hebeboard.aino.pk Open in urlscan Pro
45.14.224.146 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://hebeboard.aino.pk/
Submission: On February 20 via manual (February 20th 2022, 2:33:10 pm UTC) from RU — Scanned from NL

Summary HTTP 73 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 22 domains to perform 73 HTTP transactions. The main IP is 45.14.224.146, located in Amsterdam, Netherlands and belongs to SPECTRAIP SpectraIP B.V., NL. The main domain is hebeboard.aino.pk.

This is the only time hebeboard.aino.pk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	45.14.224.146 45.14.224.146	62068 (SPECTRAIP...) (SPECTRAIP SpectraIP B.V.)
8	2606:4700:303... 2606:4700:3032::6815:28ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.243.59.20 192.243.59.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
7	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1178:1:4... 2a00:1178:1:4b::f	35415 (WEBZILLA) (WEBZILLA)
2 6	2606:4700::68... 2606:4700::6812:4cf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.104.29.90 172.104.29.90	63949 (LINODE-AP...) (LINODE-AP Linode)
11	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2 2	2606:4700:303... 2606:4700:3030::ac43:d46f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:303... 2606:4700:3033::6815:48f8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:50c0:800... 2606:50c0:8000::153	54113 (FASTLY) (FASTLY)
4	2a02:b4a:1:7:... 2a02:b4a:1:7::5647:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	45.133.44.32 45.133.44.32	7018 (ATT-INTER...) (ATT-INTERNET4)
1	109.206.162.211 109.206.162.211	50245 (SERVEREL-AS) (SERVEREL-AS)
2	88.208.59.102 88.208.59.102	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	109.206.168.17 109.206.168.17	50245 (SERVEREL-AS) (SERVEREL-AS)
73	21

3 45.14.224.146 (Amsterdam, Netherlands)

ASN62068 (SPECTRAIP SpectraIP B.V., NL)
PTR: hosted-by.spectraip.net

hebeboard.aino.pk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cricketlive.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3032::6815:28ba (United States)

ASN13335 (CLOUDFLARENET, US)

fastcdn.jdi5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
counter.jdi5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imgcdn1.jdi5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

pl15024262.performancetrustednetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

widget.supercounters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
funnyfoto.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1178:1:4b::f (Netherlands) 2 redirects

ASN35415 (WEBZILLA, NL)

fagywalu.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:4cf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

thumbs2.redgifs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.104.29.90 (Cedar Knolls, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1848-90.members.linode.com

www.supercounters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::ac43:d46f (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ad.jetx.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3033::6815:48f8 (United States)

ASN13335 (CLOUDFLARENET, US)

1337x2.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

yqmxfz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:50c0:8000::153 (United States)

ASN54113 (FASTLY, US)

afarkas.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:b4a:1:7::5647:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

yfetyg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.32 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

i.wmgtr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.162.211 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 211.162.serverel.net

js.cdnspace.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.208.59.102 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

23426.yulunanews.name	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.168.17 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.168.17.serverel.net

jswww.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	99 KB
8	jdi5.com fastcdn.jdi5.com counter.jdi5.com imgcdn1.jdi5.com	9 KB
6	1337x2.xyz 1337x2.xyz	6 KB
6	redgifs.com 2 redirects thumbs2.redgifs.com — Cisco Umbrella Rank: 65391	986 KB
6	googletagmanager.com 1 redirects www.googletagmanager.com — Cisco Umbrella Rank: 50	183 KB
6	supercounters.com widget.supercounters.com — Cisco Umbrella Rank: 197016 www.supercounters.com — Cisco Umbrella Rank: 188464	7 KB
4	yfetyg.com yfetyg.com — Cisco Umbrella Rank: 53456	908 B
4	fagywalu.pro 2 redirects fagywalu.pro	1 KB
3	funnyfoto.me funnyfoto.me	4 KB
2	yulunanews.name 23426.yulunanews.name	31 KB
2	wmgtr.com i.wmgtr.com — Cisco Umbrella Rank: 13447	23 KB
2	github.io afarkas.github.io — Cisco Umbrella Rank: 132129	7 KB
2	yqmxfz.com yqmxfz.com — Cisco Umbrella Rank: 59532	91 KB
2	google.nl www.google.nl — Cisco Umbrella Rank: 9098	608 B
2	google.com www.google.com — Cisco Umbrella Rank: 2	608 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 67	513 B
2	jetx.info 2 redirects ad.jetx.info	2 KB
2	performancetrustednetwork.com pl15024262.performancetrustednetwork.com
2	aino.pk hebeboard.aino.pk	9 KB
1	jswww.net jswww.net — Cisco Umbrella Rank: 501646	79 B
1	cdnspace.io js.cdnspace.io — Cisco Umbrella Rank: 455411	28 KB
1	cricketlive.top cricketlive.top	440 B
73	22

	Domain	Requested by
11	www.google-analytics.com	counter.jdi5.com www.google-analytics.com hebeboard.aino.pk www.googletagmanager.com
6	1337x2.xyz	hebeboard.aino.pk
6	thumbs2.redgifs.com	2 redirects hebeboard.aino.pk
6	www.googletagmanager.com	1 redirects hebeboard.aino.pk 1337x2.xyz funnyfoto.me
4	yfetyg.com	yqmxfz.com
4	fagywalu.pro	2 redirects hebeboard.aino.pk
4	counter.jdi5.com	hebeboard.aino.pk counter.jdi5.com
4	widget.supercounters.com	hebeboard.aino.pk widget.supercounters.com
3	funnyfoto.me	afarkas.github.io 1337x2.xyz
2	23426.yulunanews.name	cricketlive.top 23426.yulunanews.name
2	i.wmgtr.com	1337x2.xyz yqmxfz.com
2	afarkas.github.io	1337x2.xyz
2	yqmxfz.com	1337x2.xyz
2	www.google.nl	hebeboard.aino.pk
2	www.google.com	hebeboard.aino.pk
2	imgcdn1.jdi5.com	hebeboard.aino.pk counter.jdi5.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	ad.jetx.info	2 redirects
2	www.supercounters.com	widget.supercounters.com
2	pl15024262.performancetrustednetwork.com	hebeboard.aino.pk
2	fastcdn.jdi5.com	hebeboard.aino.pk
2	hebeboard.aino.pk	hebeboard.aino.pk
1	jswww.net	js.cdnspace.io
1	js.cdnspace.io	funnyfoto.me
1	cricketlive.top	afarkas.github.io
73	25

This site contains links to these domains. Also see Links.

Domain
youngtube.wapka.top
camnude.chaturbate.com
topanime.mywibes.com
cutiegarden.wapka.site
ouo.io
imgview.net
imgmaze.com
www.kqzyfj.com
imgrock.net
cpmlink.net
chaturbate.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-14` - `2022-09-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.github.com DigiCert SHA2 High Assurance Server CA	`2020-05-06` - `2022-04-14`	2 years	crt.sh
yfetyg.com R3	`2022-01-14` - `2022-04-14`	3 months	crt.sh
i.wmgtr.com R3	`2021-12-27` - `2022-03-27`	3 months	crt.sh
cricketlive.top R3	`2022-01-23` - `2022-04-23`	3 months	crt.sh
cdnspace.io R3	`2021-12-28` - `2022-03-28`	3 months	crt.sh
*.yulunanews.name R3	`2021-12-08` - `2022-03-08`	3 months	crt.sh
jswww.net R3	`2022-02-12` - `2022-05-13`	3 months	crt.sh

This page contains 8 frames:

Primary Page: http://hebeboard.aino.pk/
Frame ID: 088C95E050BFDF133A4C57CE3A1E2273
Requests: 23 HTTP requests in this frame

Frame: https://1337x2.xyz/user/riick/
Frame ID: 000171A36C11377B91933805A5FDDC86
Requests: 10 HTTP requests in this frame

Frame: http://hebeboard.aino.pk/
Frame ID: F3DC662A0460E922091B1E98230039F1
Requests: 17 HTTP requests in this frame

Frame: https://1337x2.xyz/torrent/5154222/Us-2019-UHD-BluRay-2160p-TrueHD-Atmos-7-1-HEVC-REMUX-FraMeSToR-RiCK/
Frame ID: 37E5E00AC0EDFC22757368A326CAE0CA
Requests: 11 HTTP requests in this frame

Frame: https://funnyfoto.me/2019/02/desi-mutton-karahi.html
Frame ID: 3A6B4106667DF5B0D0C1E4AA3EB9BD1D
Requests: 7 HTTP requests in this frame

Frame: https://i.wmgtr.com/cic/V1JJoi0Pz0ntTGcgY5gRdqmHlkO-qOrM.png
Frame ID: D786D1B00FADD0AC736AAE16E10CB859
Requests: 1 HTTP requests in this frame

Frame: https://i.wmgtr.com/cic/V1JJoi0Pz0ntTGcgY5gRdqmHlkO-qOrM.png
Frame ID: AE36D821019BA4BE7216270CEBA037AD
Requests: 1 HTTP requests in this frame

Frame: https://cricketlive.top/a-ads.php
Frame ID: 98E9791704CC69822CE0840E632C444F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

hebeboard.aino.pk

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

73
Requests

60 %
HTTPS

67 %
IPv6

22
Domains

25
Subdomains

21
IPs

4
Countries

1487 kB
Transfer

8874 kB
Size

5
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: http://youngtube.wapka.top/
Title: GUTIEGARDENS

