Submitted URL: http://sub-or-dom.com/
Effective URL: https://sub-or-dom.com/
Submission: On February 17 via api from US — Scanned from DE

Summary

This website contacted 16 IPs in 4 countries across 11 domains to perform 47 HTTP transactions. The main IP is 2606:4700:3030::ac43:a830, located in United States and belongs to CLOUDFLARENET, US. The main domain is sub-or-dom.com.
TLS certificate: Issued by E1 on January 4th 2024. Valid for: 3 months.
This is the only time sub-or-dom.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
25 sub-or-dom.com
sub-or-dom.com
3 MB
9 gstatic.com
fonts.gstatic.com
70 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 5654
562 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 113
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
2 KB
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2400
www.google.com — Cisco Umbrella Rank: 2
699 B
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 825
script.hotjar.com — Cisco Umbrella Rank: 1119
59 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 52
160 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 434
fonts.googleapis.com — Cisco Umbrella Rank: 48
7 KB
1 hotjar.io
content.hotjar.io — Cisco Umbrella Rank: 6936
161 B
1 thehubpeople.com
cdnc.thehubpeople.com
3 MB
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
31 KB
47 11
Domain Requested by
25 sub-or-dom.com 2 redirects sub-or-dom.com
9 fonts.gstatic.com fonts.googleapis.com
2 www.google.de sub-or-dom.com
2 www.googletagmanager.com sub-or-dom.com
www.googletagmanager.com
1 www.google.com sub-or-dom.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 content.hotjar.io script.hotjar.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 cdnc.thehubpeople.com sub-or-dom.com
1 static.hotjar.com sub-or-dom.com
1 fonts.googleapis.com ajax.googleapis.com
1 d3e54v103j8qbb.cloudfront.net sub-or-dom.com
1 ajax.googleapis.com sub-or-dom.com
47 15

This site contains links to these domains. Also see Links.

Domain
app.sub-or-dom.com
www.facebook.com
www.instagram.com
twitter.com
Subject Issuer Validity Valid
sub-or-dom.com
E1
2024-01-04 -
2024-04-03
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M03
2024-02-07 -
2025-03-08
a year crt.sh
sni2a284gl.wpc.edgecastcdn.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-13 -
2024-06-12
a year crt.sh
*.gstatic.com
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
www.google.de
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02
2024-01-31 -
2025-03-01
a year crt.sh
www.google.com
GTS CA 1C3
2024-01-29 -
2024-04-22
3 months crt.sh

This page contains 2 frames:

Primary Page: https://sub-or-dom.com/
Frame ID: 2897A1E1BD42719C4AEECCB355F14EAD
Requests: 46 HTTP requests in this frame

Frame: https://sub-or-dom.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js
Frame ID: 45B36084C06B6FA276A3D92B24313173
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

BDSM Dating

Page URL History Show full URLs

  1. http://sub-or-dom.com/ HTTP 301
    https://sub-or-dom.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

98 %
HTTPS

75 %
IPv6

11
Domains

15
Subdomains

16
IPs

4
Countries

6539 kB
Transfer

7394 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sub-or-dom.com/ HTTP 301
    https://sub-or-dom.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://sub-or-dom.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://sub-or-dom.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js

47 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
sub-or-dom.com/
Redirect Chain
  • http://sub-or-dom.com/
  • https://sub-or-dom.com/
32 KB
9 KB
Document
General
Full URL
https://sub-or-dom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:a830 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1acc67cfed4f67c5ac0164e8e11af67ca641a2ad48f63f5de82f07b7d08eac0b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
856f2b68ec173723-FRA
content-encoding
br
content-type
text/html
date
Sat, 17 Feb 2024 15:47:33 GMT
last-modified
Thu, 07 Dec 2023 15:49:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=La%2FRRn4RlY58OESmPvTWjAqCZauqgyAyOYL8GvA6l%2BRmjkjQL6ZHnpm4TnZI56Ao3U6%2F4aaWoLIDlAS%2FP94luJE9OCjk7nY6uJjEitN4TlFUe8ioV3C7Y43s%2BA2mWcxxwO77DxGqzHHy3cNdrA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
ASP.NET

