playzhim.com.atlaq.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://playzhim.com.atlaq.com/
Submission: On August 21 via manual (August 21st 2023, 8:40:23 am UTC) from CH — Scanned from NL

Summary HTTP 60 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 22 IPs in 7 countries across 23 domains to perform 60 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is playzhim.com.atlaq.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 26th 2023. Valid for: a year.

This is the only time playzhim.com.atlaq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1 2	35.214.213.233 35.214.213.233	15169 (GOOGLE) (GOOGLE)
1 2	89.46.108.66 89.46.108.66	31034 (ARUBA-ASN) (ARUBA-ASN)
1	46.254.38.46 46.254.38.46	52030 (SERVERPLA...) (SERVERPLAN-AS)
1	141.193.213.11 141.193.213.11	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	168.168.48.226 168.168.48.226	21874 (MMC) (MMC)
7	139.45.197.242 139.45.197.242	9002 (RETN-AS) (RETN-AS)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
9	139.45.197.250 139.45.197.250	9002 (RETN-AS) (RETN-AS)
3	139.45.197.245 139.45.197.245	9002 (RETN-AS) (RETN-AS)
3	139.45.197.243 139.45.197.243	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::6815:644	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	139.45.197.151 139.45.197.151	9002 (RETN-AS) (RETN-AS)
1	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
4	2606:4700:10:... 2606:4700:10::6816:1874	13335 (CLOUDFLAR...) (CLOUDFLARENET)
60	22

8 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

playzhim.com.atlaq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
atlaq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alwingulla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.214.213.233 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 233.213.214.35.bc.googleusercontent.com

mondobalneare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.mondobalneare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.46.108.66 (Arezzo, Italy) 1 redirects

ASN31034 (ARUBA-ASN, IT)
PTR: webx1322.aruba.it

moneygoals.srl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.moneygoals.srl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.254.38.46 (Rome, Italy)

ASN52030 (SERVERPLAN-AS, IT)
PTR: v00clm-codi.sphostserver.com

musicusata.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

myjazzedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.168.48.226 (Ascension Island)

ASN21874 (MMC, US)
PTR: www.mymarsh.it

mymarsh.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 139.45.197.242 (United Kingdom)

ASN9002 (RETN-AS, GB)

veepteero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eedsaung.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)

ibrapush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.245 (United Kingdom)

ASN9002 (RETN-AS, GB)

ossmightyenar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)

offshuppetchan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:644 (United States)

ASN13335 (CLOUDFLARENET, US)

tzegilo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.197.151 (United Kingdom)

ASN9002 (RETN-AS, GB)

interstitial-08.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)

fleraprt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:1874 (United States)

ASN13335 (CLOUDFLARENET, US)

littlecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	ibrapush.com ibrapush.com — Cisco Umbrella Rank: 135592	41 KB
7	atlaq.com playzhim.com.atlaq.com atlaq.com — Cisco Umbrella Rank: 429204	388 KB
5	interstitial-08.com interstitial-08.com — Cisco Umbrella Rank: 104272	158 KB
5	eedsaung.net eedsaung.net — Cisco Umbrella Rank: 26006	148 KB
4	littlecdn.com littlecdn.com — Cisco Umbrella Rank: 12711	35 KB
3	offshuppetchan.com offshuppetchan.com — Cisco Umbrella Rank: 36213	32 KB
3	ossmightyenar.net ossmightyenar.net — Cisco Umbrella Rank: 77420	35 KB
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 9422	1 KB
2	google.nl www.google.nl — Cisco Umbrella Rank: 8506	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 122	410 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2706 www.google.com — Cisco Umbrella Rank: 3	667 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 62	21 KB
2	veepteero.com veepteero.com — Cisco Umbrella Rank: 154203	4 KB
2	moneygoals.srl 1 redirects moneygoals.srl www.moneygoals.srl	119 B
2	mondobalneare.com 1 redirects mondobalneare.com www.mondobalneare.com	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	134 KB
1	fleraprt.com fleraprt.com — Cisco Umbrella Rank: 14963	492 B
1	tzegilo.com tzegilo.com — Cisco Umbrella Rank: 16005	7 KB
1	mymarsh.it mymarsh.it
1	myjazzedge.com myjazzedge.com	512 B
1	musicusata.it musicusata.it	234 B
1	alwingulla.com alwingulla.com — Cisco Umbrella Rank: 175274	22 KB
0	alexa.com Failed traffic.alexa.com Failed
60	23

	Domain	Requested by
9	ibrapush.com	alwingulla.com ibrapush.com playzhim.com.atlaq.com
5	interstitial-08.com	eedsaung.net interstitial-08.com
5	eedsaung.net	alwingulla.com eedsaung.net
4	littlecdn.com	interstitial-08.com
4	atlaq.com	playzhim.com.atlaq.com
3	offshuppetchan.com	alwingulla.com offshuppetchan.com
3	ossmightyenar.net	alwingulla.com ossmightyenar.net
3	playzhim.com.atlaq.com	playzhim.com.atlaq.com
2	my.rtmark.net	alwingulla.com playzhim.com.atlaq.com
2	www.google.nl	playzhim.com.atlaq.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	veepteero.com	alwingulla.com
2	www.googletagmanager.com	playzhim.com.atlaq.com www.googletagmanager.com
1	fleraprt.com	tzegilo.com
1	tzegilo.com	offshuppetchan.com
1	www.google.com	playzhim.com.atlaq.com
1	region1.analytics.google.com	www.googletagmanager.com
1	mymarsh.it	playzhim.com.atlaq.com
1	myjazzedge.com	playzhim.com.atlaq.com
1	musicusata.it	playzhim.com.atlaq.com
1	www.moneygoals.srl	playzhim.com.atlaq.com
1	moneygoals.srl	1 redirects
1	www.mondobalneare.com	playzhim.com.atlaq.com
1	mondobalneare.com	1 redirects
1	alwingulla.com	playzhim.com.atlaq.com
0	traffic.alexa.com Failed	playzhim.com.atlaq.com
60	27

This site contains links to these domains. Also see Links.

Domain
atlaq.com
www.godaddy.com
mondobalneare.com.atlaq.com
moneygoals.srl.atlaq.com
musicusata.it.atlaq.com
myjazzedge.com.atlaq.com
mymarsh.it.atlaq.com
www.facebook.com
www.instagram.com
www.linkedin.com
twitter.com

Subject Issuer	Validity	Valid
atlaq.com Cloudflare Inc ECC CA-3	`2023-04-26` - `2024-04-25`	a year	crt.sh
alwingulla.com GTS CA 1P5	`2023-07-20` - `2023-10-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
musicusata.it RapidSSL TLS RSA CA G1	`2023-05-16` - `2024-05-15`	a year	crt.sh
myjazzedge.com Cloudflare Inc ECC CA-3	`2023-01-01` - `2024-01-01`	a year	crt.sh
www.mymarsh.it COMODO RSA Organization Validation Secure Server CA	`2023-04-16` - `2024-04-15`	a year	crt.sh
veepteero.com R3	`2023-07-27` - `2023-10-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
rtmark.net R3	`2023-07-25` - `2023-10-23`	3 months	crt.sh
ibrapush.com R3	`2023-06-07` - `2023-09-05`	3 months	crt.sh
ossmightyenar.net R3	`2023-06-22` - `2023-09-20`	3 months	crt.sh
offshuppetchan.com R3	`2023-08-01` - `2023-10-30`	3 months	crt.sh
eedsaung.net R3	`2023-05-26` - `2023-08-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
tzegilo.com GTS CA 1P5	`2023-08-07` - `2023-11-05`	3 months	crt.sh
interstitial-08.com R3	`2023-07-25` - `2023-10-23`	3 months	crt.sh
fleraprt.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-09` - `2024-01-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://playzhim.com.atlaq.com/
Frame ID: E996A8FC3289FF359EA7D1AE33C0249F
Requests: 46 HTTP requests in this frame