Search URL Search Domain Scan URL

URL: http://youngtube.wapka.top/young
Title: YUONGTUBE

Search URL Search Domain Scan URL

URL: http://camnude.chaturbate.com/
Title: TEEN GIRLS

Search URL Search Domain Scan URL

URL: http://topanime.mywibes.com/
Title: 180chan

Search URL Search Domain Scan URL

URL: http://cutiegarden.wapka.site/
Title: 155chan

Search URL Search Domain Scan URL

URL: http://ouo.io/srTOTG
Title: HostGator Web Hosting

Search URL Search Domain Scan URL

URL: http://imgview.net/0ovl2x75bqwq/AmourAngels-0002.jpg.html
Title: FREE Web Masha Babko

Search URL Search Domain Scan URL

URL: http://imgmaze.com/c0ddbtxvflqz/16h8byp.jpg.html
Title: 100TB VIDEO GIrls

Search URL Search Domain Scan URL

URL: http://www.kqzyfj.com/click-1853554-11768630
Title: XXX Hosting

Search URL Search Domain Scan URL

URL: http://imgrock.net/cdksl217xnz1/001.jpg.html
Title: TEEN Hosting

Search URL Search Domain Scan URL

URL: http://cpmlink.net/ibdpAQ
Title: siberian mouses

Search URL Search Domain Scan URL

URL: http://chaturbate.com/accounts/model_register/?tour=NwNd&disable_sound=0&campaign=ldZ4M
Title: REGISTRATION MODEL

Search URL Search Domain Scan URL

URL: http://camnude.chaturbate.com/accounts/register/
Title: REGISTRATION USER

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://www.googletagmanager.com/gtag/js?id=UA-46789381-15 HTTP 302
https://www.googletagmanager.com/gtag/js?id=UA-46789381-15

Request Chain 5

http://fagywalu.pro/cEDu9.6/br2/5ll_SOW/Q/9MNKD/M/zkMcjiMO4/NyCo0T0/MzzBMFyZM/zlg-1u HTTP 301
https://fagywalu.pro/cEDu9.6/br2/5ll_SOW/Q/9MNKD/M/zkMcjiMO4/NyCo0T0/MzzBMFyZM/zlg-1u

Request Chain 6

http://thumbs2.redgifs.com/CookedLawfulBullmastiff-mobile.mp4 HTTP 301
https://thumbs2.redgifs.com/CookedLawfulBullmastiff-mobile.mp4

Request Chain 7

http://thumbs2.redgifs.com/ThirstyDeterminedGopher-mobile.mp4 HTTP 301
https://thumbs2.redgifs.com/ThirstyDeterminedGopher-mobile.mp4

Request Chain 11

http://ad.jetx.info/red2.php?rand=jP0d6ac62e698cfd9984d49961fa5fbaef&id=27 HTTP 302
https://1337x2.xyz/submit.php

Request Chain 17

http://www.googletagmanager.com/gtag/js?id=UA-46789381-15 HTTP 307
https://www.googletagmanager.com/gtag/js?id=UA-46789381-15

Request Chain 24

http://fagywalu.pro/cEDu9.6/br2/5ll_SOW/Q/9MNKD/M/zkMcjiMO4/NyCo0T0/MzzBMFyZM/zlg-1u HTTP 301
https://fagywalu.pro/cEDu9.6/br2/5ll_SOW/Q/9MNKD/M/zkMcjiMO4/NyCo0T0/MzzBMFyZM/zlg-1u

Request Chain 25

http://thumbs2.redgifs.com/CookedLawfulBullmastiff-mobile.mp4 HTTP 307
https://thumbs2.redgifs.com/CookedLawfulBullmastiff-mobile.mp4

Request Chain 26

http://thumbs2.redgifs.com/ThirstyDeterminedGopher-mobile.mp4 HTTP 307
https://thumbs2.redgifs.com/ThirstyDeterminedGopher-mobile.mp4

Request Chain 30

http://ad.jetx.info/red2.php?rand=jP0d6ac62e698cfd9984d49961fa5fbaef&id=27 HTTP 302
https://1337x2.xyz/submit.php

73 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
hebeboard.aino.pk/ 13 KB
5 KB 84ms
69ms Document
text/html 45.14.224.146
SPECTRAIP Spectra...

General

Check archive.org

Show headers Download Go to

Full URL

http://hebeboard.aino.pk/

Protocol

HTTP/1.1

Server

45.14.224.146 Amsterdam, Netherlands, ASN62068 (SPECTRAIP SpectraIP B.V., NL),

Reverse DNS

hosted-by.spectraip.net

Software

nginx /

Resource Hash

edd4a0f4ea98f12d77e0685101c958d43a6e7393fa74d26e6c0328c8784e89a2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9

Response headers

Server: nginx
Date: Sun, 20 Feb 2022 14:33:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding Accept-Encoding
Expires: Sun, 20 Feb 2022 14:36:59 GMT
Cache-Control: public
Pragma: no-cache
Last-Modified: Sun, 20 Feb 2022 14:26:59 GMT
Access-Control-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET
H/1.1 200
OK style.css
fastcdn.jdi5.com/css/hebeboard.aino.pk/ 0
822 B 85ms
53ms Stylesheet
text/css 2606:4700:3032::6815:28ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://fastcdn.jdi5.com/css/hebeboard.aino.pk/style.css
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: HTTP/1.1
Server: 2606:4700:3032::6815:28ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.0RC6
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 14:33:02 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1897
X-Powered-By: PHP/7.4.0RC6
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Sun, 20 Feb 2022 14:01:25 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=23qe%2BkFgXK0egWlJOmvicd7LYBZ5L87RQbwNLa6Q3Mh55P7yDkXr1fcpdv55oIuvEfXakuZy7cG1xySF9Xut5IxJLr4NcxPRpm%2Bg7Mj7QZkYe4rFrVhJYmvZUOs8%2Bg%2BRrJINzG7bDnbxAKGxTeul"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=14400
CF-RAY: 6e0872a05c6a4c86-AMS
Cf-Bgj: minify

GET
H/1.1 403
Forbidden 924a493b70390a3b05cf6950985a02a2.js
pl15024262.performancetrustednetwork.com/92/4a/49/ 0
0 1768ms
930ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pl15024262.performancetrustednetwork.com/92/4a/49/924a493b70390a3b05cf6950985a02a2.js
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: HTTP/1.1
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 20 Feb 2022 14:33:03 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK online_i.js Show response
widget.supercounters.com/ssl/ 4 KB
2 KB 76ms
43ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://widget.supercounters.com/ssl/online_i.js
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b01052595d22238c23ad27dfb118270dc17124aa47731d3308824fbf182511b6

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 14:33:02 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3074
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Tue, 11 Jul 2017 06:49:04 GMT
Server: cloudflare
ETag: W/"596474e0-109e"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tcN5PuQ2tPSQ3RhToGH1qj1snkxn7xzIQV%2FHqSREliQouWEZ8CyBhksqHNKN9xQumBjkhBIOdPL98k9kZsnOWQzFKkO1zuWSbeGrG0xO1gVtPGMLCef%2BNPWTXiItJgAGfka3UDjI%2FEJdyQXZqIlVLUGyr7eF94c%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
CF-RAY: 6e0872a05fd0918c-FRA

GET
H/1.1 200
OK online.js Show response
counter.jdi5.com/ 3 KB
2 KB 84ms
50ms Script
application/javascript 2606:4700:3032::6815:28ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://counter.jdi5.com/online.js
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: HTTP/1.1
Server: 2606:4700:3032::6815:28ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f530bfa2c38b91f1fc244604bb6db7381662a0a44f151bf368d310ced331442

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 14:33:02 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1773
Cf-Polished: origSize=4463
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 19 Mar 2021 16:57:56 GMT
Server: cloudflare
etag: W/"6054d814-116f"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uAx2z4i%2Bj3TFP1oK6StJMMnZOYqBDeuEiWbBRPiX6k8HyWu0fOKiMJreLfMyha1Hiy1iOeHkKiifnOFISuaDsdrB3rC%2FPCJ%2Bj95nHRAWv5rJH4if3Zh1bxogECHB3EbycWdED9kLtFHHF6xFxyRB"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
CF-RAY: 6e0872a05dea917d-FRA
Cf-Bgj: minify

GET
H2

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=UA-46789381-15
https://www.googletagmanager.com/gtag/js?id=UA-46789381-15

94 KB
37 KB

93ms
33ms

Script
application/javascript

2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-15

Requested by

Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/

Protocol

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ace588b62a69c5a3718fda119705eecaea091657694b940c26624a8eefeeae5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 14:33:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37331
x-xss-protection: 0
last-modified: Sun, 20 Feb 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 20 Feb 2022 14:33:02 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=UA-46789381-15
Date: Sun, 20 Feb 2022 14:33:02 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: Google Tag Manager
Content-Length: 255
X-XSS-Protection: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

zlg-1u Show response
fagywalu.pro/cEDu9.6/br2/5ll_SOW/Q/9MNKD/M/zkMcjiMO4/NyCo0T0/MzzBMFyZM/
Redirect Chain

http://fagywalu.pro/cEDu9.6/br2/5ll_SOW/Q/9MNKD/M/zkMcjiMO4/NyCo0T0/MzzBMFyZM/zlg-1u
https://fagywalu.pro/cEDu9.6/br2/5ll_SOW/Q/9MNKD/M/zkMcjiMO4/NyCo0T0/MzzBMFyZM/zlg-1u

