727319c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:51:44 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: f791e167a692d1cbd2fba44f95f57996
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B362VqfySwfd4%2BfNMxkifsO0gCT5yLbDM%2FrYHq7ZTkhdDstd4XV1qyAR7atGhond%2F%2FhbZl%2Fyg1bwXrpNWT5Vf%2FivA0pMKSQI9j0glzwM8z0p0DxDa82vCngxOrz5t%2FMsJB4sgA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 84c53faa5e5718e6-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 zone Show response
ourcommonnewz.com/ 797 B
986 B 42ms
42ms Fetch
application/json 172.64.134.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ourcommonnewz.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=ourcommonnewz.com&var=5186603&ymid=775273410149495036&var_3=&var_4=&dsig=&tg=1&sw=3.1.477&trace_id=5739aeb8-5b86-4a78-a1fc-5350194e4f2f&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: ourcommonnewz.com
URL: https://ourcommonnewz.com/pfe/current/micro.tag.min.js?z=4662709&ymid=775273410149495036&var=5186603&sw=/sw-check-permissions/4662709&uhd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.134.5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1418be2bede6dc570dd12e34e0e03392eb1e6c8b35e1214c058873cbc8a2df93

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:51:44 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-trace-id: a4ec2a253710edf290fe6b74303b792c
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nScd7kmY5Yzu0PsPvehneNYIocPPIrNXmlzDHD%2Bj3L%2FSNocIrorSTTJHltL1cbpUy%2FMyXxVnqYYQYvi4m0Itis6Kc3JLJcgupfuHC6eie9ld%2FVkz0%2BGA3RYG3DHGuJQt5oCmPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 84c53faa5e5818e6-FRA
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept

GET
H/1.1 200
OK 6517545af1a71e0001de416a
track.routes.name/ 934 B
2 KB 195ms
41ms Document
text/html 217.20.112.104
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://track.routes.name/6517545af1a71e0001de416a?sub1=4662728&sub2=7481977&sub3=broadband&sub4=chrome&sub5=windows&sub6=DE&sub7=19120475&sub8=keyweb%20ag&sub9=desktop&ref_id=775273414075359529&cost=0.000241&oaid=9e25c1c5201af980f18814b74a042aeb
Requested by: Host: ourcommonnewz.com
URL: https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 217.20.112.104 Petershagen, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 934
Content-Type: text/html; charset=utf-8
Date: Sun, 28 Jan 2024 00:51:45 GMT
Server: nginx/1.20.2

POST
H3 200 cat.php
ourcommonnewz.com/ 0
761 B 36ms
35ms Ping
text/plain 172.64.134.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ourcommonnewz.com/cat.php?userId=9e25c1c5201af980f18814b74a042aeb&zoneid=4662728&rb=whRuvElbZmWkshH43kd2UYRulTmf4UX6dBxhv7Z4V5OOFB82lXqdIn4kbfFkvF5e5uGupszUiSxqlFJdbhMIKnT0CnYKANg95zvxnAL8JtsTwDgm_nq_iRTdE-XvV0XnC3IY7_Kp9Y8CJPYhyw1EpVlPWCBG9AHnbEqZ-CUsnk0YOTCDNc1LdzlaNrmOyjl_RQflD7NeNeUeV0fmG-76LjBPT7o2vrzZl0vMs_d_KfPSWHJryRwMIjZCmHiZf-47JJRcea-0EISSH3tLxlXcsWWX3O_dYbpocgJpW8Mwz6i9xjATTO39xUguk6bhIOmyy3FpgN7Mxlvaf9ZK9O0Xf4Eslr7iZ732aKLax3mFHxULFCnKIPDRPEzb--s-LX5f2S4h_BPdPyBPlHz41GPBjBwP2mNObSaS5ZqJOLKDo1d-14acINX2uoO0DkE8mLzez99beu5BWkQyCUlfipXNrBzqBLX16SpJeY71SEB1klW6jy6ipqhSq4t7mPf5oJJEM9_NaQXcMHroB-hM6LbmarLTNT4Rr0rNiecLTwX4z_GndtiS&var=5186603&var3=775273410149495036&ymid=&rhd=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.134.5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://ourcommonnewz.com/?s=775273410149495036&ssk=baaa447f46c9d033f88f0d2c8e380401&svar=1706403103&z=5186603&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 28 Jan 2024 00:51:44 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
x-trace-id: e4b5518f3e7a8056ac38ffd6a5de5dfb
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9SNXAOTIfF%2F4DIB0Ji%2BHRH7GSAn3THkpCUWwQ4tm0bChoXKHuUGKktM8K4SL%2BtbjsPKhh0gjjl1K3Wnc7jlh5guKZrIzRjGiXpqyoVnzkOUePjMBf1lxPlWzn5jpB6YByAnKg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ourcommonnewz.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 84c53fada85f18e6-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2