Frame: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Feedsaung.net%2F12%3Frnd%3D61039423%26z%3D6159540%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DfK418d1nzcpgfHLv3BNcl-wICS0ErBxiplm-_MLTip3KRS_eM6cbwdBNopqMFZlQ0GMCV8LdZM22zfTenQya1lZgVJPFGLC2PHlJ1L3l_R5PwA1vis499LMKhGS9YXupGbPUJbmznvCzDzkTkYY7hAOoaZBhhwye1TrOIDSmeBktP9c9SJtts3zA_9tvGGGmnaC0Kw-ZH8RI5nHeUZnAQeNfDRzg5b2HDPQiFljSVTlJ3bI0-5QuG8XWN9RT1dPQYF1yXk4mW79c982-e2xI6nmHtu1FeX-kEX3txxcC8K7Bir98lYr9kLLedJY%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dccd78fd2-86eb-4bf0-8c06-73410069e229%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fplayzhim.com.atlaq.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Frame ID: FC5504A03BD35F4C24840033804C7544
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

playzhim.com - Home Page

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

60
Requests

93 %
HTTPS

43 %
IPv6

23
Domains

27
Subdomains

22
IPs

7
Countries

1030 kB
Transfer

1925 kB
Size

14
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://atlaq.com/

Search URL Search Domain Scan URL

URL: http://www.godaddy.com/
Title: GoDaddy.com, LLC

Search URL Search Domain Scan URL

URL: https://mondobalneare.com.atlaq.com/
Title: Mondobalneare

Search URL Search Domain Scan URL

URL: http://moneygoals.srl.atlaq.com/
Title: Moneygoals

Search URL Search Domain Scan URL

URL: http://musicusata.it.atlaq.com/
Title: Musicusata

Search URL Search Domain Scan URL

URL: https://myjazzedge.com.atlaq.com/
Title: Myjazzedge

Search URL Search Domain Scan URL

URL: http://mymarsh.it.atlaq.com/
Title: Mymarsh

Search URL Search Domain Scan URL

URL: https://atlaq.com/Privacy-Policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://atlaq.com/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://atlaq.com/Disclosure
Title: Disclosure

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GoATLAQ

Search URL Search Domain Scan URL

URL: https://www.instagram.com/goATLAQ/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/goatlaq

Search URL Search Domain Scan URL

URL: https://twitter.com/GetAtlaq

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://mondobalneare.com/favicon.ico HTTP 302
https://www.mondobalneare.com/wp-content/uploads/2019/05/cropped-mondo-balneare-icon-32x32.png

Request Chain 8

https://moneygoals.srl/favicon.ico HTTP 301
https://www.moneygoals.srl/favicon.ico

60 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
playzhim.com.atlaq.com/ 26 KB
8 KB 778ms
716ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://playzhim.com.atlaq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28a913124089c51c2399dd66aa9f3125bb11a0780d3254fb5916ae084a0181b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Authorization, Accept
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-expose-headers: Content-Disposition
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=2592000
cf-cache-status: DYNAMIC
cf-railgun: direct (starting new WAN connection)
cf-ray: 7fa1920128522bf7-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 21 Aug 2023 08:40:17 GMT
expires: Wed, 20 Sep 2023 08:05:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rS3rp6YtpK470hm9NKYgzyJIk5nBUhHcVHrv6oRzB4leh%2F2yGZB4PLG2eZAj2%2Bc0hidZUuINKjV%2BR0sVNLGDhyOOc4o9i3EkACFfs4umuPwVeRCZMRJAGv%2FfCXbnUm5zjraz0QqjL8rQyV2cf48dNNDLpqq7"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding,User-Agent,Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-litespeed-cache: hit
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

GET graph
traffic.alexa.com/ 0
0

GET
H2 200 style.css
atlaq.com/ 48 KB
18 KB 42ms
28ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://atlaq.com/style.css

Requested by

Host: playzhim.com.atlaq.com
URL: https://playzhim.com.atlaq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f807cd9d5d8475f4ec107c17a62318927277940eb8bfe1d386ec97ad4cb9f57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 08:40:17 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 933755
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 25 Oct 2022 04:42:27 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent,Origin
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCcgjMkJd0ymhWtXhv0coBIojDizbXkMU5Gx7PYlV77DEO78gye%2BTZgxdQ%2B0nxVUrK2m3o9aUzio4MkdIcRB1Yhod3grNzSsxCSWv2V0kqV4jLa5MdX7XewcYBHj1%2BZ5iFfJ0onYcaU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 7fa19207884a2bf7-FRA
expires: Sat, 09 Sep 2023 13:17:41 GMT

GET
H2 200 tag.min.js Show response
alwingulla.com/88/ 69 KB
22 KB 95ms
30ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://alwingulla.com/88/tag.min.js
Requested by: Host: playzhim.com.atlaq.com
URL: https://playzhim.com.atlaq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 834e2ce15c23b74e6ab4ff40fc5371c2e5c70958ac684540d9e2aaebcc2e8161

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 08:40:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37860
alt-svc: h3=":443"; ma=86400
x-trace-id: dfb45785e23ae8e871bb6f52cddc56dc
pragma: no-cache
last-modified: Thu, 17 Aug 2023 04:14:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hRYxi0VmaqIZP7Cyw2VXcn0ZGH3k96%2BVQu6L%2B1svEsLD33Jdfv4eQoQk4eLQqbz1BZBnI7NGzZryZA1MHau3XLhvlOq%2BIjJQ8OMrLn7iEqlWZ85F%2Bq2htt7DRrrh2zJsI17aGzijVgWbeT282w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 7fa19207dbca4daa-FRA
expires: Mon, 21 Aug 2023 22:09:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 127 KB
49 KB 84ms
31ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-85346163-2

Requested by

Host: playzhim.com.atlaq.com
URL: https://playzhim.com.atlaq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9dbfa89441cd176227b1f09f2f139e21ce280ba5f29b7c4d34de172d6bf38f24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 08:40:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 49787
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 21 Aug 2023 08:40:17 GMT

GET
DATA 200
OK truncated
/ 743 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a41faa8cef68b072f882071ffefa745a70a472fd60bd33e7dac96e44f5f4c6ef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 logo.png
atlaq.com/ 115 KB
115 KB 30ms
28ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://atlaq.com/logo.png

Requested by

Host: playzhim.com.atlaq.com
URL: https://playzhim.com.atlaq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ae2cb133588b7a2926b71630869d602c294840f6c1379666e82b25f3354623b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 08:40:17 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 933492
alt-svc: h3=":443"; ma=86400
content-length: 117433
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jan 2020 11:21:42 GMT
server: cloudflare
vary: User-Agent,Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=REujApBxNGqztJ7eRAAZak3fsLSB4%2FxOCJTEApOaAbJeXptnYAIygKi8%2Fvdgp4%2BcsWxyEMpvEik9uOkiOntKdbv4eQcn7WTp7XuWMkqmKRxGixFqUuSN9MxP6I6obwXgm2CfI%2BbFXQk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7fa1920798772bf7-FRA
expires: Fri, 09 Aug 2024 13:22:05 GMT

GET
H2

200

cropped-mondo-balneare-icon-32x32.png
www.mondobalneare.com/wp-content/uploads/2019/05/
Redirect Chain

https://mondobalneare.com/favicon.ico
https://www.mondobalneare.com/wp-content/uploads/2019/05/cropped-mondo-balneare-icon-32x32.png

1 KB
2 KB

79ms
25ms

Image
image/png

35.214.213.233
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mondobalneare.com/wp-content/uploads/2019/05/cropped-mondo-balneare-icon-32x32.png
Requested by: Host: playzhim.com.atlaq.com
URL: https://playzhim.com.atlaq.com/
Protocol: H2
Server: 35.214.213.233 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 233.213.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: bc35da1a635dd9b9aff1d7b10cde56896aef1e9a7cc77cf1d7a6accc59b22459

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 08:40:18 GMT
last-modified: Fri, 10 May 2019 16:40:00 GMT
server: nginx
etag: "5f8-5888b37b51800"
x-proxy-cache-info: 0 NC:000000 UP:SKIP_CACHE_PRIVATE
content-type: image/png
x-httpd: 1
cache-control: private
accept-ranges: bytes
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-length: 1528
x-proxy-cache: MISS