0
231 B

467ms
48ms

Script
application/javascript

2a00:1178:1:4b::f
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://fagywalu.pro/cEDu9.6/br2/5ll_SOW/Q/9MNKD/M/zkMcjiMO4/NyCo0T0/MzzBMFyZM/zlg-1u

Requested by

Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/

Protocol

Server

2a00:1178:1:4b::f , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 14:33:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
server: nginx
expires: Mon, 26 Jul 2011 05:00:00 GMT

Redirect headers

Date: Sun, 20 Feb 2022 14:33:04 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: text/html
Location: https://fagywalu.pro/cEDu9.6/br2/5ll_SOW/Q/9MNKD/M/zkMcjiMO4/NyCo0T0/MzzBMFyZM/zlg-1u
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 162
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

206

CookedLawfulBullmastiff-mobile.mp4
thumbs2.redgifs.com/
Redirect Chain

http://thumbs2.redgifs.com/CookedLawfulBullmastiff-mobile.mp4
https://thumbs2.redgifs.com/CookedLawfulBullmastiff-mobile.mp4

492 KB
493 KB

101ms
57ms

Media
video/mp4

2606:4700::6812:4cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thumbs2.redgifs.com/CookedLawfulBullmastiff-mobile.mp4

Requested by

Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/

Protocol

Server

2606:4700::6812:4cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Toilet Tissue

Resource Hash

53af4010907dde3cc86bd10a52303767c21d1f966970cbb5e6925fbc7cd0a872

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 14:33:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2357969
x-powered-by: Toilet Tissue
Content-Range: bytes 0-503431/503432
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 503432
last-modified: Mon, 24 Jan 2022 07:33:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: video/mp4
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6e0872ac19ad6977-FRA
expires: Mon, 20 Feb 2023 14:33:04 GMT

Redirect headers

Date: Sun, 20 Feb 2022 14:33:04 GMT
X-Content-Type-Options: nosniff
Server: cloudflare
Vary: Accept-Encoding
Location: https://thumbs2.redgifs.com/CookedLawfulBullmastiff-mobile.mp4
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6e0872ab8fe69122-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Sun, 20 Feb 2022 15:33:04 GMT

GET
H2

206

ThirstyDeterminedGopher-mobile.mp4
thumbs2.redgifs.com/
Redirect Chain

http://thumbs2.redgifs.com/ThirstyDeterminedGopher-mobile.mp4
https://thumbs2.redgifs.com/ThirstyDeterminedGopher-mobile.mp4

3 MB
0

98ms
79ms

Media
video/mp4

2606:4700::6812:4cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thumbs2.redgifs.com/ThirstyDeterminedGopher-mobile.mp4

Requested by

Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/

Protocol

Server

2606:4700::6812:4cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Toilet Tissue

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 14:33:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2357968
x-powered-by: Toilet Tissue
Content-Range: bytes 0-5741364/5741365
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5741365
last-modified: Mon, 24 Jan 2022 07:33:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: video/mp4
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6e0872ac19b06977-FRA
expires: Mon, 20 Feb 2023 14:33:04 GMT

Redirect headers

Date: Sun, 20 Feb 2022 14:33:04 GMT
X-Content-Type-Options: nosniff
Server: cloudflare
Vary: Accept-Encoding
Location: https://thumbs2.redgifs.com/ThirstyDeterminedGopher-mobile.mp4
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6e0872ab8b268fd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Sun, 20 Feb 2022 15:33:04 GMT

GET
H/1.1 200
OK fc.php Show response
www.supercounters.com/ 29 B
280 B 200ms
93ms Script
application/x-javascript 172.104.29.90
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://www.supercounters.com/fc.php?id=1400646&w=1&v=2&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F98.0.4758.80%20Safari%2F537.36&ref=&url=http%3A%2F%2Fhebeboard.aino.pk%2F&sw=1600&sh=1200&rand=64
Requested by: Host: widget.supercounters.com
URL: http://widget.supercounters.com/ssl/online_i.js
Protocol: HTTP/1.1
Server: 172.104.29.90 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1848-90.members.linode.com
Software: nginx/1.20.1 / PHP/7.4.13
Resource Hash: 10b314e4c99ddcad1b2856f825b9c9b224b0814aa78c71c77898319671d0e331

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 14:33:04 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Connection: keep-alive
X-Powered-By: PHP/7.4.13
Transfer-Encoding: chunked
Content-Type: application/x-javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 70ms
20ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: counter.jdi5.com
URL: http://counter.jdi5.com/online.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1692
date: Sun, 20 Feb 2022 14:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 20 Feb 2022 16:04:52 GMT

GET
H/1.1 200
OK fc.php Show response
counter.jdi5.com/ 49 B
817 B 159ms
159ms Script
application/x-javascript 2606:4700:3032::6815:28ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://counter.jdi5.com/fc.php?id=3f6b3baf7b59a93f71be44e4c77940b2&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F98.0.4758.80%20Safari%2F537.36&ref=&pn=http%3A%2F%2Fhebeboard.aino.pk%2F&wh=1600x1200&rand=23
Requested by: Host: counter.jdi5.com
URL: http://counter.jdi5.com/online.js
Protocol: HTTP/1.1
Server: 2606:4700:3032::6815:28ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea387078a0e1f789289fafdef72e344257cd4fbd2432f5b4cc1f52cedb119087

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 14:33:04 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H78nNc23um9s%2BcimqG7QZB%2BvoNClrH4hvILpVTBvpNlPLLLrLo4u8PLVa56EkFelRB02%2FAjmAZ%2FSthXlBqRvN2CXYT%2Brcv8YRB6FYzT4GonHQRBcdf8m0g2fKzNRGbA5zj6CV%2BMA1ntkQoxsYttF"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Connection: keep-alive
CF-RAY: 6e0872ab68da917d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

submit.php Show response
1337x2.xyz/ Frame 0001
Redirect Chain

http://ad.jetx.info/red2.php?rand=jP0d6ac62e698cfd9984d49961fa5fbaef&id=27
https://1337x2.xyz/submit.php

345 B
423 B

162ms
71ms

Document
text/html

2606:4700:3033::6815:48f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x2.xyz/submit.php
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:48f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: e9b281d1d3a53a42aaa13f8b0e5b332da80515dd3f010481193953038d8fa7ef

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/

Response headers

date: Sun, 20 Feb 2022 14:33:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G5UjVDo%2Ftytx2dmjQ1s6iOAD%2F1m7muU9KT1RGsHoMG0bcKQ7CN2ewv5C27hTW5ZXx3B%2By6TwBh7GxAdb1bxVEj0W0Tltc04LkMoGGn7m1cZ2fQA9v2EQOVDNkCRF0CMUFJqWuCfMIHmd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e0872af8aa59244-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Sun, 20 Feb 2022 14:33:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
location: https://1337x2.xyz/submit.php
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOz%2F3ZIZDNmW4QTcHIaVtZcEsbtq9h3glbaX1JlAOY8tWSasgkK5ZhDt%2BVA0H%2BjZJhwm3o%2BrLCrVjrTVrMefkg0pL3A0aAfygtoWlcDmMaTBgvP%2B2crtFsTXYozjW%2BmCPefsVf7rWGuxEU8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6e0872ab98fa90be-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK / Show response
hebeboard.aino.pk/ Frame F3DC 13 KB
5 KB 69ms
69ms Document
text/html 45.14.224.146
SPECTRAIP Spectra...

General

Check archive.org

Show headers Download Go to

Full URL

http://hebeboard.aino.pk/

Requested by

Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/

Protocol

HTTP/1.1

Server

45.14.224.146 Amsterdam, Netherlands, ASN62068 (SPECTRAIP SpectraIP B.V., NL),

Reverse DNS

hosted-by.spectraip.net

Software

nginx /

Resource Hash

d31591c8871b4c5d45d93dfa78bfc59d42d77615c5497ce4df89910fb7e80083

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/

Response headers

Server: nginx
Date: Sun, 20 Feb 2022 14:33:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding Accept-Encoding
Expires: Sun, 20 Feb 2022 14:36:59 GMT
Cache-Control: public
Pragma: no-cache
Last-Modified: Sun, 20 Feb 2022 14:26:59 GMT
Access-Control-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET
H/1.1 200
OK style.css
fastcdn.jdi5.com/css/hebeboard.aino.pk/ Frame F3DC 0
832 B 30ms
30ms Stylesheet
text/css 2606:4700:3032::6815:28ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://fastcdn.jdi5.com/css/hebeboard.aino.pk/style.css
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: HTTP/1.1
Server: 2606:4700:3032::6815:28ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.0RC6
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 14:33:04 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1899
X-Powered-By: PHP/7.4.0RC6
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Sun, 20 Feb 2022 14:01:25 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YO0hLxgx%2Bk23wcRhqgB12yQBAAxfAq1dgRCQ%2FVVjWmX58qyCuJbsYuD5%2BOY9fdGJbEht%2F26MZEXHg9bBuGNVs%2Fi5J6Qix9wWENOv24Vyhso%2BdS5yKCOo%2BlXaX%2B6F6pgzVfNnCGJH2g9%2F1eW1IBXY"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=14400
CF-RAY: 6e0872abdd094c86-AMS
Cf-Bgj: minify