Redirect headers

CF-RAY
856f2b689fe9381f-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sat, 17 Feb 2024 15:47:33 GMT
Expires
Sat, 17 Feb 2024 16:47:33 GMT
Location
https://sub-or-dom.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y254lmUPgnQfR0n1j1tdV7XmX16DhQlreDUDMUotbq4pyo70eCYgdFiT6%2FyOXmdINbvhhVv%2BEIr8tn9LHAwkzxKOsuDCEPUdPacpw0nsFXOgcOCpNyjDcXCM8oIotF1fK%2BmKI%2BNG82h4OrlFRg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
normalize.css
sub-or-dom.com/css/
8 KB
3 KB
Stylesheet
General
Full URL
https://sub-or-dom.com/css/normalize.css
Requested by
Host: sub-or-dom.com
URL: https://sub-or-dom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:a830 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
0d336a97efd52a4ef44ef3270e71eac24ba405d4450016f9d3e943256e9e58c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:47:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 07 Dec 2023 15:49:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"b58f24ea2429da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GAboJJRDkjbW0XHHQmSmREfH7IHtYgtHmLJrxImFXgIfTlq9QskEZ%2Fzn3wjettTahvUoy6%2FkC88DoikMc4Z4ZXdOdeD6eni31d%2BEk0Qhs7M8wzp6DRLozjRAoylQfQNP6R6IPjEgAXZL%2BC654w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
856f2b693cad3723-FRA
alt-svc
h3=":443"; ma=86400
components.css
sub-or-dom.com/css/
38 KB
10 KB
Stylesheet
General
Full URL
https://sub-or-dom.com/css/components.css
Requested by
Host: sub-or-dom.com
URL: https://sub-or-dom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:a830 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
dd80d7ede8d72aba0c61772b9be6b4a6574384691fdbafae5cc8d07915f3bd5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:47:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 07 Dec 2023 15:49:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"74e113ea2429da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7tThR4xnBRGHqQO4sHxLvQC0n8Pzh3Wz9Cnb1kldnaqFyHjQfdrrd1LZCtXP46x1xlBttcAruUgdtHdCfXp8IBNajkwlhVxdPUTY2TwrjDPlikshb%2B1tDHuKhfJb9%2BMlUuYVbYeuhTjsrsaJPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
856f2b693cae3723-FRA
alt-svc
h3=":443"; ma=86400
sub-or-dom-new.css
sub-or-dom.com/css/
138 KB
21 KB
Stylesheet
General
Full URL
https://sub-or-dom.com/css/sub-or-dom-new.css
Requested by
Host: sub-or-dom.com
URL: https://sub-or-dom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:a830 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
499fa558ea51a7acdadb775ace94a3475f215e73b24a04f0f92335638e662d3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:47:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 07 Dec 2023 15:49:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"bd2e3ea2429da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8iQBtuoTqLb3cE0KYAE3MUATHH3aTrF5IO5wkb76oXuHsP1SsWS3mtLX4EVhRFy4PxmuVERg9cUGbln5906kJEEYVpiHfxqEFOCqcwBlx0Ab8kNVB1JYBcTuJWiTT4XHmFiXxzwd7ceZukjEGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
856f2b693cb03723-FRA
alt-svc
h3=":443"; ma=86400
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/
13 KB
6 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: sub-or-dom.com
URL: https://sub-or-dom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 17:23:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
339851
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 17:23:22 GMT
js
www.googletagmanager.com/gtag/
243 KB
85 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-266QQSKMJ6
Requested by
Host: sub-or-dom.com
URL: https://sub-or-dom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bb3f983bc3f0e81d579dfb00e9235ffff3c481e20967289173a2d9bd3abdaa73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:47:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86164
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 17 Feb 2024 15:47:34 GMT
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/
87 KB
31 KB
Script
General
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=637215c7064487074a0cbcfc
Requested by
Host: sub-or-dom.com
URL: https://sub-or-dom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.232.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-232-39.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://sub-or-dom.com/
Origin
https://sub-or-dom.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 10:30:20 GMT
content-encoding
gzip
via
1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
age
19033
x-amz-cf-pop
FRA56-P4
x-cache
Hit from cloudfront
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
server
AmazonS3
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
_PA8IDrrZbfdDAG629XbdsTK-Pz9txQXuTxhmC31wzgsbP94HigMTw==
sub-or-dom-new.js
sub-or-dom.com/js/
223 KB
68 KB
Script
General
Full URL
https://sub-or-dom.com/js/sub-or-dom-new.js
Requested by
Host: sub-or-dom.com
URL: https://sub-or-dom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:a830 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
afc2b032cc1ae70893c66b163b6073eb187c2548fac1d3b4ec6897527a2224cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:47:34 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 07 Dec 2023 15:49:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"d62d3472529da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qw8GETPcHFanyyRVqH5LtDcTCuDh0n20KhoTwP7cxDW8S4Td6Nbhb6rv9sufwLEaXso6%2FkMpKqJxwSegVqHsibyrTfBeXq73UDL7z2StqYBohpSFUjtRBQjXD7kM%2Fc5Bf1HHO9gdI3qNCJgMWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
856f2b693cb23723-FRA
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins:100,200,300,regular,500,600,700,800,900
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
09313719aac77f2212a20217fe0e643375d02d26dc297d8f73a8de312d00429d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 17 Feb 2024 15:47:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 17 Feb 2024 15:47:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Feb 2024 15:47:34 GMT
hotjar-3478336.js
static.hotjar.com/c/
9 KB
4 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-3478336.js?sv=6
Requested by
Host: sub-or-dom.com
URL: https://sub-or-dom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-49.fra56.r.cloudfront.net
Software
/
Resource Hash
27a59396bbb7e607c114b5f5fca8923b9abc75420645d296e09b47b9a64ac96c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Sat, 17 Feb 2024 15:47:34 GMT
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/e27c271484eff1e9d33805360b112dfd
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
acNTi0bqMwL4SXjYSH_9FdOOnx-1hKNzZ1HRrLRwS66qYWj7NeczUQ==
home-bg.webp
sub-or-dom.com/images/
220 KB
220 KB
Image
General
Full URL
https://sub-or-dom.com/images/home-bg.webp
Requested by
Host: sub-or-dom.com
URL: https://sub-or-dom.com/css/sub-or-dom-new.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a830 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
30e7b56e4604a2947c7d01901ec4dab4889d2f1b8276f371f15cb10456dc3234