200

Primary Request / Show response
yourerrorsplug.com/l/
Redirect Chain

https://yourerrorsplug.com/l/?a=domain-ab&utm_source=3&utm_campaign=65b5a5216a6dad0001c091fe&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&subid=master&text1=Your+Errors+Pl...
https://yourerrorsplug.com/l/?a=domain-ab&utm_source=3&utm_campaign=65b5a5216a6dad0001c091fe&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Your+Errors+Plug+For+WhichB...

17 KB
8 KB

54ms
53ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yourerrorsplug.com/l/?a=domain-ab&utm_source=3&utm_campaign=65b5a5216a6dad0001c091fe&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Your+Errors+Plug+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8eb2fb2eb258613336a256d1e1dc1df28c0f1589c8e76f856848b9bc14537e67

Request headers

Referer: https://track.routes.name/6517545af1a71e0001de416a?sub1=4662728&sub2=7481977&sub3=broadband&sub4=chrome&sub5=windows&sub6=DE&sub7=19120475&sub8=keyweb%20ag&sub9=desktop&ref_id=775273414075359529&cost=0.000241&oaid=9e25c1c5201af980f18814b74a042aeb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 84c53fafe8e06f6f-CDG
content-encoding: br
content-type: text/html;charset=UTF-8
date: Sun, 28 Jan 2024 00:51:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZQi%2B4yOpHneQWIDlJ%2BBi%2Fk%2FOJ1d1QPGwFMpaUbbJj4Zf6ZHK1ahxk9u3cYn5S2sOpsbVv%2F4L1jMFyHUqbIqCc2yDLrdCqpKJJ4V4iArZ59T6JMek4iQDR4%2FFM8gAOfkqpxONON4OUxjaNd3%2B225vfNU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-ray: 84c53fafa8c36f6f-CDG
content-length: 0
date: Sun, 28 Jan 2024 00:51:45 GMT
location: https://yourerrorsplug.com/l/?a=domain-ab&utm_source=3&utm_campaign=65b5a5216a6dad0001c091fe&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Your+Errors+Plug+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BtQHVAI5RlKWFN1o3ztcYPJ8D92FNR3afzEF%2BL%2Fc6BVLYbGulh0StD9yM8ix3oPZyCioVWzdHItfFwCGInhmwXVdMPAfY8Db98EIplAssrDVDtno6zOITgpRIrpdYd6r734Fa3B7Z5sSk0I4gnpitJs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 152 KB
24 KB 71ms
29ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

Requested by

Host: yourerrorsplug.com
URL: https://yourerrorsplug.com/l/?a=domain-ab&utm_source=3&utm_campaign=65b5a5216a6dad0001c091fe&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Your+Errors+Plug+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://yourerrorsplug.com/
Origin: https://yourerrorsplug.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:51:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5258776
x-jsd-version: 5.0.2
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230115-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UvlNTgAIcXlF50fiesR0AAEiysW%2FXF8inKfvX1hhxhrvQRo5OcYwJz4DGNRid%2FphwZxg%2FnqbSN7CcqAbJRmJnLVMDBirYfoKOK9MTqAdvPq8kV045guNlm3QS2xzU7UqkMqgc2hpmUd7W5OVqmw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 84c53fb07ba03a80-FRA

GET
H2 200 bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/ 79 KB
11 KB 75ms
29ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yourerrorsplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:51:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 16761
x-jsd-version: 1.8.1
content-encoding: br
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220090-FRA, cache-lga21931-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"13a7e-T26mnA4DQx/6Ggl6RUU7WzskbYs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pMMCPb2ri7yHnhbqfKidvtdxR8JIX1RQ2O%2BaCfR3yzDgXFOJf7HHdb1YS585uzPR7FkIvd6Q3Oh4kJ8SvCqGIe422uNL31m4OnoiN8Z%2F6j0jEeBYXuRc232XS1v23SFXIf1ZldlRqgBHLI0eVoA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 84c53fb0897d65c7-FRA