GET
H/1.1 403
Forbidden 924a493b70390a3b05cf6950985a02a2.js
pl15024262.performancetrustednetwork.com/92/4a/49/ Frame F3DC 0
0 106ms
105ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pl15024262.performancetrustednetwork.com/92/4a/49/924a493b70390a3b05cf6950985a02a2.js
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: HTTP/1.1
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 20 Feb 2022 14:33:04 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK online_i.js Show response
widget.supercounters.com/ssl/ Frame F3DC 4 KB
2 KB 46ms
45ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://widget.supercounters.com/ssl/online_i.js
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b01052595d22238c23ad27dfb118270dc17124aa47731d3308824fbf182511b6

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 14:33:04 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3076
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Tue, 11 Jul 2017 06:49:04 GMT
Server: cloudflare
ETag: W/"596474e0-109e"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NgMYUwhCmbW%2B8BndTx6Jd43oeMZVd3njaraCzD0TFD24UfFFjALiZheWPTk1T2vdZmMoXNG15iQiTSdzIz77KMrByYXpuqM0XFZr8URthTl1vc2kpHFGHehTnKf15G6Y6I1zW1Cl2bJ3Gad2qGyrZsnGe70NWrc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
CF-RAY: 6e0872abcc9a918c-FRA

GET
H/1.1 200
OK online.js Show response
counter.jdi5.com/ Frame F3DC 3 KB
2 KB 69ms
50ms Script
application/javascript 2606:4700:3032::6815:28ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://counter.jdi5.com/online.js
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: HTTP/1.1
Server: 2606:4700:3032::6815:28ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f530bfa2c38b91f1fc244604bb6db7381662a0a44f151bf368d310ced331442

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 14:33:04 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1254
Cf-Polished: origSize=4463
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 19 Mar 2021 16:57:56 GMT
Server: cloudflare
etag: W/"6054d814-116f"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0hjie1XN97rnTmuWSbVX6o%2BT7Nps%2FTpepcVi8%2Fs0HvwRKQdxQb4gXEm6Fxiwh4fFQ4Yo47xGfp6B1eiFHogjhpxUnqpLrRGsg8aV6npz9TipOcK3ArIbpvlOLg2VRUHCXJbVl9kZmc3gEeya7Xsn"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
CF-RAY: 6e0872abee259259-FRA
Cf-Bgj: minify

GET
H2

200

js Show response
www.googletagmanager.com/gtag/ Frame F3DC
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=UA-46789381-15
https://www.googletagmanager.com/gtag/js?id=UA-46789381-15

94 KB
37 KB

30ms
30ms

Script
application/javascript

2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-15

Requested by

Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/

Protocol

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c0eb2e38cb049c5b42c6b5c772cda6e92dc94fd44e630ea3bc3e8a1229cd72a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 14:33:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37331
x-xss-protection: 0
last-modified: Sun, 20 Feb 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 20 Feb 2022 14:33:04 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=UA-46789381-15
Non-Authoritative-Reason: HSTS

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
148 B 28ms
27ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1489509510&t=pageview&_s=1&dl=http%3A%2F%2Fhebeboard.aino.pk%2F&ul=en-us&de=UTF-8&dt=hebeboard.aino.pk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=999784112&gjid=1853622809&cid=754385727.1645367585&tid=UA-46789381-10&_gid=931122495.1645367585&_r=1&_slc=1&z=711198638

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://hebeboard.aino.pk/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 14:33:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://hebeboard.aino.pk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 27ms
27ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1489509510&t=pageview&_s=1&dl=http%3A%2F%2Fhebeboard.aino.pk%2F&ul=en-us&de=UTF-8&dt=hebeboard.aino.pk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=629681258&gjid=653200864&cid=754385727.1645367585&tid=UA-46789381-15&_gid=931122495.1645367585&_r=1&gtm=2ou2g0&z=592191792

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://hebeboard.aino.pk/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 14:33:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://hebeboard.aino.pk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 19ms
19ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1489509510&t=event&_s=2&dl=http%3A%2F%2Fhebeboard.aino.pk%2F&ul=en-us&de=UTF-8&dt=hebeboard.aino.pk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=hebeboard.aino.pk&ea=hebeboard.aino.pk&el=hebeboard.aino.pk&_u=YEDAAUABAAAAAC~&jid=&gjid=&cid=754385727.1645367585&tid=UA-46789381-15&_gid=931122495.1645367585&gtm=2ou2g0&cg1=hebeboard.aino.pk&z=842515972

Requested by

Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 17:47:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 74707
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 493ms
34ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-46789381-10&cid=754385727.1645367585&jid=999784112&gjid=1853622809&_gid=931122495.1645367585&_u=IEBAAEAAAAAAAC~&z=1677589355

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://hebeboard.aino.pk/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 20 Feb 2022 14:33:05 GMT
content-type: text/plain
access-control-allow-origin: http://hebeboard.aino.pk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 492ms
34ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-46789381-15&cid=754385727.1645367585&jid=629681258&gjid=653200864&_gid=931122495.1645367585&_u=YEDAAUABAAAAAC~&z=352958509

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://hebeboard.aino.pk/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 20 Feb 2022 14:33:05 GMT
content-type: text/plain
access-control-allow-origin: http://hebeboard.aino.pk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK FF0000.png
imgcdn1.jdi5.com/img/ 128 B
927 B 91ms
47ms Image
image/png 2606:4700:3032::6815:28ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://imgcdn1.jdi5.com/img/FF0000.png
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: HTTP/1.1
Server: 2606:4700:3032::6815:28ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: f55305c1eb95d27c0b58235590a184a11b5093f7481b48862645b2dc45d458cf

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 14:33:04 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1387514
x-powered-by: PHP/5.6.40
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 128
Last-Modified: Fri, 04 Feb 2022 13:07:50 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIrWYrXskG%2BpKy5tBYk2YGkervCGMqlFRw0B08cbtPpcS2MPtsq07O3VJ9w%2BOYh3gtwha24XgnN4aqkaEXCzrcuPBJznMMbkEy7DR4Ko6ptuqAWvjI71YLo3tNFztC8yohc%2B6K%2BuM6cPu0JlE2Pp"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
cache-control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 6e0872ac9caf96ff-AMS
expires: Sat, 04 Feb 2023 13:07:50 GMT

GET
H2

200

zlg-1u Show response
fagywalu.pro/cEDu9.6/br2/5ll_SOW/Q/9MNKD/M/zkMcjiMO4/NyCo0T0/MzzBMFyZM/ Frame F3DC
Redirect Chain

http://fagywalu.pro/cEDu9.6/br2/5ll_SOW/Q/9MNKD/M/zkMcjiMO4/NyCo0T0/MzzBMFyZM/zlg-1u
https://fagywalu.pro/cEDu9.6/br2/5ll_SOW/Q/9MNKD/M/zkMcjiMO4/NyCo0T0/MzzBMFyZM/zlg-1u

0
230 B

58ms
52ms

Script
application/javascript

2a00:1178:1:4b::f
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://fagywalu.pro/cEDu9.6/br2/5ll_SOW/Q/9MNKD/M/zkMcjiMO4/NyCo0T0/MzzBMFyZM/zlg-1u

Requested by

Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/

Protocol

Server

2a00:1178:1:4b::f , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 14:33:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
server: nginx
expires: Mon, 26 Jul 2011 05:00:00 GMT

Redirect headers

Date: Sun, 20 Feb 2022 14:33:04 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: text/html
Location: https://fagywalu.pro/cEDu9.6/br2/5ll_SOW/Q/9MNKD/M/zkMcjiMO4/NyCo0T0/MzzBMFyZM/zlg-1u
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 162
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

206

CookedLawfulBullmastiff-mobile.mp4
thumbs2.redgifs.com/ Frame F3DC
Redirect Chain

http://thumbs2.redgifs.com/CookedLawfulBullmastiff-mobile.mp4
https://thumbs2.redgifs.com/CookedLawfulBullmastiff-mobile.mp4

492 KB
492 KB

361ms
60ms

Media
video/mp4

2606:4700::6812:4cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thumbs2.redgifs.com/CookedLawfulBullmastiff-mobile.mp4

Requested by

Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/

Protocol

Server

2606:4700::6812:4cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Toilet Tissue

Resource Hash

53af4010907dde3cc86bd10a52303767c21d1f966970cbb5e6925fbc7cd0a872

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 14:33:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2357970
x-powered-by: Toilet Tissue
Content-Range: bytes 0-503431/503432
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 503432
last-modified: Mon, 24 Jan 2022 07:33:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: video/mp4
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6e0872ae6f836977-FRA
expires: Mon, 20 Feb 2023 14:33:05 GMT

Redirect headers

Location: https://thumbs2.redgifs.com/CookedLawfulBullmastiff-mobile.mp4
Non-Authoritative-Reason: HSTS

GET
H2

206

ThirstyDeterminedGopher-mobile.mp4
thumbs2.redgifs.com/ Frame F3DC
Redirect Chain

http://thumbs2.redgifs.com/ThirstyDeterminedGopher-mobile.mp4
https://thumbs2.redgifs.com/ThirstyDeterminedGopher-mobile.mp4