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/css/sub-or-dom-new.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:47:34 GMT
cf-cache-status
MISS
last-modified
Thu, 07 Dec 2023 15:49:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"a7d9ff32529da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Meyc0BWcegRQ%2B%2FgBLeJaNl2ugM%2FMpO286ZoIlP905Di5PYc5RoA%2Fqvt7a%2B%2BMfiF%2FYTE3DdLOyuAwt7h5dts1d2cxJgtKZNm580SXWp4oY5qSv1UvwjsHnNkJjmJWEvf5yBhwiswmI4PO9GI8UA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
accept-ranges
bytes
cf-ray
856f2b69994c3644-FRA
alt-svc
h3=":443"; ma=86400
content-length
224794
ezgif.com-gif-maker-10.webp
sub-or-dom.com/images/
24 KB
25 KB
Image
General
Full URL
https://sub-or-dom.com/images/ezgif.com-gif-maker-10.webp
Requested by
Host: sub-or-dom.com
URL: https://sub-or-dom.com/css/sub-or-dom-new.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a830 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
dd07ff4679ad4ece65760796318b67adcd8ff75ff48fdbbd71d1333d7b6adf5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/css/sub-or-dom-new.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:47:34 GMT
cf-cache-status
MISS
last-modified
Thu, 07 Dec 2023 15:49:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62ef70ea2429da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cONh5kcRXQxP1MbDQLNpcc2hg%2FrALEFslWJYES%2F7Cuydy2ygp9NMAB1qstbH2SoBeEL8VUBoY4H%2BaFVCcANuBzTRD2WaTY%2FfQez0W9BA85HEoAF5pAseNd8s9g8yHQTH5UjjY18pOT4mHAa%2FSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
accept-ranges
bytes
cf-ray
856f2b69a95a3644-FRA
alt-svc
h3=":443"; ma=86400
content-length
24872
ezgif.com-gif-maker-9.webp
sub-or-dom.com/images/
76 KB
77 KB
Image
General
Full URL
https://sub-or-dom.com/images/ezgif.com-gif-maker-9.webp
Requested by
Host: sub-or-dom.com
URL: https://sub-or-dom.com/css/sub-or-dom-new.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a830 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
713f713086f0d24488c33579e08dc7bf0212f8ba7e457cbea0bd1743de0aa59e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/css/sub-or-dom-new.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:47:34 GMT
cf-cache-status
MISS
last-modified
Thu, 07 Dec 2023 15:49:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"15fb9f42529da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNJxZi7sapH5yAU68I7ETgEYlI21faQfi4FKnbxLgkATwaFZTfmCoh2%2FOQ2t3LGNkfMFPN%2FeCUCf%2BQuMpKkHoDhTHLh3f4mTgmLm3yy2rJMgkQvScsW0vP81USi%2B81bXLeVZYdyggJsqX14b4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
accept-ranges
bytes
cf-ray
856f2b69a95f3644-FRA
alt-svc
h3=":443"; ma=86400
content-length
77890
ezgif.com-gif-maker-12.webp
sub-or-dom.com/images/
15 KB
16 KB
Image
General
Full URL
https://sub-or-dom.com/images/ezgif.com-gif-maker-12.webp
Requested by
Host: sub-or-dom.com
URL: https://sub-or-dom.com/css/sub-or-dom-new.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a830 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c5bd3efdd2e7e83c946ea480c59aa494541bedc251df6c7aaebcd994ca1c82d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/css/sub-or-dom-new.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:47:34 GMT
cf-cache-status
MISS
last-modified
Thu, 07 Dec 2023 15:49:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"9d3ec432529da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3NT88PsoxKOQOFn66AnJ%2FijNdKI%2FFlMFb8inBS%2F%2FvbOi8nMM5B5t5cuq64gKEryLWEzQ%2FcDz1Rxeb8nrBm7ncnvgIfqNa9og%2BY7z9WBgbiqnfEPtYSyP4vKOV0X1lSo%2BytZJky7A9I9D%2FyEfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
accept-ranges
bytes
cf-ray
856f2b69a9603644-FRA
alt-svc
h3=":443"; ma=86400
content-length
15796
Sub-or-dom.png
sub-or-dom.com/images/
14 KB
14 KB
Image
General
Full URL
https://sub-or-dom.com/images/Sub-or-dom.png
Requested by
Host: sub-or-dom.com
URL: https://sub-or-dom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a830 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