Redirect headers

date: Mon, 21 Aug 2023 08:40:18 GMT
server: nginx
x-redirect-by: WordPress
x-proxy-cache-info: 0302 NC:000000 UP:SKIP_CACHE_PRIVATE
content-type: text/html; charset=UTF-8
location: https://www.mondobalneare.com/wp-content/uploads/2019/05/cropped-mondo-balneare-icon-32x32.png
x-httpd: 1
cache-control: private
host-header: 6b7412fb82ca5edfd0917e3957f05d89
link: <https://www.mondobalneare.com/wp-json/>; rel="https://api.w.org/"
x-proxy-cache: MISS

GET
H2

404

favicon.ico
www.moneygoals.srl/
Redirect Chain

https://moneygoals.srl/favicon.ico
https://www.moneygoals.srl/favicon.ico

0
0

111ms
59ms

Image
text/html

89.46.108.66
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.moneygoals.srl/favicon.ico
Requested by: Host: playzhim.com.atlaq.com
URL: https://playzhim.com.atlaq.com/
Protocol: H2
Server: 89.46.108.66 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1322.aruba.it
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Redirect headers

location: https://www.moneygoals.srl/favicon.ico
x-servername: ipvsproxy161.ad.aruba.it
date: Mon, 21 Aug 2023 08:40:18 GMT
server: aruba-proxy
content-type: text/html

GET
H2 200 favicon.ico
musicusata.it/ 1 KB
234 B 279ms
59ms Image
image/x-icon 46.254.38.46
SERVERPLAN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://musicusata.it/favicon.ico
Requested by: Host: playzhim.com.atlaq.com
URL: https://playzhim.com.atlaq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.254.38.46 Rome, Italy, ASN52030 (SERVERPLAN-AS, IT),
Reverse DNS: v00clm-codi.sphostserver.com
Software: Apache /
Resource Hash: 3550474f9a466ace7857064d81db50a25ba7c81de043bc9df8289bd90e32e411

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 08:40:18 GMT
content-encoding: gzip
last-modified: Sat, 12 Jun 2021 22:15:05 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: image/x-icon
accept-ranges: bytes
content-length: 109

GET
H2 200 favicon.ico
myjazzedge.com/ 0
512 B 590ms
520ms Image
image/x-icon 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myjazzedge.com/favicon.ico
Requested by: Host: playzhim.com.atlaq.com
URL: https://playzhim.com.atlaq.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 08:40:18 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-wpe-request-id: 9a7c8b24869a80e63535af249d195abe
alt-svc: h3=":443"; ma=86400
content-length: 0
last-modified: Tue, 15 Aug 2023 21:32:17 GMT
server: cloudflare
etag: "64dbeee1-0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gN8%2BBwqfCYGFC3Fw%2FypBByX32FVhA2H0Q2IpjQwF66Ku%2BHbiKE1Smhmz78x6Gfh1umPulUWhR6%2Fky21H47U%2BDzBQy1ySgecTukhBggpbzk91ZcJ2ABxdEXBFKNe6ystW"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fa192080c7f366b-FRA

GET
H/1.1 404
Not Found favicon.ico
mymarsh.it/ 0
0 867ms
104ms Image
text/html 168.168.48.226
MMC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mymarsh.it/favicon.ico
Requested by: Host: playzhim.com.atlaq.com
URL: https://playzhim.com.atlaq.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 168.168.48.226 , Ascension Island, ASN21874 (MMC, US),
Reverse DNS: www.mymarsh.it
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H2 200 badk.txt Show response
playzhim.com.atlaq.com/ 43 KB
14 KB 633ms
632ms Fetch
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://playzhim.com.atlaq.com/badk.txt

Requested by

Host: playzhim.com.atlaq.com
URL: https://playzhim.com.atlaq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd300473a295a173716b1b182aed7c14e3551f7400360dd5f694115683ccd41c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 08:40:18 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Apr 2020 08:00:16 GMT
server: cloudflare
cf-railgun: direct (waiting for pending WAN connection)
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1RQsSuE0vq7Z4AzYvLfzcLsqtZLGE53%2Fx34tSxcHdN9qsH0CEFgSBFs0oJYMqFdaOswKK6rBU%2FtwtwwpVEOecgJhmbcxQBxE7iDmA3tizWdwJtwSxwhYcGebDaycLkiuYgpg1QGdG7HM1iOCm9R%2FJao7htJm"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Disposition
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
cf-ray: 7fa1920809102bf7-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Authorization, Accept
expires: Wed, 20 Sep 2023 08:40:16 GMT

GET
H2 200 1310 Show response
veepteero.com/88/ 3 KB
2 KB 96ms
16ms Fetch
application/json 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://veepteero.com/88/1310
Requested by: Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6bf15f50de06f31bfe1aa13f350827c902bbad10679c39d32a16f962850fb02b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Mon, 21 Aug 2023 08:40:18 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://playzhim.com.atlaq.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 251 KB
85 KB 37ms
35ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FPZ0VEL1WQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-85346163-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ae8fffba093737e5f972224e1a9a3b34ae2dc532cf8d9108a4545566d181876f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 08:40:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87207
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 21 Aug 2023 08:40:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 74ms
21ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-85346163-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 21 Aug 2023 07:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3035
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 21 Aug 2023 09:49:43 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
259 B 61ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-FPZ0VEL1WQ&gtm=45je38g0&_p=1103266574&_gaz=1&cid=980917811.1692607218&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1692607218&sct=1&seg=0&dl=https%3A%2F%2Fplayzhim.com.atlaq.com%2F&dt=playzhim.com%20-%20Home%20Page&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FPZ0VEL1WQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 08:40:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://playzhim.com.atlaq.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
259 B 65ms
22ms Ping
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FPZ0VEL1WQ&cid=980917811.1692607218&gtm=45je38g0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FPZ0VEL1WQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 08:40:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://playzhim.com.atlaq.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 94ms
45ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FPZ0VEL1WQ&cid=980917811.1692607218&gtm=45je38g0&aip=1&z=584578994

Requested by

Host: playzhim.com.atlaq.com
URL: https://playzhim.com.atlaq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 08:40:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
549 B 52ms
15ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=fdff7fbb721243c480058ac09ffe90f6

Requested by

Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

a4574f4cb236c2f61da86ed49d2c8e50e16d9b62010b3dff83a1b12dd549a48a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 08:40:18 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://playzhim.com.atlaq.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 tag.min.js Show response
ibrapush.com/pfe/current/ 13 KB
6 KB 71ms
19ms Script
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ibrapush.com/pfe/current/tag.min.js?z=6159542
Requested by: Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 9248f5602f140185b4b11ffde8982a2a3886c2f40602c26a7aaeb8bba4806f38

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 08:40:18 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 13:08:32 GMT
server: nginx
etag: W/"64df6d50-338c"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true
link: <https://my.rtmark.net>; rel=dns-prefetch;, <https://my.rtmark.net>; rel=preconnect

GET
H2 200 6159541 Show response
ossmightyenar.net/401/ 88 KB
34 KB 85ms
34ms Script
application/javascript 139.45.197.245
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ossmightyenar.net/401/6159541

Requested by

Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

b22616ae4c019e32dc25954c9eff5f316c30e4e3ed4e8f5798d0996629f49276

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 08:40:18 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: 4c369dc2fb9e9da7739179621861fbc0
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 6159539 Show response
offshuppetchan.com/400/ 82 KB
31 KB 74ms
27ms Script
application/javascript 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://offshuppetchan.com/400/6159539

Requested by

Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

3b2ba18850ca8c49dbf1d674a27c2e7f4817594a73e926f29dc2de36661eb627

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 08:40:18 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: f55b2ec6ac8dd7528c5626832430df4f
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 1 Show response
eedsaung.net/ 42 KB
16 KB 72ms
26ms Script
text/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eedsaung.net/1?z=6159540
Requested by: Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: de05a6b410fc5f239f73a88ce48dd1bd77e3ade8379e5c5eae38aaa5845a5fe5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-trace-id: cceadd099abceeae4d6e37e6fda3bb82
pragma: no-cache
date: Mon, 21 Aug 2023 08:40:18 GMT
content-encoding: gzip
x-sc: xxEZwEr8Cz3c1Euxa_W0UeZkEpqgOdgwmWlQ-TQhXzRydlXUaAuejgxf9bR0B0uGlUktt2Haj-3ZuCg-U_YEXaj5c2A=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
212 B 36ms
34ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1103266574&t=pageview&_s=1&dl=https%3A%2F%2Fplayzhim.com.atlaq.com%2F&ul=en-us&de=UTF-8&dt=playzhim.com%20-%20Home%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1660903074&gjid=394768568&cid=980917811.1692607218&tid=UA-85346163-2&_gid=609217712.1692607218&_r=1&gtm=457e38g0&jsscut=1&z=2055367926