3 MB
0

356ms
55ms

Media
video/mp4

2606:4700::6812:4cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://thumbs2.redgifs.com/ThirstyDeterminedGopher-mobile.mp4

Requested by

Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/

Protocol

Server

2606:4700::6812:4cf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Toilet Tissue

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 14:33:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2357969
x-powered-by: Toilet Tissue
Content-Range: bytes 0-5741364/5741365
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5741365
last-modified: Mon, 24 Jan 2022 07:33:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: video/mp4
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6e0872ae6f856977-FRA
expires: Mon, 20 Feb 2023 14:33:05 GMT

Redirect headers

Location: https://thumbs2.redgifs.com/ThirstyDeterminedGopher-mobile.mp4
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK fc.php Show response
www.supercounters.com/ Frame F3DC 29 B
280 B 106ms
100ms Script
application/x-javascript 172.104.29.90
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://www.supercounters.com/fc.php?id=1400646&w=1&v=2&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F98.0.4758.80%20Safari%2F537.36&ref=http%3A%2F%2Fhebeboard.aino.pk%2F&url=http%3A%2F%2Fhebeboard.aino.pk%2F%23&sw=1600&sh=1200&rand=3
Requested by: Host: widget.supercounters.com
URL: http://widget.supercounters.com/ssl/online_i.js
Protocol: HTTP/1.1
Server: 172.104.29.90 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1848-90.members.linode.com
Software: nginx/1.20.1 / PHP/7.4.13
Resource Hash: 10b314e4c99ddcad1b2856f825b9c9b224b0814aa78c71c77898319671d0e331

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 14:33:04 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Connection: keep-alive
X-Powered-By: PHP/7.4.13
Transfer-Encoding: chunked
Content-Type: application/x-javascript

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame F3DC 49 KB
20 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: counter.jdi5.com
URL: http://counter.jdi5.com/online.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1692
date: Sun, 20 Feb 2022 14:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 20 Feb 2022 16:04:52 GMT

GET
H/1.1 200
OK fc.php Show response
counter.jdi5.com/ Frame F3DC 49 B
819 B 109ms
108ms Script
application/x-javascript 2606:4700:3032::6815:28ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://counter.jdi5.com/fc.php?id=3f6b3baf7b59a93f71be44e4c77940b2&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F98.0.4758.80%20Safari%2F537.36&ref=http%3A%2F%2Fhebeboard.aino.pk%2F&pn=http%3A%2F%2Fhebeboard.aino.pk%2F%23&wh=1600x1200&rand=35
Requested by: Host: counter.jdi5.com
URL: http://counter.jdi5.com/online.js
Protocol: HTTP/1.1
Server: 2606:4700:3032::6815:28ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea387078a0e1f789289fafdef72e344257cd4fbd2432f5b4cc1f52cedb119087

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 14:33:04 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvI4YETS49Fb8mzeA5%2FmsPOOIz2zXXl1Z7KIx%2B%2BvX6I7O0rNpyyNrfovybFLC9xZWt87Pt9z5ZAEw3yMTaAVqA3Y0lJ3tLW05uLUchY6MIv%2BJlNBYv5T5SGz93nLEhR14Zajm%2F%2B%2B9xlOKb7MnFLn"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Connection: keep-alive
CF-RAY: 6e0872ac9bfa917d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

submit.php Show response
1337x2.xyz/ Frame 37E5
Redirect Chain

http://ad.jetx.info/red2.php?rand=jP0d6ac62e698cfd9984d49961fa5fbaef&id=27
https://1337x2.xyz/submit.php

345 B
707 B

65ms
61ms

Document
text/html

2606:4700:3033::6815:48f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x2.xyz/submit.php
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:48f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: e9b281d1d3a53a42aaa13f8b0e5b332da80515dd3f010481193953038d8fa7ef

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/

Response headers

date: Sun, 20 Feb 2022 14:33:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dpf8Zu%2BU1AoT6kHxg1YqoXmJe4A1MWxWFRT1DGzRegUc9x1E8hXFBfWdnbx2DpO2QsUH6GVPEsaj5PndAvjFB22ws1biQl5X0YSUr47BtnRn3v%2BDd00zP0YlSjdULHTsvegLz5LRPNud"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e0872af8aab9244-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Sun, 20 Feb 2022 14:33:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
location: https://1337x2.xyz/submit.php
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iEDDUEJoCDO0xTyUqf8nMigqa0kP4ivoBHx8KtWH4LgXD5s1VWb1esoCeZF92S7KJu2Aldvor0uRfTAnTbn29%2B4Z31x4sUZiRfZylaRJY3dDUgE9sUbd3xgXNDV%2BwF9f4r9auOOYNBsk%2FrQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6e0872aeff7290be-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK e61c1c.png
widget.supercounters.com/images/online/ 568 B
1 KB 62ms
62ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://widget.supercounters.com/images/online/e61c1c.png
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 946f17cbf7585ff68bf58c1ef9d340c59760d3b1a7ab4a264590ae10cc1b2294

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 14:33:04 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2899
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 568
Last-Modified: Fri, 18 Feb 2022 14:50:24 GMT
Server: cloudflare
ETag: "620fb230-238"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZGTQt4Eh3ApAgG5NwpxwxLMo7FLlK8Stuu92hWu1ZM0N7J0xNTiW0SK5U5D8OyLo%2FN28tvHETnpkzJ0qsNHbYiizZNOUGf0x6u6FoG2hPbAZ6BK6%2F%2Fin6wnRuw6llXUQmF0e7PIwTa9DEczQn5I8Lf9TQB1tKk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6e0872acaed9918c-FRA

GET
H/1.1 200
OK e61c1c.png
widget.supercounters.com/images/online/ Frame F3DC 568 B
1 KB 70ms
70ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://widget.supercounters.com/images/online/e61c1c.png
Requested by: Host: widget.supercounters.com
URL: http://widget.supercounters.com/ssl/online_i.js
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 946f17cbf7585ff68bf58c1ef9d340c59760d3b1a7ab4a264590ae10cc1b2294

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 14:33:05 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2900
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 568
Last-Modified: Fri, 18 Feb 2022 14:50:24 GMT
Server: cloudflare
ETag: "620fb230-238"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4AyDDhQ0fgLnivRM6FuGjzloXtmWtg06qhL2w3Iamow4X1NJM0kJMVXN8C717%2BHsChsk5Gik9cmKcev37PLBWIVv0Nb8w7S0JF%2FsCnwsQw3cPTYSfP1LES%2FBoxTHowjk9t9CSiRTjq98J%2BkuWZe2XCmitysVSaQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6e0872af1e2c918c-FRA

GET
H/1.1 200
OK FF0000.png
imgcdn1.jdi5.com/img/ Frame F3DC 128 B
931 B 66ms
65ms Image
image/png 2606:4700:3032::6815:28ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://imgcdn1.jdi5.com/img/FF0000.png
Requested by: Host: counter.jdi5.com
URL: http://counter.jdi5.com/online.js
Protocol: HTTP/1.1
Server: 2606:4700:3032::6815:28ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: f55305c1eb95d27c0b58235590a184a11b5093f7481b48862645b2dc45d458cf

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 14:33:05 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1387515
x-powered-by: PHP/5.6.40
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 128
Last-Modified: Fri, 04 Feb 2022 13:07:50 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDlyVOsn8HBkEUGoXTT%2F0fA0%2BiA%2B2CCZVihstv%2B9hj61p6LaUXKoZxZFI%2B%2FSK1ASSMT1Z8bukherC1dbsShGVF2TbArQb81C52llG9ac2sPcCDrUMoQMYPrvDCwWAxsBJ6ij%2F3nQigQUQ0J5XKjd"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
cache-control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 6e0872af094c96ff-AMS
expires: Sat, 04 Feb 2023 13:07:50 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame F3DC 2 B
22 B 36ms
36ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1796076441&t=pageview&_s=1&dl=http%3A%2F%2Fhebeboard.aino.pk%2F&ul=en-us&de=UTF-8&dt=hebeboard.aino.pk&sd=24-bit&sr=1600x1200&vp=&je=0&_u=AACAAEABAAAAAC~&jid=&gjid=&cid=754385727.1645367585&tid=UA-46789381-10&_gid=931122495.1645367585&_slc=1&z=372677675

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://hebeboard.aino.pk/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 14:33:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://hebeboard.aino.pk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame F3DC 35 B
55 B 30ms
29ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1796076441&t=pageview&_s=1&dl=http%3A%2F%2Fhebeboard.aino.pk%2F&ul=en-us&de=UTF-8&dt=hebeboard.aino.pk&sd=24-bit&sr=1600x1200&vp=&je=0&_u=QACAAUABAAAAAC~&jid=&gjid=&cid=754385727.1645367585&tid=UA-46789381-15&_gid=931122495.1645367585&gtm=2ou2g0&z=1899564595

Requested by

Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 14:58:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84891
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame F3DC 35 B
55 B 30ms
30ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1796076441&t=event&_s=2&dl=http%3A%2F%2Fhebeboard.aino.pk%2F&ul=en-us&de=UTF-8&dt=hebeboard.aino.pk&sd=24-bit&sr=1600x1200&vp=&je=0&ec=hebeboard.aino.pk&ea=hebeboard.aino.pk&el=hebeboard.aino.pk&_u=QACAAUABAAAAAC~&jid=&gjid=&cid=754385727.1645367585&tid=UA-46789381-15&_gid=931122495.1645367585&gtm=2ou2g0&cg1=hebeboard.aino.pk&z=1327440372