acd7e16352de6c6526a903d80563dc33a2d76e68732cac1ef305add68803296c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:47:34 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 07 Dec 2023 15:49:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"a1bed22529da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MX2kDDQTyIxzFH5A1ZtU6sE6TGNZsKuzHxKUlExGHG8AgFczEa2YuV%2BNZmlpjW9UnNPPC%2BNiIN3V4SmklR2mM8bFB%2FiLkKvxjeqYzWO4siD8TkMwLy3Ty%2BFP8RLPgoyoKDrvB3OUXnKpN5Cu8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
856f2b69b9763644-FRA
alt-svc
h3=":443"; ma=86400
content-length
13826
5279123_tweet_twitter_twitter-logo_icon-1.svg
sub-or-dom.com/images/
808 B
923 B
Image
General
Full URL
https://sub-or-dom.com/images/5279123_tweet_twitter_twitter-logo_icon-1.svg
Requested by
Host: sub-or-dom.com
URL: https://sub-or-dom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a830 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8e87cb83c4df5ad8732f8e49945f00197dde7a42fb0f3c1e50ddea3322550be3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:47:34 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 07 Dec 2023 15:49:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"cfcc842529da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJNHVoSB9uE7n9kjcLNw2zDINKo75CEuaZNd8ZpD1OQv4SBq9n4GT%2FnoamnCOcEEXDvM4jqMpqYQ1IqfMLqo%2BRz9c0vcyKwvHC8HvJXBLBB0kpG%2FHbmTDhenVwhW4XaGZWBoD%2BKT63oBty0vWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cf-ray
856f2b69b9793644-FRA
alt-svc
h3=":443"; ma=86400
Group-3.svg
sub-or-dom.com/images/
1 KB
1 KB
Image
General
Full URL
https://sub-or-dom.com/images/Group-3.svg
Requested by
Host: sub-or-dom.com
URL: https://sub-or-dom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a830 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
31a43b6b1109fc343682133f74a1332fcfa96577975b0ffa62a6c04d974312a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:47:34 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 07 Dec 2023 15:49:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"368f11fa2429da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=64Ud0IYGh5PolAO4kB88FpVl50qpOJP7xXxZAHYyoQA%2FRr6C%2F3gwnL1e3OXsXuzu0UXijWyhOwJzsIEdUes6eIJvUcV5tKTY2d3q9wacsajWMgYxpK33zsL98O1UyZEjq9VeHV5n0AgxJAkiOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cf-ray
856f2b69b97e3644-FRA
alt-svc
h3=":443"; ma=86400
Group-4.svg
sub-or-dom.com/images/
2 KB
1 KB
Image
General
Full URL
https://sub-or-dom.com/images/Group-4.svg
Requested by
Host: sub-or-dom.com
URL: https://sub-or-dom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a830 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6044ecf76142d3e21715390d4ae6387f603f47c43784216808d5011d7c45226c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:47:34 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 07 Dec 2023 15:49:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"b4c465f42429da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KSKRXFLUOE5z8FCwnX2pzZOhZzWHszz4LM97gajNSQlFU4moJkDuLIkCW%2Fzz5v%2FP07%2FKCuTREKucNUa7KOvJcoaiU2nnn3ST8an7xL7jkopgVmmyUvq%2BewzkMMlyYauLWJDwRaryAIAHjbz4FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cf-ray
856f2b69b97f3644-FRA
alt-svc
h3=":443"; ma=86400
Subtraction-1.svg
sub-or-dom.com/images/
1 KB
1 KB
Image
General
Full URL
https://sub-or-dom.com/images/Subtraction-1.svg
Requested by
Host: sub-or-dom.com
URL: https://sub-or-dom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a830 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5f38e4fca3f8d9eadf5bee6da378abfe9166ff3bd560a9fb5e6fa1c3e3c7b4ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:47:34 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 07 Dec 2023 15:49:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"dcc25ef2429da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zwUgP%2BEfyqCi08NPf7BJVtXTbCVAZmCkeyMq%2Bh7Q0Q%2B4AylLS2mHOH387NAJRisvoXLbWIsiM6wIU%2F0q3PqczTySnZIJJG0BkVZSu14g7dm7bH%2BSrvYivpl7JFpgrJZPVZrYIz4PlbwtmAtxaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cf-ray
856f2b69b9803644-FRA
alt-svc
h3=":443"; ma=86400
ezgif.com-gif-maker-18-p-1600.webp
sub-or-dom.com/images/
28 KB
28 KB
Image
General
Full URL
https://sub-or-dom.com/images/ezgif.com-gif-maker-18-p-1600.webp
Requested by
Host: sub-or-dom.com
URL: https://sub-or-dom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a830 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3991757cce45cf99b0d0b2b302f8c4d396c898241ee937d06b80b1dc1ca3b828