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://playzhim.com.atlaq.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 08:40:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://playzhim.com.atlaq.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 22ms
21ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-85346163-2&cid=980917811.1692607218&jid=1660903074&gjid=394768568&_gid=609217712.1692607218&_u=YADAAUAAAAAAACAAI~&z=1732483108

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://playzhim.com.atlaq.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 21 Aug 2023 08:40:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://playzhim.com.atlaq.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
veepteero.com/ 1 KB
2 KB 102ms
16ms Fetch
application/json 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://veepteero.com/?rb=PxNM5P1Wb5dOyTZpyff5Dhk8jvGv78rx5BMIfBJr0SZ0m3DJXU_y7YF9xNB2YZklfcuSir3o6g35KeCXdQpR4HDGWvj0SwiESbdmU17cXqpl_FuC8E2CY40J9ZUKYiCulOzoMNUCDL-Z9rL7yb1SsdXWrJ-ejsUvjB2lVDE2KiXhLnadvZpdUZXCWfO-BPGxbJLtwNYNiO7KC0BJXes3q2DfY1vbzLd7HDHcv73m5WEd_-J_QzDH1z3EQphMl9oOBHR-DSEizp2pmgn50QeO5n3AqQL1nS9VVP4DSA%3D%3D&request_ab2=0&zoneid=6159538&js_build=iclick-v1.590.1-auto&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fplayzhim.com.atlaq.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.590.1-auto&bs=192df551-b674-4178-9c05-a00cc259d187&userId=fdff7fbb721243c480058ac09ffe90f6&m=link

Requested by

Host: alwingulla.com
URL: https://alwingulla.com/88/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

192a30c1213ff7d065072905c687e8cc6d5ceafd7d70ace96321b1d2fb8f2c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 08:40:18 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: 05763ba08b8e4e2070e539e64f4f09a6
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://playzhim.com.atlaq.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 zone Show response
ibrapush.com/ 882 B
1 KB 16ms
15ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ibrapush.com/zone?pub=0&zone_id=6159542&is_mobile=false&domain=playzhim.com.atlaq.com&var=&ymid=&var_3=

Requested by

Host: ibrapush.com
URL: https://ibrapush.com/pfe/current/tag.min.js?z=6159542

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

f27b22e45e4667654ec338929b428f7dd883bcbce30aa6b644d8f97b524987c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-trace-id: 173c9325581bf35b8a98f1584d49bdfc
date: Mon, 21 Aug 2023 08:40:18 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://playzhim.com.atlaq.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 882

GET
H2 200 universal.min.js Show response
ibrapush.com/pfe/current/ 85 KB
33 KB 43ms
13ms Fetch
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ibrapush.com/pfe/current/universal.min.js?v=3.1.450
Requested by: Host: ibrapush.com
URL: https://ibrapush.com/pfe/current/tag.min.js?z=6159542
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: ab43713e8d01640060652696ea16c0b7e6fa7ca0476413466a376ab82e58d254

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 08:40:18 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 13:08:32 GMT
server: nginx
etag: W/"64df6d50-155a7"
content-type: application/javascript
access-control-allow-origin: https://playzhim.com.atlaq.com
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 104ms
45ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-85346163-2&cid=980917811.1692607218&jid=1660903074&_u=YADAAUAAAAAAACAAI~&z=98239722

Requested by

Host: playzhim.com.atlaq.com
URL: https://playzhim.com.atlaq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 08:40:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 48ms
46ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-85346163-2&cid=980917811.1692607218&jid=1660903074&_u=YADAAUAAAAAAACAAI~&z=98239722

Requested by

Host: playzhim.com.atlaq.com
URL: https://playzhim.com.atlaq.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2023 08:40:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6fa5b21afd493e118e13c7bbdb2ef3a3 Show response
eedsaung.net/27/ 403 KB
128 KB 18ms
17ms Script
application/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eedsaung.net/27/6fa5b21afd493e118e13c7bbdb2ef3a3

Requested by

Host: eedsaung.net
URL: https://eedsaung.net/1?z=6159540

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

dde8aed668f935bf1d484dd072305b5bf909ced8d439d74fb87034765d17cbcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-trace-id: da15c909633431b61ab0f5dead433329
date: Mon, 21 Aug 2023 08:40:18 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
last-modified: Fri, 11 Aug 2023 04:24:08 GMT
server: nginx
content-encoding: gzip
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
cache-control: max-age:290304000, public
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Fri, 10 Sep 2083 04:24:08 GMT

GET
H3 200 logo.png
atlaq.com/ 115 KB
115 KB 38ms
37ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://atlaq.com/logo.png

Requested by

Host: playzhim.com.atlaq.com
URL: https://playzhim.com.atlaq.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ae2cb133588b7a2926b71630869d602c294840f6c1379666e82b25f3354623b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 08:40:18 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 934051
alt-svc: h3=":443"; ma=86400
content-length: 117433
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jan 2020 11:21:42 GMT
server: cloudflare
vary: User-Agent,Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPCHU2aaJMsrIcLJdpL4g2BL%2BsOVo1enCtz5Kei4R31z2b39zDSq4ou15yM0WuUaSP4fFviQ6ojys5kyQUpjBR6ihssg0pO%2FGiaMCqEG05mTSIiR5KXZRDxwQzr%2BFeBUVj%2BShLqNw7w%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7fa1920a0baa1cbb-FRA
expires: Fri, 09 Aug 2024 13:12:47 GMT

GET
H2 200 stattag.js Show response
tzegilo.com/ 17 KB
7 KB 351ms
28ms Script
application/javascript 2606:4700:3036::6815:644
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tzegilo.com/stattag.js
Requested by: Host: offshuppetchan.com
URL: https://offshuppetchan.com/400/6159539
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63f957dde1ae04a83eaff7e442e693725562c4aa1062bc072b7509640ec4f663

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 08:40:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 May 2023 08:43:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2753
etag: W/"646736cf-4447"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YdLTT7G%2F0r17VpRn5a1PI3dSWdpIdqr0FWdcHR%2FLkK%2FaSAPTTXYJmig9u%2BKfYKJRm0qqWAyfCfjxPODbFktMQYo4FLgNGxlYYAar0CTx%2BZ2AxovTqtcR6uD1Pyb3g%2FI14gGLBS9Xw4mv1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7fa1920c5aba3807-FRA
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
alt-svc: h3=":443"; ma=86400

POST
H2 200 9 Show response
eedsaung.net/ 6 KB
3 KB 22ms
21ms XHR
application/json 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eedsaung.net/9?z=6159540&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fplayzhim.com.atlaq.com%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&oaid=fdff7fbb721243c480058ac09ffe90f6
Requested by: Host: eedsaung.net
URL: https://eedsaung.net/27/6fa5b21afd493e118e13c7bbdb2ef3a3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 89223a752ac1ae7f9c5968bf535abcff676b081b23d69d08a818af1271e7566a

Request headers

Referer: https://playzhim.com.atlaq.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: f105bd9cf7b3f266712cb7b8ff001453
pragma: no-cache
date: Mon, 21 Aug 2023 08:40:18 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://playzhim.com.atlaq.com
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 204 6159539 Show response
offshuppetchan.com/500/ 0
588 B 54ms
54ms XHR
text/plain 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://offshuppetchan.com/500/6159539?excludes=&oaid=fdff7fbb721243c480058ac09ffe90f6&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Fplayzhim.com.atlaq.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=3

Requested by

Host: offshuppetchan.com
URL: https://offshuppetchan.com/400/6159539

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://playzhim.com.atlaq.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 8e4b7ec85c3cd5ea664162ba11c7db3e
pragma: no-cache
date: Mon, 21 Aug 2023 08:40:18 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary: Origin
access-control-allow-origin: https://playzhim.com.atlaq.com
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 204 6159541 Show response
ossmightyenar.net/500/ 0
588 B 32ms
28ms XHR
text/plain 139.45.197.245
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ossmightyenar.net/500/6159541?excludes=&oaid=fdff7fbb721243c480058ac09ffe90f6&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Fplayzhim.com.atlaq.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=3