Requested by

Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Feb 2022 14:58:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84891
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 111ms
46ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-46789381-10&cid=754385727.1645367585&jid=999784112&_u=IEBAAEAAAAAAAC~&z=1937178621

Requested by

Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 14:33:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 112ms
45ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-46789381-10&cid=754385727.1645367585&jid=999784112&_u=IEBAAEAAAAAAAC~&z=1937178621

Requested by

Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 14:33:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 113ms
50ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-46789381-15&cid=754385727.1645367585&jid=629681258&_u=YEDAAUABAAAAAC~&z=2139642008

Requested by

Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 14:33:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
501 B 110ms
45ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-46789381-15&cid=754385727.1645367585&jid=629681258&_u=YEDAAUABAAAAAC~&z=2139642008

Requested by

Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Feb 2022 14:33:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
1337x2.xyz/ Frame 37E5 430 B
884 B 259ms
218ms Document
text/html 2606:4700:3033::6815:48f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x2.xyz/
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:48f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: fa5997379e1a33c2b34eb430a7959a6b0be7bbec223ef48a3da9510662121147

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://1337x2.xyz
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://1337x2.xyz/submit.php

Response headers

date: Sun, 20 Feb 2022 14:33:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rkPBKpd%2BcEVu98oME71VYB6Y5tnVuF%2Bk7ct40jZnrHPZeG0MdrnUfCY0oNoMW%2BvTnF0pOsBVDoWF%2BmvTDhN8bN1E1%2B7EgKO4zftl6%2BYi4EKq5gupc%2FeDwmym9PmPsWwSqq3V%2F9UIMWXu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e0872b04fdf92ae-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 / Show response
1337x2.xyz/ Frame 0001 357 B
758 B 266ms
226ms Document
text/html 2606:4700:3033::6815:48f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x2.xyz/
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:48f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 83c9040a41add1fad1035572409a385ee9631c5cb5ee69b70cd51e28873b7f6e

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://1337x2.xyz
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://1337x2.xyz/submit.php

Response headers

date: Sun, 20 Feb 2022 14:33:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6U0j%2FzOsPPrwnAzsFILBB5JhmARaA2%2BFjMocZeybDQVZtBtZgRDvSXyWUe8E9vBPt9iVdZRoTXeh%2FYGIvoDRfpxjuhtq2ANItAJG4cKImMhn1DNXePj2XXFsI8Y1WgWpxaf8rVe5scGx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e0872b04fda92ae-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 / Show response
1337x2.xyz/torrent/5154222/Us-2019-UHD-BluRay-2160p-TrueHD-Atmos-7-1-HEVC-REMUX-FraMeSToR-RiCK/ Frame 37E5 3 KB
2 KB 66ms
65ms Document
text/html 2606:4700:3033::6815:48f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x2.xyz/torrent/5154222/Us-2019-UHD-BluRay-2160p-TrueHD-Atmos-7-1-HEVC-REMUX-FraMeSToR-RiCK/
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:48f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 6b02a42dd14ab4fb947ece314639d4645de8f4ccb71b930cef72d6c6a494d715

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://1337x2.xyz
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://1337x2.xyz/

Response headers

date: Sun, 20 Feb 2022 14:33:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0q29aOaGSunSPIKPiwS9svsyiurPN1sE3wRjrH8HRI97AXesMHxQud7P1MfE3jHSkwXOkvRrgyrO7s56mPoAm7N19Gs9e59%2BiHxrLyAdkb%2BTI6%2BARZVlgPPKrwEazr240jMrn4jnQod"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e0872b1caa192ae-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 / Show response
1337x2.xyz/user/riick/ Frame 0001 3 KB
2 KB 71ms
70ms Document
text/html 2606:4700:3033::6815:48f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x2.xyz/user/riick/
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:48f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 4085508d90a4512cc68caa45f3b3825cdc3d38fab0a4131a501dca454f0bfe5d

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://1337x2.xyz
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://1337x2.xyz/

Response headers

date: Sun, 20 Feb 2022 14:33:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FeJY8RBjkhQ8iumrlKhZ%2FlCjF8pw4ZxMpQ4WXNrrAKtK6VjaCBHpZieQ05xKrsEuLCU%2BgSuRaUGUkYC%2Fkua7NpvFcK2Gz5kkfKOdxB2XPgRFwhQuO%2F0OuU1%2FsZqSWzXTfp7ClsbJ6q8Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e0872b1caa392ae-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 37E5 94 KB
36 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-59

Requested by

Host: 1337x2.xyz
URL: https://1337x2.xyz/torrent/5154222/Us-2019-UHD-BluRay-2160p-TrueHD-Atmos-7-1-HEVC-REMUX-FraMeSToR-RiCK/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05a1d04b2c0783f11be95c939e4b79edf8e6cc60a09cb3d7ac81be7b86cc67f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 14:33:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37332
x-xss-protection: 0
last-modified: Sun, 20 Feb 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 20 Feb 2022 14:33:05 GMT

GET
H2 200 waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyOTE2MDgsInNyYyI6Mn0=eyJ.js Show response
yqmxfz.com/pw/ Frame 37E5 119 KB
45 KB 113ms
44ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yqmxfz.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyOTE2MDgsInNyYyI6Mn0=eyJ.js
Requested by: Host: 1337x2.xyz
URL: https://1337x2.xyz/torrent/5154222/Us-2019-UHD-BluRay-2160p-TrueHD-Atmos-7-1-HEVC-REMUX-FraMeSToR-RiCK/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6df1568f93573ecc1d193c9c39581827dbe118bf6dd5161f0e69b12f4469e2d

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 14:33:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
e-tag: ace057e05e783432311155f476bd6d84
age: 2725
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 20 Feb 2022 13:47:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMECxCBVEhuv%2BxIR6z%2B0%2Fs4RWJ%2F0HwN1Dldmgopr0hk1sbibobOULiUbOT85ApifTn50oQxmtZg4ATpUwkFe8OZDh4fFL2ODg%2FT9m9DmQTloE0mY%2FLIhfFOgfV3ocTSLTrLR1wPatwrU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://1337x2.xyz
cache-control: max-age=3600
cf-ray: 6e0872b2b8679090-FRA

GET
H2 200 lazysizes.min.js Show response
afarkas.github.io/lazysizes/ Frame 37E5 8 KB
4 KB 53ms
17ms Script
application/javascript 2606:50c0:8000::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://afarkas.github.io/lazysizes/lazysizes.min.js
Requested by: Host: 1337x2.xyz
URL: https://1337x2.xyz/torrent/5154222/Us-2019-UHD-BluRay-2160p-TrueHD-Atmos-7-1-HEVC-REMUX-FraMeSToR-RiCK/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: b950ea1d26ee179f6027165621f2814436169d8a
date: Sun, 20 Feb 2022 14:33:05 GMT
content-encoding: gzip
age: 228
x-cache: HIT
content-length: 3497
x-served-by: cache-ams21075-AMS
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 09:28:46 GMT
server: GitHub.com
x-github-request-id: 58FE:7CAC:D26BEE:D96538:62124DC0
x-timer: S1645367586.680354,VS0,VE0
etag: W/"60a2374e-1ed1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Sun, 20 Feb 2022 14:16:49 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: HIT
x-cache-hits: 2

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 0001 94 KB
36 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-59

Requested by

Host: 1337x2.xyz
URL: https://1337x2.xyz/user/riick/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8fadebf34b62137df841f30a0d7d150270fcfbca2834be2a8d10dddd04572ccc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 14:33:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37330
x-xss-protection: 0
last-modified: Sun, 20 Feb 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 20 Feb 2022 14:33:05 GMT

GET
H2 200 waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyOTE2MDgsInNyYyI6Mn0=eyJ.js Show response
yqmxfz.com/pw/ Frame 0001 119 KB
46 KB 110ms
42ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yqmxfz.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyOTE2MDgsInNyYyI6Mn0=eyJ.js
Requested by: Host: 1337x2.xyz
URL: https://1337x2.xyz/user/riick/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6df1568f93573ecc1d193c9c39581827dbe118bf6dd5161f0e69b12f4469e2d

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 14:33:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
e-tag: ace057e05e783432311155f476bd6d84
age: 2725
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 20 Feb 2022 13:47:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9LkUi3xgflvG5Ig5RhchCHjGmJimb5suwQOoQ5oSM3UsdWgvAkyzDxtwBu3NyexUt4coJs87X4LKbuNtQwmpzSU%2BGaXVKsTMPFzBYCw%2BUFPQzRKu%2FbQ1CyEkjEfYIoBhRynMzDyU0MK9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://1337x2.xyz
cache-control: max-age=3600
cf-ray: 6e0872b2b8769090-FRA

GET
H2 200 lazysizes.min.js Show response
afarkas.github.io/lazysizes/ Frame 0001 8 KB
4 KB 48ms
17ms Script
application/javascript 2606:50c0:8000::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://afarkas.github.io/lazysizes/lazysizes.min.js
Requested by: Host: 1337x2.xyz
URL: https://1337x2.xyz/user/riick/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: 37ff809e6dd3d46ff92c63a85de88cb3db1b5608
date: Sun, 20 Feb 2022 14:33:05 GMT
content-encoding: gzip
age: 228
x-cache: HIT
content-length: 3497
x-served-by: cache-ams21075-AMS
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 09:28:46 GMT
server: GitHub.com
x-github-request-id: 58FE:7CAC:D26BEE:D96538:62124DC0
x-timer: S1645367586.680545,VS0,VE0
etag: W/"60a2374e-1ed1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Sun, 20 Feb 2022 14:16:49 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: HIT
x-cache-hits: 3