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:47:34 GMT
cf-cache-status
MISS
last-modified
Thu, 07 Dec 2023 15:49:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"c6c1c52529da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KZs5VlMuzNq7G45gpklYV%2BNeGvoIWMufDUk9%2BZCs9lb%2Bm4MYQfsElIapVdSdY33a8CBr1F2cNPWZlo0hmudhTcFgTmPiy8IuaVLJDC5oNPg2RFm43jf16pifwUarX0eJj5jzGExhnziZcJKqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
accept-ranges
bytes
cf-ray
856f2b69b9843644-FRA
alt-svc
h3=":443"; ma=86400
content-length
28650
ezgif.com-gif-maker-13.webp
sub-or-dom.com/images/
68 KB
68 KB
Image
General
Full URL
https://sub-or-dom.com/images/ezgif.com-gif-maker-13.webp
Requested by
Host: sub-or-dom.com
URL: https://sub-or-dom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a830 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d3568ebb601aa4c56513c167e60d94a750c41bc291e9bfbc95ea481d7603e7de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:47:34 GMT
cf-cache-status
MISS
last-modified
Thu, 07 Dec 2023 15:49:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"36908262529da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8mBbICt3X2bnluqRtIsflK8uTTTLNA7ln%2BmKYYgsVOdkc6Sykmiqc6TA3yxtDwNBopcclPYtTqCgNajxhLRYS4IY75600DnDt2sJkqzYZNafmr%2FP9l9f13BCeOih2LF%2F%2FV0M3FnZ2bRHESE7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
accept-ranges
bytes
cf-ray
856f2b69b9853644-FRA
alt-svc
h3=":443"; ma=86400
content-length
69356
ezgif.com-gif-maker-14.webp
sub-or-dom.com/images/
37 KB
37 KB
Image
General
Full URL
https://sub-or-dom.com/images/ezgif.com-gif-maker-14.webp
Requested by
Host: sub-or-dom.com
URL: https://sub-or-dom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a830 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b7e26c1a29572768b55b11bf93954f5576d3b2973ffea63d77aed5120c928a3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:47:34 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 07 Dec 2023 15:49:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"f78c19fd2429da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dpdLbLac1sFrK3SwS5JnWpis14%2F5dy7oMDsfXSsqQeSb3fLdXANswHc9QnPGmgtaWexxfTMU8geAmH7f8BzzTAuB1jErk00lgSIBzZDsHTOy1EZrolEK%2F0oUcc3x%2BQM9J2LQwAelLlP3PEla4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
accept-ranges
bytes
cf-ray
856f2b69b9883644-FRA
alt-svc
h3=":443"; ma=86400
content-length
37438
ezgif.com-gif-maker-11.webp
sub-or-dom.com/images/
84 KB
85 KB
Image
General
Full URL
https://sub-or-dom.com/images/ezgif.com-gif-maker-11.webp
Requested by
Host: sub-or-dom.com
URL: https://sub-or-dom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a830 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cdd12592d86e8fb2fe3aea04c96f79671dd5a3c62b5368566526e610960c19b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:47:34 GMT
cf-cache-status
MISS
last-modified
Thu, 07 Dec 2023 15:49:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"43ce3bf12429da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2WGTP5s2a13%2F8PZ%2FLF11KKR0d%2Bi4AeCqGzZP3X8Fw1poV15tf3%2BuS8X7Dx%2Fd%2FQB5xFljaOHTRojUwji3OU2oIwJO%2BRbRHxE4CTz2IBS4L7IfMoDvGZluNu7vjFEiPQp%2FPDC4%2B%2BYm9LMf4yBUww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
accept-ranges
bytes
cf-ray
856f2b69b98b3644-FRA
alt-svc
h3=":443"; ma=86400
content-length
86230
bdsm12x.png
sub-or-dom.com/images/
1 MB
1 MB
Image
General
Full URL
https://sub-or-dom.com/images/bdsm12x.png
Requested by
Host: sub-or-dom.com
URL: https://sub-or-dom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a830 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e64c2a2cb6f5c2296e503b7cb9136bb4226d7b6a08f83dad5b2e4c352cd5b914