Requested by

Host: ossmightyenar.net
URL: https://ossmightyenar.net/401/6159541

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://playzhim.com.atlaq.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 21861344e05bf93d7fd3b12936ce2852
pragma: no-cache
date: Mon, 21 Aug 2023 08:40:18 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
vary: Origin
access-control-allow-origin: https://playzhim.com.atlaq.com
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 204 9
eedsaung.net/ Frame 0
0 40ms
13ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eedsaung.net/9?z=6159540&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fplayzhim.com.atlaq.com%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&oaid=fdff7fbb721243c480058ac09ffe90f6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://playzhim.com.atlaq.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://playzhim.com.atlaq.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
date: Mon, 21 Aug 2023 08:40:18 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: nginx

OPTIONS
H2 200 6159539
offshuppetchan.com/500/ Frame 0
0 45ms
13ms Preflight 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://playzhim.com.atlaq.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://playzhim.com.atlaq.com
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Mon, 21 Aug 2023 08:40:18 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

OPTIONS
H2 200 6159541
ossmightyenar.net/500/ Frame 0
0 69ms
14ms Preflight 139.45.197.245
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://playzhim.com.atlaq.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://playzhim.com.atlaq.com
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Mon, 21 Aug 2023 08:40:18 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H2 200 11 Show response
eedsaung.net/ 0
600 B 17ms
16ms XHR
image/jpeg 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eedsaung.net/11?rnd=1250964303&z=6159540&b=5362695&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=fK418d1nzcpgfHLv3BNcl-wICS0ErBxiplm-_MLTip3KRS_eM6cbwdBNopqMFZlQ0GMCV8LdZM22zfTenQya1lZgVJPFGLC2PHlJ1L3l_R5PwA1vis499LMKhGS9YXupGbPUJbmznvCzDzkTkYY7hAOoaZBhhwye1TrOIDSmeBktP9c9SJtts3zA_9tvGGGmnaC0Kw-ZH8RI5nHeUZnAQeNfDRzg5b2HDPQiFljSVTlJ3bI0-5QuG8XWN9RT1dPQYF1yXk4mW79c982-e2xI6nmHtu1FeX-kEX3txxcC8K7Bir98lYr9kLLedJY=&ruid=ccd78fd2-86eb-4bf0-8c06-73410069e229&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fplayzhim.com.atlaq.com%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&ot=148
Requested by: Host: eedsaung.net
URL: https://eedsaung.net/27/6fa5b21afd493e118e13c7bbdb2ef3a3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-trace-id: 6ce2d8fae68a506c9aa4155adf6ede9d
pragma: no-cache
date: Mon, 21 Aug 2023 08:40:18 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: https://playzhim.com.atlaq.com
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
interstitial-08.com/ Frame FC55 21 KB
5 KB 121ms
71ms Document
text/html 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Feedsaung.net%2F12%3Frnd%3D61039423%26z%3D6159540%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DfK418d1nzcpgfHLv3BNcl-wICS0ErBxiplm-_MLTip3KRS_eM6cbwdBNopqMFZlQ0GMCV8LdZM22zfTenQya1lZgVJPFGLC2PHlJ1L3l_R5PwA1vis499LMKhGS9YXupGbPUJbmznvCzDzkTkYY7hAOoaZBhhwye1TrOIDSmeBktP9c9SJtts3zA_9tvGGGmnaC0Kw-ZH8RI5nHeUZnAQeNfDRzg5b2HDPQiFljSVTlJ3bI0-5QuG8XWN9RT1dPQYF1yXk4mW79c982-e2xI6nmHtu1FeX-kEX3txxcC8K7Bir98lYr9kLLedJY%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dccd78fd2-86eb-4bf0-8c06-73410069e229%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fplayzhim.com.atlaq.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Requested by: Host: eedsaung.net
URL: https://eedsaung.net/27/6fa5b21afd493e118e13c7bbdb2ef3a3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.24
Resource Hash: 0393c9fa43283533a6f817ae34bbfba69dc76997b72f48ad617d42093ad68db8

Request headers

Referer: https://playzhim.com.atlaq.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 21 Aug 2023 08:40:18 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/7.4.24

POST
H2 200 custom Show response
ibrapush.com/ 39 B
330 B 21ms
20ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ibrapush.com/custom

Requested by

Host: playzhim.com.atlaq.com
URL: https://playzhim.com.atlaq.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://playzhim.com.atlaq.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: f93090339ef4c0bd95a061c30fd874f6
date: Mon, 21 Aug 2023 08:40:18 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://playzhim.com.atlaq.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

GET
H3 200 sw.js Show response
playzhim.com.atlaq.com/ 5 KB
3 KB 391ms
390ms Fetch
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://playzhim.com.atlaq.com/sw.js

Requested by

Host: playzhim.com.atlaq.com
URL: https://playzhim.com.atlaq.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fee5eb745ab3f5e44914bdd6053be4d8cbc9165e1c1bb014e5d199930f84fc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 08:40:19 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 25 Jul 2023 06:50:27 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent,Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-expose-headers: Content-Disposition
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OpFzLtBFdkhs87o%2B4goWyoRntkxUiQW95gDy1CLcP4n2r%2Bl9Nf9PuD0oyWvLE2hI3yZ6Vqw0NDuI4vbEKcpNcSfObbjWX7g5UPrrZE5Wdhz8Hm4uCAufY5A4za78TYLRubd%2BHpiI8vTFAWS2lTAHNPVXgd75"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 7fa1920c9ee01cbb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Authorization, Accept
expires: Mon, 28 Aug 2023 08:40:18 GMT

OPTIONS
H2 200 custom
ibrapush.com/ Frame 0
0 18ms
17ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ibrapush.com/custom
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://playzhim.com.atlaq.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://playzhim.com.atlaq.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Mon, 21 Aug 2023 08:40:18 GMT
server: nginx

POST
H/1.1 200
OK add Show response
fleraprt.com/log/ 12 B
492 B 68ms
22ms XHR
application/json 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by: Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer: https://playzhim.com.atlaq.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 21 Aug 2023 08:41:16 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://playzhim.com.atlaq.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 12

GET
H3 200 logo.png
atlaq.com/ 115 KB
115 KB 27ms
26ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://atlaq.com/logo.png

Requested by

Host: playzhim.com.atlaq.com
URL: https://playzhim.com.atlaq.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ae2cb133588b7a2926b71630869d602c294840f6c1379666e82b25f3354623b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 08:40:18 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 934051
alt-svc: h3=":443"; ma=86400
content-length: 117433
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jan 2020 11:21:42 GMT
server: cloudflare
vary: User-Agent,Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QsI7BmFSMJyinQ4hQjVyro8HD3bAPE%2BjNK8Yb4eV1RATq3RSLtJTq9%2BZJcZDD6uiJFM2CBVYM3mQJ6IZDtQ9Ma4S878XEDFsJUxkWKX21mBnnm%2BZziVhwNVFhsHkg4%2F0%2Bx1T5Gm84SE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7fa1920d0f6a1cbb-FRA
expires: Fri, 09 Aug 2024 13:12:47 GMT

GET
H2 200 style.css
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/ Frame FC55 12 KB
3 KB 96ms
36ms Stylesheet
text/css 2606:4700:10::6816:1874
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/style.css?v=1518177503492
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Feedsaung.net%2F12%3Frnd%3D61039423%26z%3D6159540%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DfK418d1nzcpgfHLv3BNcl-wICS0ErBxiplm-_MLTip3KRS_eM6cbwdBNopqMFZlQ0GMCV8LdZM22zfTenQya1lZgVJPFGLC2PHlJ1L3l_R5PwA1vis499LMKhGS9YXupGbPUJbmznvCzDzkTkYY7hAOoaZBhhwye1TrOIDSmeBktP9c9SJtts3zA_9tvGGGmnaC0Kw-ZH8RI5nHeUZnAQeNfDRzg5b2HDPQiFljSVTlJ3bI0-5QuG8XWN9RT1dPQYF1yXk4mW79c982-e2xI6nmHtu1FeX-kEX3txxcC8K7Bir98lYr9kLLedJY%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dccd78fd2-86eb-4bf0-8c06-73410069e229%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fplayzhim.com.atlaq.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1874 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12ec824a66b6ad652e1cf0952853b6ba3053dd76a84bbcf4bdb3c055e411c78