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ 77 KB
23 KB 73ms
31ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://yourerrorsplug.com/
Origin: https://yourerrorsplug.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:51:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6891681
x-jsd-version: 5.0.2
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230050-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TnQJpDgXWi4W7viTuYbIVI7m%2BKr741nyC27qMddagDrXqiIucZPDJBPMdHUCbYbgY%2FQY9A%2FGBZYRHlxf7gMDPjxkIPZrGGzz%2FBtoZ51UwxB3wPBVkmrP3%2BTwFXcj%2FHBL%2Fw%2ByYfI4abtG2OJiEIU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 84c53fb07ba13a80-FRA

GET
H3 200 ua-parser.min.js Show response
cdnjs.cloudflare.com/ajax/libs/UAParser.js/0.7.20/ 14 KB
6 KB 50ms
28ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/UAParser.js/0.7.20/ua-parser.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a7547ed8ce1cf622bba41c6cc4d1745861c85a51943a81ccadc2c7b04bc8fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://yourerrorsplug.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:51:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7582070
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5456
last-modified: Mon, 04 May 2020 16:04:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf3-38ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FBc8K9T2qklJxvJJWcW3C5UnJ1O93nu56csdEeBXe%2BJELAHvW%2BG8isXYVdP8CSRwAFRh7Zn5Zu1U4XQ7rhbr%2F6y9wnobb0OIzCTyQTolh4FSbZ00K%2BiqeQymYYXftqXkwwov5zxG5NDljC0IP1CW1d27"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84c53fb0586b9948-FRA
expires: Fri, 17 Jan 2025 00:51:45 GMT

GET
DATA 200
OK truncated
/ 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bf339b4730ed9df2865f724168bcb3578f01bb836a4d47e7ab9084f447f4857

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79bccc6b05b2515c956ca7f11889c309da76e3e90fea1f6296b6c3729092756d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 chrome_48x48.png
cdnjs.cloudflare.com/ajax/libs/browser-logos/72.0.0/chrome/ 3 KB
3 KB 27ms
26ms Image
image/png 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/browser-logos/72.0.0/chrome/chrome_48x48.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eccdfe9d867373e2da66eedfcaaab40cbcdf6a221b83d6ee1400895a3e4c8046

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yourerrorsplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:51:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5246461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3171
last-modified: Thu, 07 Apr 2022 06:36:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "624e8672-c63"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9q4p%2BCm1M1r%2BEjbvwryv2eZVJS%2BvDY7eHaHgGlCpvpyvsXa4tLm7oZXXagNdPR1HD6MNlFuTc2glSugPCLxCa5V%2FX42LGQG6fa6wiY9mwQkC%2FiIr25c6GgmMj%2BalByov2Rs2SkoA2evarQyL%2FTqhPU0"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84c53fb0d9172bca-FRA
expires: Fri, 17 Jan 2025 00:51:45 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: wz.takivi.org
URL: https://wz.takivi.org/rxz.png

Domain: widget.supercounters.com
URL: https://widget.supercounters.com/ssl/online_i.js

Domain: hm.baidu.com
URL: https://hm.baidu.com/hm.js?96203ca5188c89396572f4c329976446