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 37E5 49 KB
20 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-59

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1693
date: Sun, 20 Feb 2022 14:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 20 Feb 2022 16:04:52 GMT

GET
H2 200 submit.php Show response
funnyfoto.me/ Frame 3A6B 1 KB
1 KB 487ms
291ms Document
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://funnyfoto.me/submit.php
Requested by: Host: afarkas.github.io
URL: https://afarkas.github.io/lazysizes/lazysizes.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8541fb2b7b7ffb11b622119c08bd73c98f952d8ba26dd11fc618d8e16befa64e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://1337x2.xyz/

Response headers

date: Sun, 20 Feb 2022 14:33:06 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLTBxXbY9B2nok3BJIpG%2F27JCc%2BRCOge2J2oAkqUSB7h%2FNfLClQj31i1va2C6Yzx2Zu4xLn95RGrywMULV%2BHMfL6rt3cVvyD%2BOmd%2BAFEZXUyLR0datVYdN11pLjbQH%2BNO%2BVFV%2B7aIPK5dqk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e0872b3eb7a91db-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 0001 49 KB
20 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-59

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1693
date: Sun, 20 Feb 2022 14:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 20 Feb 2022 16:04:52 GMT

GET
H2 200 wnload Show response
yfetyg.com/ Frame 0001 378 B
454 B 318ms
272ms Fetch
application/javascript 2a02:b4a:1:7::5647:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://yfetyg.com/wnload?a=1&e=aeyJwaWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyOTE2MDgsImQiOiIxMzM3eDIueHl6IiwibGkiOjF9&tz=0&if=1
Requested by: Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyOTE2MDgsInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::5647:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e9342288e96520ac120076736ba71c4dafd9aba9cdbc476264e3652df6d2b6df

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 20 Feb 2022 14:33:06 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
BLOB 200
OK fdee498f-343f-4d37-95ce-d4f9b4230266
https://1337x2.xyz/ Frame 0001 91 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://1337x2.xyz/fdee498f-343f-4d37-95ce-d4f9b4230266
Requested by: Host: 1337x2.xyz
URL: https://1337x2.xyz/user/riick/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 91
Content-Type: application/javascript

GET
H2 200 wnload Show response
yfetyg.com/ Frame 37E5 378 B
454 B 155ms
155ms Fetch
application/javascript 2a02:b4a:1:7::5647:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://yfetyg.com/wnload?a=1&e=aeyJwaWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyOTE2MDgsImQiOiIxMzM3eDIueHl6IiwibGkiOjF9&tz=0&if=1
Requested by: Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyOTE2MDgsInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::5647:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: dafb68eb1b7e9eba6f0bf51e631bf1cdabe2e75987807392d2323416d393068a

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 20 Feb 2022 14:33:06 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
BLOB 200
OK fc240093-288b-447e-9a51-63aa3bddbab2
https://1337x2.xyz/ Frame 37E5 91 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://1337x2.xyz/fc240093-288b-447e-9a51-63aa3bddbab2
Requested by: Host: 1337x2.xyz
URL: https://1337x2.xyz/torrent/5154222/Us-2019-UHD-BluRay-2160p-TrueHD-Atmos-7-1-HEVC-REMUX-FraMeSToR-RiCK/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 91
Content-Type: application/javascript

POST
H3 200 / Show response
funnyfoto.me/ Frame 3A6B 1 KB
1 KB 145ms
105ms Document
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://funnyfoto.me/
Requested by: Host: 1337x2.xyz
URL: https://1337x2.xyz/user/riick/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a35beb02ec53748f3412f9bec3f930dcdee5b61ff7e9e213c4485ade16778d54

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://funnyfoto.me
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://funnyfoto.me/submit.php

Response headers

date: Sun, 20 Feb 2022 14:33:06 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2F4l7GTO06urJlHqBUnkeuN9x%2BVOlM4ywyoHWX%2FUbozcVIs6OiKCGGLuNvqEke%2B2mQjuJ6iWK3NceXds9Ov6y2zlXn4CqA4uiY3l3F1nwZqKu1Tlf7AWdImhcpKJ719bBd1%2BJm2chAK16I0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e0872b6098a9168-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 wnrw
yfetyg.com/ Frame 0001 0
0 15ms
14ms Fetch 2a02:b4a:1:7::5647:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://yfetyg.com/wnrw?aid=13625504510348051060&a=1
Requested by: Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyOTE2MDgsInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::5647:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://1337x2.xyz
date: Sun, 20 Feb 2022 14:33:06 GMT
server: nginx/1.18.0
content-length: 0

GET
H2 200 V1JJoi0Pz0ntTGcgY5gRdqmHlkO-qOrM.png
i.wmgtr.com/cic/ Frame D786 11 KB
12 KB 81ms
14ms Image
image/png 45.133.44.32
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.wmgtr.com/cic/V1JJoi0Pz0ntTGcgY5gRdqmHlkO-qOrM.png

Requested by

Host: 1337x2.xyz
URL: https://1337x2.xyz/user/riick/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.133.44.32 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

8aebf796e2bcc817ad4229ed1d43348f3d47d08537e5236ca02b1a5f461ea284

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 14:33:06 GMT
content-encoding: gzip
server: nginx/1.17.6
content-type: image/png
access-control-allow-origin: *
expires: Mon, 21 Feb 2022 02:33:06 GMT
cache-control: max-age=43200
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

GET V1JJoi0Pz0ntTGcgY5gRdqmHlkO-qOrM.png
i.wmgtr.com/cic/ Frame 37E5 0
0

GET
H2 200 V1JJoi0Pz0ntTGcgY5gRdqmHlkO-qOrM.png
i.wmgtr.com/cic/ Frame AE36 11 KB
12 KB 79ms
37ms Image
image/png 45.133.44.32
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.wmgtr.com/cic/V1JJoi0Pz0ntTGcgY5gRdqmHlkO-qOrM.png

Requested by

Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyOTE2MDgsInNyYyI6Mn0=eyJ.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.133.44.32 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

8aebf796e2bcc817ad4229ed1d43348f3d47d08537e5236ca02b1a5f461ea284

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 14:33:06 GMT
content-encoding: gzip
server: nginx/1.17.6
content-type: image/png
access-control-allow-origin: *
expires: Mon, 21 Feb 2022 02:33:06 GMT
cache-control: max-age=43200
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

GET
H2 200 wnrw
yfetyg.com/ Frame 37E5 0
0 16ms
16ms Fetch 2a02:b4a:1:7::5647:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://yfetyg.com/wnrw?aid=14692909272248303816&a=1
Requested by: Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyOTE2MDgsInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::5647:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://1337x2.xyz
date: Sun, 20 Feb 2022 14:33:06 GMT
server: nginx/1.18.0
content-length: 0

GET
H/1.1 200
OK a-ads.php Show response
cricketlive.top/ Frame 98E9 123 B
440 B 115ms
42ms Document
text/html 45.14.224.146
SPECTRAIP Spectra...

General

Check archive.org

Show headers Download Go to

Full URL

https://cricketlive.top/a-ads.php

Requested by

Host: afarkas.github.io
URL: https://afarkas.github.io/lazysizes/lazysizes.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

45.14.224.146 Amsterdam, Netherlands, ASN62068 (SPECTRAIP SpectraIP B.V., NL),

Reverse DNS

hosted-by.spectraip.net

Software

nginx /

Resource Hash

65304c66bfd805303a9f973631c8b0261d4bbe8e9e9147ab2588b21609d91f55

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://1337x2.xyz/

Response headers

Server: nginx
Date: Sun, 20 Feb 2022 14:33:06 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 127
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=3600
Expires: Sun, 20 Feb 2022 15:33:06 GMT
Access-Control-Allow-Origin: *
X-XSS-Protection: 1; mode=block

POST
H3 200 desi-mutton-karahi.html Show response
funnyfoto.me/2019/02/ Frame 3A6B 2 KB
2 KB 47ms
46ms Document
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://funnyfoto.me/2019/02/desi-mutton-karahi.html
Requested by: Host: 1337x2.xyz
URL: https://1337x2.xyz/user/riick/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87fa87be4b03b1914a4c6c0cebc5f91524c02438180dbbafec334fb4ac11a143

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://funnyfoto.me
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9
Referer: https://funnyfoto.me/

Response headers

date: Sun, 20 Feb 2022 14:33:06 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjn3dIJhKYraTGJKbAr1oyleZ8Ter9w8kVgbEi0LKuOF6gOJ6HnDtOk8QIZMacICbtJL0dxLc6FMqpI1ggqX%2FAcOtMTAKKda6x0Aca8tN0nnQapwMMmYrnnvdfKqXDT%2FvqMKA%2F4kurJ5WHE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e0872b6dc0e9168-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3A6B 94 KB
36 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-49