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:47:34 GMT
cf-cache-status
MISS
last-modified
Thu, 07 Dec 2023 15:49:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"b34f1fc2429da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y571FJTja8yrY%2BPIiJI6KWP9%2FHodMD3HD80ehqTlQ5dRDjKkD0p06IeBb4hz%2F7N10vZFozumqA9ynhQtXgMEZNa0fTAHKvsjREP%2F%2Bz4N02znU6MnFid3JBRWveAUT9TkGaMEMM9UDzYPg47fFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
856f2b69b98c3644-FRA
alt-svc
h3=":443"; ma=86400
content-length
1349936
Quotes-1_1Quotes-1.png
sub-or-dom.com/images/
1 KB
1 KB
Image
General
Full URL
https://sub-or-dom.com/images/Quotes-1_1Quotes-1.png
Requested by
Host: sub-or-dom.com
URL: https://sub-or-dom.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a830 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:47:34 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXjUnWTF6iCERBLWtSjWRNTfM6MgW05IwoCu1dJBGtB6LVPYiA7gpvwhjLv4c3xSvAyZ6msAY7L5kdacWMKKraG77uKBfrOcGybdAHoqRRZA6fzR0twT1V77hE0tIGg2gOabzw%2BnNj9SGezRog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
856f2b69b98e3644-FRA
alt-svc
h3=":443"; ma=86400
desktop-video.mp4
cdnc.thehubpeople.com/video/sub-or-dom/
3 MB
3 MB
Media
General
Full URL
https://cdnc.thehubpeople.com/video/sub-or-dom/desktop-video.mp4
Requested by
Host: sub-or-dom.com
URL: https://sub-or-dom.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48B6) / ASP.NET
Resource Hash
56b1d07a887b55ee9de1bdf5f686c77604f67907c94cd941c5e49804f863b50e