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tiny.ke/	1969-12-31 23:59:59	Name: PHPSESSID Value: d39a07b9eb6c39b17ee94520f075b14d
tiny.ke/	1970-01-20 18:00:04	Name: short_4 Value: 1
jiforo.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: e38fe6683e869ec8b26c4ecb03645681
thaudray.com/	1970-01-21 02:45:39	Name: OAID Value: ec2e39e01e2f49f9a5cf04aef91ad9fc
thaudray.com/	1970-01-21 02:45:39	Name: oaidts Value: 1706403103
my.rtmark.net/	1970-01-21 02:45:39	Name: ID Value: ec2e39e01e2f49f9a5cf04aef91ad9fc
ourcommonnewz.com/	1970-01-21 02:45:39	Name: oaidts Value: 1706403103
ourcommonnewz.com/	1970-01-21 03:36:03	Name: syncedCookie Value: true
ourcommonnewz.com/	1970-01-21 02:45:39	Name: OAID Value: 9e25c1c5201af980f18814b74a042aeb
ourcommonnewz.com/	1970-01-20 18:00:03	Name: prefetchAd_4662728 Value: true
ourcommonnewz.com/	1970-01-20 18:00:06	Name: reverse Value: gnyuLNXmYx1u8u_wOc8gP1EylmxtkMCKC1aKK4-8G9s
.track.routes.name/	1970-01-20 18:01:29	Name: redcmps Value: W3siaWQiOiI2NTE3NTQ1YWYxYTcxZTAwMDFkZTQxNmEiLCJ0IjoiMjAyNC0wMS0yOFQwMDo1MTo0NS4wNjkyNDcyOVoifV0=
.track.routes.name/	1970-01-21 02:45:39	Name: redhash Value: NjViNWE1MjE2YTZkYWQwMDAxYzA5MWZlfDB8NjUxNzU0NWFmMWE3MWUwMDAxZGU0MTZhfHxmYzIyMGEwYi1mMGMxLTQ4MTEtODI4Ni1kMTg2NDMwMTZlZmF8MTcwNjQwMzEwNQ==
.yourerrorsplug.com/	1970-01-20 18:08:48	Name: vcid Value: 65b5a5216a6dad0001c091fe

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
hm.baidu.com
jiforo.com
maxcdn.bootstrapcdn.com
my.rtmark.net
ourcommonnewz.com
thaudray.com
tiny.ke
track.routes.name
widget.supercounters.com
wz.takivi.org
yourerrorsplug.com
hm.baidu.com
widget.supercounters.com
wz.takivi.org
139.45.195.8
139.45.197.237
162.246.21.210
162.246.22.203
172.64.134.5
174.138.183.242
217.20.112.104
2606:4700::6810:5614
2606:4700::6811:190e
2606:4700::6812:bcf
2a00:1450:4001:831::200a
2a06:98c1:3120::3
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1418be2bede6dc570dd12e34e0e03392eb1e6c8b35e1214c058873cbc8a2df93
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2bf339b4730ed9df2865f724168bcb3578f01bb836a4d47e7ab9084f447f4857
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
30b38cadbfce53aab8409dcb51113d3fb60261d8d0c3f80b6f5dd0f9ffc215a8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a7547ed8ce1cf622bba41c6cc4d1745861c85a51943a81ccadc2c7b04bc8fab
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79bccc6b05b2515c956ca7f11889c309da76e3e90fea1f6296b6c3729092756d
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
8eb2fb2eb258613336a256d1e1dc1df28c0f1589c8e76f856848b9bc14537e67
9af03f311ea52887f25502a6be6914758fa01bb9c5e3986f36af1834eea31623
aeb13809f6b33d7f152d50dcfa5e1141072f5a5845ea7a20469ed6e706971deb
af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc
b7c8dd8e039c1d77ff08efce4cf17e8bd4f20a84fbaab4f51b17429ea1c93dcd
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
cc5f2967a33d6cd3df5091e31bd1fecb3d19094ba3f563fe26287a8ce7117b7f
cf430b12ec14f64f5d2bdaea071163b9f33f874ff49df5fafe51a73726c36f75
db7df841d896926d6502af2a0560cd5baf89d53e5e8cc47debc3d08f9f4ff6d7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e658b25358841d2c3c85e29fb71f3f61d9b1586ccd27b42a453bc3bb294452a5
e66dcf2be3268a6365904319126b49a659bcc79e61eee02561d4e36c727319c4
eccdfe9d867373e2da66eedfcaaab40cbcdf6a221b83d6ee1400895a3e4c8046

yourerrorsplug.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

94 %HTTPS

42 %IPv6

14 Domains

14 Subdomains

11 IPs

3 Countries

383 kBTransfer

1209 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

yourerrorsplug.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

94 %
HTTPS

42 %
IPv6

14
Domains

14
Subdomains

11
IPs

3
Countries

383 kB
Transfer

1209 kB
Size

14
Cookies

47 HTTP transactions
4 data transactions