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 08:40:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Aug 2023 14:18:39 GMT
server: cloudflare
age: 6050
etag: W/"64d6433f-30c9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-ray: 7fa1920daa7abb74-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 audible.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame FC55 3 KB
3 KB 102ms
42ms Image
image/png 2606:4700:10::6816:1874
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/audible.png
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Feedsaung.net%2F12%3Frnd%3D61039423%26z%3D6159540%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DfK418d1nzcpgfHLv3BNcl-wICS0ErBxiplm-_MLTip3KRS_eM6cbwdBNopqMFZlQ0GMCV8LdZM22zfTenQya1lZgVJPFGLC2PHlJ1L3l_R5PwA1vis499LMKhGS9YXupGbPUJbmznvCzDzkTkYY7hAOoaZBhhwye1TrOIDSmeBktP9c9SJtts3zA_9tvGGGmnaC0Kw-ZH8RI5nHeUZnAQeNfDRzg5b2HDPQiFljSVTlJ3bI0-5QuG8XWN9RT1dPQYF1yXk4mW79c982-e2xI6nmHtu1FeX-kEX3txxcC8K7Bir98lYr9kLLedJY%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dccd78fd2-86eb-4bf0-8c06-73410069e229%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fplayzhim.com.atlaq.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1874 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 871975b8040629c7b43de81b1a0878f40991ec2f49caddd6441b5d1f8322aeed

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 08:40:18 GMT
cf-cache-status: HIT
age: 6050
content-length: 3429
last-modified: Fri, 11 Aug 2023 14:18:39 GMT
server: cloudflare
etag: "64d6433f-d65"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 7fa1920daa7fbb74-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 0100657458245.jpeg
interstitial-08.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/ Frame FC55 52 KB
53 KB 37ms
17ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/0100657458245.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Feedsaung.net%2F12%3Frnd%3D61039423%26z%3D6159540%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DfK418d1nzcpgfHLv3BNcl-wICS0ErBxiplm-_MLTip3KRS_eM6cbwdBNopqMFZlQ0GMCV8LdZM22zfTenQya1lZgVJPFGLC2PHlJ1L3l_R5PwA1vis499LMKhGS9YXupGbPUJbmznvCzDzkTkYY7hAOoaZBhhwye1TrOIDSmeBktP9c9SJtts3zA_9tvGGGmnaC0Kw-ZH8RI5nHeUZnAQeNfDRzg5b2HDPQiFljSVTlJ3bI0-5QuG8XWN9RT1dPQYF1yXk4mW79c982-e2xI6nmHtu1FeX-kEX3txxcC8K7Bir98lYr9kLLedJY%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dccd78fd2-86eb-4bf0-8c06-73410069e229%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fplayzhim.com.atlaq.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Feedsaung.net%2F12%3Frnd%3D61039423%26z%3D6159540%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DfK418d1nzcpgfHLv3BNcl-wICS0ErBxiplm-_MLTip3KRS_eM6cbwdBNopqMFZlQ0GMCV8LdZM22zfTenQya1lZgVJPFGLC2PHlJ1L3l_R5PwA1vis499LMKhGS9YXupGbPUJbmznvCzDzkTkYY7hAOoaZBhhwye1TrOIDSmeBktP9c9SJtts3zA_9tvGGGmnaC0Kw-ZH8RI5nHeUZnAQeNfDRzg5b2HDPQiFljSVTlJ3bI0-5QuG8XWN9RT1dPQYF1yXk4mW79c982-e2xI6nmHtu1FeX-kEX3txxcC8K7Bir98lYr9kLLedJY%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dccd78fd2-86eb-4bf0-8c06-73410069e229%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fplayzhim.com.atlaq.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 08:40:18 GMT
last-modified: Thu, 31 Jan 2019 11:14:34 GMT
server: nginx
etag: "5c52d89a-d0e0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 53472

GET
H2 200 0933414948049.jpeg
interstitial-08.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/ Frame FC55 14 KB
15 KB 50ms
30ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/0933414948049.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Feedsaung.net%2F12%3Frnd%3D61039423%26z%3D6159540%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DfK418d1nzcpgfHLv3BNcl-wICS0ErBxiplm-_MLTip3KRS_eM6cbwdBNopqMFZlQ0GMCV8LdZM22zfTenQya1lZgVJPFGLC2PHlJ1L3l_R5PwA1vis499LMKhGS9YXupGbPUJbmznvCzDzkTkYY7hAOoaZBhhwye1TrOIDSmeBktP9c9SJtts3zA_9tvGGGmnaC0Kw-ZH8RI5nHeUZnAQeNfDRzg5b2HDPQiFljSVTlJ3bI0-5QuG8XWN9RT1dPQYF1yXk4mW79c982-e2xI6nmHtu1FeX-kEX3txxcC8K7Bir98lYr9kLLedJY%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dccd78fd2-86eb-4bf0-8c06-73410069e229%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fplayzhim.com.atlaq.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Feedsaung.net%2F12%3Frnd%3D61039423%26z%3D6159540%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DfK418d1nzcpgfHLv3BNcl-wICS0ErBxiplm-_MLTip3KRS_eM6cbwdBNopqMFZlQ0GMCV8LdZM22zfTenQya1lZgVJPFGLC2PHlJ1L3l_R5PwA1vis499LMKhGS9YXupGbPUJbmznvCzDzkTkYY7hAOoaZBhhwye1TrOIDSmeBktP9c9SJtts3zA_9tvGGGmnaC0Kw-ZH8RI5nHeUZnAQeNfDRzg5b2HDPQiFljSVTlJ3bI0-5QuG8XWN9RT1dPQYF1yXk4mW79c982-e2xI6nmHtu1FeX-kEX3txxcC8K7Bir98lYr9kLLedJY%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dccd78fd2-86eb-4bf0-8c06-73410069e229%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fplayzhim.com.atlaq.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 08:40:18 GMT
last-modified: Wed, 15 Aug 2018 10:56:50 GMT
server: nginx
etag: "5b7406f2-393b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 14651

GET
H2 200 0350025199145.jpeg
interstitial-08.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/ Frame FC55 35 KB
35 KB 50ms
30ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/0350025199145.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Feedsaung.net%2F12%3Frnd%3D61039423%26z%3D6159540%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DfK418d1nzcpgfHLv3BNcl-wICS0ErBxiplm-_MLTip3KRS_eM6cbwdBNopqMFZlQ0GMCV8LdZM22zfTenQya1lZgVJPFGLC2PHlJ1L3l_R5PwA1vis499LMKhGS9YXupGbPUJbmznvCzDzkTkYY7hAOoaZBhhwye1TrOIDSmeBktP9c9SJtts3zA_9tvGGGmnaC0Kw-ZH8RI5nHeUZnAQeNfDRzg5b2HDPQiFljSVTlJ3bI0-5QuG8XWN9RT1dPQYF1yXk4mW79c982-e2xI6nmHtu1FeX-kEX3txxcC8K7Bir98lYr9kLLedJY%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dccd78fd2-86eb-4bf0-8c06-73410069e229%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fplayzhim.com.atlaq.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Feedsaung.net%2F12%3Frnd%3D61039423%26z%3D6159540%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DfK418d1nzcpgfHLv3BNcl-wICS0ErBxiplm-_MLTip3KRS_eM6cbwdBNopqMFZlQ0GMCV8LdZM22zfTenQya1lZgVJPFGLC2PHlJ1L3l_R5PwA1vis499LMKhGS9YXupGbPUJbmznvCzDzkTkYY7hAOoaZBhhwye1TrOIDSmeBktP9c9SJtts3zA_9tvGGGmnaC0Kw-ZH8RI5nHeUZnAQeNfDRzg5b2HDPQiFljSVTlJ3bI0-5QuG8XWN9RT1dPQYF1yXk4mW79c982-e2xI6nmHtu1FeX-kEX3txxcC8K7Bir98lYr9kLLedJY%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dccd78fd2-86eb-4bf0-8c06-73410069e229%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fplayzhim.com.atlaq.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 08:40:18 GMT
last-modified: Tue, 17 Jul 2018 10:46:08 GMT
server: nginx
etag: "5b4dc8f0-8b17"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 35607