Requested by

Host: funnyfoto.me
URL: https://funnyfoto.me/2019/02/desi-mutton-karahi.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0396eec2b4a815e7a42ed0a18228c21329009cd98e8a91052a752cf045788d53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://funnyfoto.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 14:33:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37332
x-xss-protection: 0
last-modified: Sun, 20 Feb 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 20 Feb 2022 14:33:06 GMT

GET
H/1.1 200
OK script.js Show response
js.cdnspace.io/1/ Frame 3A6B 90 KB
28 KB 95ms
43ms Script
application/javascript 109.206.162.211
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.cdnspace.io/1/script.js?t=202212014
Requested by: Host: funnyfoto.me
URL: https://funnyfoto.me/2019/02/desi-mutton-karahi.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 109.206.162.211 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 211.162.serverel.net
Software: nginx /
Resource Hash: 0d7ad6932f7d55be47dc2548fdd1d689a3422b66e2e04a1db7d54ba30571f015

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://funnyfoto.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 20 Feb 2022 14:33:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Jan 2022 16:49:52 GMT
Server: nginx
ETag: W/"61f41eb0-169b9"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1800, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 20 Feb 2022 15:03:06 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 3A6B 49 KB
20 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-49

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://funnyfoto.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1694
date: Sun, 20 Feb 2022 14:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 20 Feb 2022 16:04:52 GMT

GET
H2 200 178402 Show response
23426.yulunanews.name/v2/a/na/js/ Frame 98E9 134 KB
31 KB 66ms
15ms Script
application/javascript 88.208.59.102
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://23426.yulunanews.name/v2/a/na/js/178402?container=clck_ntv
Requested by: Host: cricketlive.top
URL: https://cricketlive.top/a-ads.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.208.59.102 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6b3e21e5623fc00f517c9cbd645d13d9772e3b393de338d8a2369be5961d0a43

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://cricketlive.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 14:33:06 GMT
content-encoding: gzip
referrer-policy: unsafe-url
server: nginx
access-control-max-age: 86400
accept-ch-lifetime: 31536000
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
vary: Accept-Encoding

GET
H2 204 178402 Show response
23426.yulunanews.name/v2/a/na/ Frame 98E9 0
331 B 14ms
14ms XHR
text/plain 88.208.59.102
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://23426.yulunanews.name/v2/a/na/178402?subId=&pageUri=https%3A%2F%2Fcricketlive.top%2Fa-ads.php&referer=https%3A%2F%2F1337x2.xyz%2F&av=1&abl=0&kws=&rtg=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F98.0.4758.80%20Safari%2F537.36%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%22250%22%2C%221600%22%2C%22250%22%2C%22false%22%2C%221%22%2C%224%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Sun%20Feb%2020%202022%2014%3A33%3A06%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D
Requested by: Host: 23426.yulunanews.name
URL: https://23426.yulunanews.name/v2/a/na/js/178402?container=clck_ntv
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.208.59.102 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://cricketlive.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 14:33:06 GMT
referrer-policy: unsafe-url
server: nginx
access-control-max-age: 86400
accept-ch-lifetime: 31536000
access-control-allow-origin: https://cricketlive.top
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory

GET
H2 204 w.js Show response
jswww.net/ Frame 3A6B 0
79 B 89ms
23ms Script
text/plain 109.206.168.17
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jswww.net/w.js?isr=1&wtoken=18bdbc31-55ab-4f10-b621-9b377aa4165b&u=661441&t=2057&sid=funnyfoto.me&r=0.7768497121857132
Requested by: Host: js.cdnspace.io
URL: https://js.cdnspace.io/1/script.js?t=202212014
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.206.168.17 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 109.206.168.17.serverel.net
Software: binder-v5.1.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://funnyfoto.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 14:33:06 GMT
x-response-code: 21011
server: binder-v5.1.5

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: i.wmgtr.com
URL: https://i.wmgtr.com/cic/V1JJoi0Pz0ntTGcgY5gRdqmHlkO-qOrM.png

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hebeboard.aino.pk/	1969-12-31 23:59:59	Name: hebeboard_aino_pk Value: dda628e5cc0b841bb0e510eaea04388b
.aino.pk/	1970-01-20 18:33:59	Name: _ga Value: GA1.2.754385727.1645367585
.aino.pk/	1970-01-20 01:04:13	Name: _gid Value: GA1.2.931122495.1645367585
.aino.pk/	1970-01-20 01:02:47	Name: _gat Value: 1
.aino.pk/	1970-01-20 01:02:47	Name: _gat_gtag_UA_46789381_15 Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://pl15024262.performancetrustednetwork.com/92/4a/49/924a493b70390a3b05cf6950985a02a2.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://pl15024262.performancetrustednetwork.com/92/4a/49/924a493b70390a3b05cf6950985a02a2.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1337x2.xyz
23426.yulunanews.name
ad.jetx.info
afarkas.github.io
counter.jdi5.com
cricketlive.top
fagywalu.pro
fastcdn.jdi5.com
funnyfoto.me
hebeboard.aino.pk
i.wmgtr.com
imgcdn1.jdi5.com
js.cdnspace.io
jswww.net
pl15024262.performancetrustednetwork.com
stats.g.doubleclick.net
thumbs2.redgifs.com
widget.supercounters.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.supercounters.com
yfetyg.com
yqmxfz.com
i.wmgtr.com
109.206.162.211
109.206.168.17
172.104.29.90
192.243.59.20
2606:4700:3030::ac43:d46f
2606:4700:3032::6815:28ba
2606:4700:3033::6815:48f8
2606:4700::6812:4cf
2606:50c0:8000::153
2a00:1178:1:4b::f
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2004
2a00:1450:400c:c07::9c
2a02:b4a:1:7::5647:1
2a06:98c1:3120::7
2a06:98c1:3121::7
45.133.44.32
45.14.224.146
88.208.59.102
0396eec2b4a815e7a42ed0a18228c21329009cd98e8a91052a752cf045788d53
05a1d04b2c0783f11be95c939e4b79edf8e6cc60a09cb3d7ac81be7b86cc67f9
0d7ad6932f7d55be47dc2548fdd1d689a3422b66e2e04a1db7d54ba30571f015
10b314e4c99ddcad1b2856f825b9c9b224b0814aa78c71c77898319671d0e331
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384
3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b
4085508d90a4512cc68caa45f3b3825cdc3d38fab0a4131a501dca454f0bfe5d
53af4010907dde3cc86bd10a52303767c21d1f966970cbb5e6925fbc7cd0a872
65304c66bfd805303a9f973631c8b0261d4bbe8e9e9147ab2588b21609d91f55
6b02a42dd14ab4fb947ece314639d4645de8f4ccb71b930cef72d6c6a494d715
6b3e21e5623fc00f517c9cbd645d13d9772e3b393de338d8a2369be5961d0a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c9040a41add1fad1035572409a385ee9631c5cb5ee69b70cd51e28873b7f6e
8541fb2b7b7ffb11b622119c08bd73c98f952d8ba26dd11fc618d8e16befa64e
87fa87be4b03b1914a4c6c0cebc5f91524c02438180dbbafec334fb4ac11a143
8aebf796e2bcc817ad4229ed1d43348f3d47d08537e5236ca02b1a5f461ea284
8f530bfa2c38b91f1fc244604bb6db7381662a0a44f151bf368d310ced331442
8fadebf34b62137df841f30a0d7d150270fcfbca2834be2a8d10dddd04572ccc
946f17cbf7585ff68bf58c1ef9d340c59760d3b1a7ab4a264590ae10cc1b2294
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a35beb02ec53748f3412f9bec3f930dcdee5b61ff7e9e213c4485ade16778d54
ace588b62a69c5a3718fda119705eecaea091657694b940c26624a8eefeeae5b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b01052595d22238c23ad27dfb118270dc17124aa47731d3308824fbf182511b6
c0eb2e38cb049c5b42c6b5c772cda6e92dc94fd44e630ea3bc3e8a1229cd72a9
d31591c8871b4c5d45d93dfa78bfc59d42d77615c5497ce4df89910fb7e80083
dafb68eb1b7e9eba6f0bf51e631bf1cdabe2e75987807392d2323416d393068a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6df1568f93573ecc1d193c9c39581827dbe118bf6dd5161f0e69b12f4469e2d
e9342288e96520ac120076736ba71c4dafd9aba9cdbc476264e3652df6d2b6df
e9b281d1d3a53a42aaa13f8b0e5b332da80515dd3f010481193953038d8fa7ef
ea387078a0e1f789289fafdef72e344257cd4fbd2432f5b4cc1f52cedb119087
edd4a0f4ea98f12d77e0685101c958d43a6e7393fa74d26e6c0328c8784e89a2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f55305c1eb95d27c0b58235590a184a11b5093f7481b48862645b2dc45d458cf
fa5997379e1a33c2b34eb430a7959a6b0be7bbec223ef48a3da9510662121147

hebeboard.aino.pk Open in urlscan Pro 45.14.224.146 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

73 Requests

60 %HTTPS

67 %IPv6

22 Domains

25 Subdomains

21 IPs

4 Countries

1487 kBTransfer

8874 kBSize

5 Cookies

13 Outgoing links

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

hebeboard.aino.pk Open in urlscan Pro
45.14.224.146 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

60 %
HTTPS

67 %
IPv6

22
Domains

25
Subdomains

21
IPs

4
Countries

1487 kB
Transfer

8874 kB
Size

5
Cookies

73 HTTP transactions
0 data transactions