GET
H2 200 01289039865190.jpeg
interstitial-08.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/ Frame FC55 49 KB
50 KB 51ms
31ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/01289039865190.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Feedsaung.net%2F12%3Frnd%3D61039423%26z%3D6159540%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DfK418d1nzcpgfHLv3BNcl-wICS0ErBxiplm-_MLTip3KRS_eM6cbwdBNopqMFZlQ0GMCV8LdZM22zfTenQya1lZgVJPFGLC2PHlJ1L3l_R5PwA1vis499LMKhGS9YXupGbPUJbmznvCzDzkTkYY7hAOoaZBhhwye1TrOIDSmeBktP9c9SJtts3zA_9tvGGGmnaC0Kw-ZH8RI5nHeUZnAQeNfDRzg5b2HDPQiFljSVTlJ3bI0-5QuG8XWN9RT1dPQYF1yXk4mW79c982-e2xI6nmHtu1FeX-kEX3txxcC8K7Bir98lYr9kLLedJY%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dccd78fd2-86eb-4bf0-8c06-73410069e229%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fplayzhim.com.atlaq.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Feedsaung.net%2F12%3Frnd%3D61039423%26z%3D6159540%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DfK418d1nzcpgfHLv3BNcl-wICS0ErBxiplm-_MLTip3KRS_eM6cbwdBNopqMFZlQ0GMCV8LdZM22zfTenQya1lZgVJPFGLC2PHlJ1L3l_R5PwA1vis499LMKhGS9YXupGbPUJbmznvCzDzkTkYY7hAOoaZBhhwye1TrOIDSmeBktP9c9SJtts3zA_9tvGGGmnaC0Kw-ZH8RI5nHeUZnAQeNfDRzg5b2HDPQiFljSVTlJ3bI0-5QuG8XWN9RT1dPQYF1yXk4mW79c982-e2xI6nmHtu1FeX-kEX3txxcC8K7Bir98lYr9kLLedJY%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dccd78fd2-86eb-4bf0-8c06-73410069e229%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fplayzhim.com.atlaq.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 08:40:18 GMT
last-modified: Thu, 31 Jan 2019 11:14:34 GMT
server: nginx
etag: "5c52d89a-c502"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 50434

GET
H2 200 player.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame FC55 28 KB
28 KB 71ms
39ms Image
image/png 2606:4700:10::6816:1874
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/player.png
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Feedsaung.net%2F12%3Frnd%3D61039423%26z%3D6159540%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DfK418d1nzcpgfHLv3BNcl-wICS0ErBxiplm-_MLTip3KRS_eM6cbwdBNopqMFZlQ0GMCV8LdZM22zfTenQya1lZgVJPFGLC2PHlJ1L3l_R5PwA1vis499LMKhGS9YXupGbPUJbmznvCzDzkTkYY7hAOoaZBhhwye1TrOIDSmeBktP9c9SJtts3zA_9tvGGGmnaC0Kw-ZH8RI5nHeUZnAQeNfDRzg5b2HDPQiFljSVTlJ3bI0-5QuG8XWN9RT1dPQYF1yXk4mW79c982-e2xI6nmHtu1FeX-kEX3txxcC8K7Bir98lYr9kLLedJY%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dccd78fd2-86eb-4bf0-8c06-73410069e229%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fplayzhim.com.atlaq.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1874 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1eb8cf889202f439bb6bd1a03049b2e71953c7c0a5aadddde498cbea9bcadac

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 08:40:18 GMT
cf-cache-status: HIT
age: 1918
content-length: 28527
last-modified: Fri, 11 Aug 2023 14:18:39 GMT
server: cloudflare
etag: "64d6433f-6f6f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 7fa1920daa7dbb74-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 script.js Show response
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/ Frame FC55 1 KB
562 B 79ms
44ms Script
application/javascript 2606:4700:10::6816:1874
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/script.js?v=1518177503494
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Feedsaung.net%2F12%3Frnd%3D61039423%26z%3D6159540%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DfK418d1nzcpgfHLv3BNcl-wICS0ErBxiplm-_MLTip3KRS_eM6cbwdBNopqMFZlQ0GMCV8LdZM22zfTenQya1lZgVJPFGLC2PHlJ1L3l_R5PwA1vis499LMKhGS9YXupGbPUJbmznvCzDzkTkYY7hAOoaZBhhwye1TrOIDSmeBktP9c9SJtts3zA_9tvGGGmnaC0Kw-ZH8RI5nHeUZnAQeNfDRzg5b2HDPQiFljSVTlJ3bI0-5QuG8XWN9RT1dPQYF1yXk4mW79c982-e2xI6nmHtu1FeX-kEX3txxcC8K7Bir98lYr9kLLedJY%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dccd78fd2-86eb-4bf0-8c06-73410069e229%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fplayzhim.com.atlaq.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D0%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1874 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55c72f42fc6ee2c502a5f86fe215690719ce746f383ec8551af1f1fb66252b2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 08:40:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Aug 2023 14:18:39 GMT
server: cloudflare
age: 6396
etag: W/"64d6433f-58b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-ray: 7fa1920daa7cbb74-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

POST
H2 200 custom Show response
ibrapush.com/ 39 B
330 B 48ms
14ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ibrapush.com/custom

Requested by

Host: playzhim.com.atlaq.com
URL: https://playzhim.com.atlaq.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://playzhim.com.atlaq.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 8db4864e9d1d8e680f3038100951133b
date: Mon, 21 Aug 2023 08:40:18 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://playzhim.com.atlaq.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

OPTIONS
H2 200 custom
ibrapush.com/ Frame 0
0 78ms
0ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ibrapush.com/custom
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://playzhim.com.atlaq.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://playzhim.com.atlaq.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Mon, 21 Aug 2023 08:40:18 GMT
server: nginx

POST
H2 200 custom Show response
ibrapush.com/ 39 B
330 B 15ms
13ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ibrapush.com/custom

Requested by

Host: playzhim.com.atlaq.com
URL: https://playzhim.com.atlaq.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://playzhim.com.atlaq.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 131096a8a5aa81ad4d3f555235135bda
date: Mon, 21 Aug 2023 08:40:19 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://playzhim.com.atlaq.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

OPTIONS
H2 200 custom
ibrapush.com/ Frame 0
0 18ms
12ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ibrapush.com/custom
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://playzhim.com.atlaq.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://playzhim.com.atlaq.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Mon, 21 Aug 2023 08:40:19 GMT
server: nginx

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
548 B 14ms
14ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=fde33e3093144ea7a5c963c280a5a8af&zoneId=6159542&checkDuplicate=true&ymid=&var=

Requested by

Host: playzhim.com.atlaq.com
URL: https://playzhim.com.atlaq.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

a4574f4cb236c2f61da86ed49d2c8e50e16d9b62010b3dff83a1b12dd549a48a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://playzhim.com.atlaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 08:40:19 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://playzhim.com.atlaq.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: traffic.alexa.com
URL: https://traffic.alexa.com/graph?w=260&h=190&o=f&c=1&y=t&b=f5f5f5&n=666666&r=2y&u=playzhim.com

Domain: traffic.alexa.com
URL: https://traffic.alexa.com/graph?w=260&h=190&o=f&c=1&y=q&b=f5f5f5&n=666666&r=2y&u=playzhim.com

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.atlaq.com/	1970-01-20 23:46:07	Name: _ga_FPZ0VEL1WQ Value: GS1.1.1692607218.1.0.1692607218.60.0.0
.atlaq.com/	1970-01-20 23:46:07	Name: _ga Value: GA1.2.980917811.1692607218
.atlaq.com/	1970-01-20 14:11:33	Name: _gid Value: GA1.2.609217712.1692607218
.atlaq.com/	1970-01-20 14:10:07	Name: _gat_gtag_UA_85346163_2 Value: 1
my.rtmark.net/	1970-01-20 22:55:43	Name: ID Value: fdff7fbb721243c480058ac09ffe90f6
playzhim.com.atlaq.com/	1970-01-20 14:10:07	Name: prefetchAd_6159538 Value: true
eedsaung.net/	1970-01-20 22:55:43	Name: scm Value: 1
eedsaung.net/	1970-01-20 22:55:43	Name: oaidts Value: 1692607218
veepteero.com/	1970-01-20 22:55:43	Name: OAID Value: fdff7fbb721243c480058ac09ffe90f6
veepteero.com/	1970-01-20 22:55:43	Name: oaidts Value: 1692607218
veepteero.com/	1970-01-20 14:20:12	Name: syncedCookie Value: true
eedsaung.net/	1970-01-20 22:55:43	Name: OAID Value: fdff7fbb721243c480058ac09ffe90f6
offshuppetchan.com/	1970-01-20 22:55:43	Name: OAID Value: fdff7fbb721243c480058ac09ffe90f6
ossmightyenar.net/	1970-01-20 22:55:43	Name: OAID Value: fdff7fbb721243c480058ac09ffe90f6

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://playzhim.com.atlaq.com/(Line 341) Message: Mixed Content: The page at 'https://playzhim.com.atlaq.com/' was loaded over HTTPS, but requested an insecure element 'http://mondobalneare.com/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://playzhim.com.atlaq.com/(Line 341) Message: Mixed Content: The page at 'https://playzhim.com.atlaq.com/' was loaded over HTTPS, but requested an insecure element 'http://moneygoals.srl/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://playzhim.com.atlaq.com/(Line 341) Message: Mixed Content: The page at 'https://playzhim.com.atlaq.com/' was loaded over HTTPS, but requested an insecure element 'http://musicusata.it/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://playzhim.com.atlaq.com/(Line 341) Message: Mixed Content: The page at 'https://playzhim.com.atlaq.com/' was loaded over HTTPS, but requested an insecure element 'http://myjazzedge.com/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://playzhim.com.atlaq.com/(Line 341) Message: Mixed Content: The page at 'https://playzhim.com.atlaq.com/' was loaded over HTTPS, but requested an insecure element 'http://mymarsh.it/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://playzhim.com.atlaq.com/(Line 341) Message: Mixed Content: The page at 'https://playzhim.com.atlaq.com/' was loaded over HTTPS, but requested an insecure element 'http://mondobalneare.com/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://playzhim.com.atlaq.com/(Line 341) Message: Mixed Content: The page at 'https://playzhim.com.atlaq.com/' was loaded over HTTPS, but requested an insecure element 'http://moneygoals.srl/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://playzhim.com.atlaq.com/(Line 341) Message: Mixed Content: The page at 'https://playzhim.com.atlaq.com/' was loaded over HTTPS, but requested an insecure element 'http://musicusata.it/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://playzhim.com.atlaq.com/(Line 341) Message: Mixed Content: The page at 'https://playzhim.com.atlaq.com/' was loaded over HTTPS, but requested an insecure element 'http://myjazzedge.com/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://playzhim.com.atlaq.com/(Line 341) Message: Mixed Content: The page at 'https://playzhim.com.atlaq.com/' was loaded over HTTPS, but requested an insecure element 'http://mymarsh.it/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://traffic.alexa.com/graph?w=260&h=190&o=f&c=1&y=t&b=f5f5f5&n=666666&r=2y&u=playzhim.com Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://traffic.alexa.com/graph?w=260&h=190&o=f&c=1&y=q&b=f5f5f5&n=666666&r=2y&u=playzhim.com Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://www.moneygoals.srl/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mymarsh.it/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alwingulla.com
atlaq.com
eedsaung.net
fleraprt.com
ibrapush.com
interstitial-08.com
littlecdn.com
mondobalneare.com
moneygoals.srl
musicusata.it
my.rtmark.net
myjazzedge.com
mymarsh.it
offshuppetchan.com
ossmightyenar.net
playzhim.com.atlaq.com
region1.analytics.google.com
stats.g.doubleclick.net
traffic.alexa.com
tzegilo.com
veepteero.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.mondobalneare.com
www.moneygoals.srl
traffic.alexa.com
139.45.195.254
139.45.195.8
139.45.197.151
139.45.197.242
139.45.197.243
139.45.197.245
139.45.197.250
141.193.213.11
168.168.48.226
2001:4860:4802:34::36
2606:4700:10::6816:1874
2606:4700:3036::6815:644
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2004
2a00:1450:4001:82b::200e
2a00:1450:400c:c0c::9c
2a06:98c1:3120::3
35.214.213.233
46.254.38.46
89.46.108.66
01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c
0393c9fa43283533a6f817ae34bbfba69dc76997b72f48ad617d42093ad68db8
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
192a30c1213ff7d065072905c687e8cc6d5ceafd7d70ace96321b1d2fb8f2c8e
1f807cd9d5d8475f4ec107c17a62318927277940eb8bfe1d386ec97ad4cb9f57
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
28a913124089c51c2399dd66aa9f3125bb11a0780d3254fb5916ae084a0181b0
3550474f9a466ace7857064d81db50a25ba7c81de043bc9df8289bd90e32e411
3b2ba18850ca8c49dbf1d674a27c2e7f4817594a73e926f29dc2de36661eb627
55c72f42fc6ee2c502a5f86fe215690719ce746f383ec8551af1f1fb66252b2e
63f957dde1ae04a83eaff7e442e693725562c4aa1062bc072b7509640ec4f663
6bf15f50de06f31bfe1aa13f350827c902bbad10679c39d32a16f962850fb02b
7ae2cb133588b7a2926b71630869d602c294840f6c1379666e82b25f3354623b
7fee5eb745ab3f5e44914bdd6053be4d8cbc9165e1c1bb014e5d199930f84fc9
834e2ce15c23b74e6ab4ff40fc5371c2e5c70958ac684540d9e2aaebcc2e8161
871975b8040629c7b43de81b1a0878f40991ec2f49caddd6441b5d1f8322aeed
89223a752ac1ae7f9c5968bf535abcff676b081b23d69d08a818af1271e7566a
89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568
9248f5602f140185b4b11ffde8982a2a3886c2f40602c26a7aaeb8bba4806f38
9dbfa89441cd176227b1f09f2f139e21ce280ba5f29b7c4d34de172d6bf38f24
a41faa8cef68b072f882071ffefa745a70a472fd60bd33e7dac96e44f5f4c6ef
a4574f4cb236c2f61da86ed49d2c8e50e16d9b62010b3dff83a1b12dd549a48a
ab43713e8d01640060652696ea16c0b7e6fa7ca0476413466a376ab82e58d254
ae8fffba093737e5f972224e1a9a3b34ae2dc532cf8d9108a4545566d181876f
b22616ae4c019e32dc25954c9eff5f316c30e4e3ed4e8f5798d0996629f49276
bc35da1a635dd9b9aff1d7b10cde56896aef1e9a7cc77cf1d7a6accc59b22459
bd300473a295a173716b1b182aed7c14e3551f7400360dd5f694115683ccd41c
be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238
d12ec824a66b6ad652e1cf0952853b6ba3053dd76a84bbcf4bdb3c055e411c78
d1eb8cf889202f439bb6bd1a03049b2e71953c7c0a5aadddde498cbea9bcadac
dde8aed668f935bf1d484dd072305b5bf909ced8d439d74fb87034765d17cbcc
de05a6b410fc5f239f73a88ce48dd1bd77e3ade8379e5c5eae38aaa5845a5fe5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f27b22e45e4667654ec338929b428f7dd883bcbce30aa6b644d8f97b524987c8
f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

playzhim.com.atlaq.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

60 Requests

93 %HTTPS

43 %IPv6

23 Domains

27 Subdomains

22 IPs

7 Countries

1030 kBTransfer

1925 kBSize

14 Cookies

14 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

playzhim.com.atlaq.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

93 %
HTTPS

43 %
IPv6

23
Domains

27
Subdomains

22
IPs

7
Countries

1030 kB
Transfer

1925 kB
Size

14
Cookies

60 HTTP transactions
1 data transactions