Request headers

Referer
https://sub-or-dom.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 17 Feb 2024 15:47:34 GMT
last-modified
Thu, 15 Dec 2022 12:37:06 GMT
server
ECAcc (ama/48B6)
age
36534
etag
"66d24df18110d91:0"
x-powered-by
ASP.NET
x-cache
HIT
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-3464163/3464164
accept-ranges
bytes
Content-Length
3464164
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,200,300,regular,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sub-or-dom.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 08:55:56 GMT
x-content-type-options
nosniff
age
370298
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 08:55:56 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,200,300,regular,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sub-or-dom.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 22:10:19 GMT
x-content-type-options
nosniff
age
149835
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Feb 2025 22:10:19 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,200,300,regular,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sub-or-dom.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 08:59:28 GMT
x-content-type-options
nosniff
age
370086
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 08:59:28 GMT
pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
7 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLBT5Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,200,300,regular,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sub-or-dom.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 09:05:06 GMT
x-content-type-options
nosniff
age
369748
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7632
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:09:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 09:05:06 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,200,300,regular,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sub-or-dom.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 03:51:59 GMT
x-content-type-options
nosniff
age
302135
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Feb 2025 03:51:59 GMT
main.js
sub-or-dom.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/ Frame 45B3
Redirect Chain
  • https://sub-or-dom.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://sub-or-dom.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js
8 KB
4 KB
Script
General
Full URL
https://sub-or-dom.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js
Requested by
Host: sub-or-dom.com
URL: https://sub-or-dom.com/
Protocol
H3
Server
2606:4700:3030::ac43:a830 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5e43317525b6512cc61fd07a68fa5fd5ec908c7a090e803e0a5780fa3e1d0e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:47:34 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FclVhS2tap1oftCK24HtHv93fjtleoYBsC0yBR%2B13wIseCU%2F0b5Kmy9cUGzaTsI%2Ba7T5Tg7MU1jDRa71jiZCDYXz3lo%2Bo2jiaU%2BYfxd%2B7P5O%2Fbh1FWALk3fOAcpwOHCUzgjwHu1XvTSC01qeiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
856f2b6afb8a3644-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 17 Feb 2024 15:47:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6qDd4Pkozu5iDz91HFeXjq2Lk4A004Ek2cCFkw3qyfTjOCuDgIZadKAaXmBcMlQxb1v46pqw7cJk7rLno5iamzr2u%2BStmDPxHgdtsni6VQqN3uo4A9L%2FlXxS989Xejpt8wxabMX%2FmI7mj8P2jg%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/16c3caa4cd49/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
856f2b6a4a563644-FRA
alt-svc
h3=":443"; ma=86400
pxiGyp8kv8JHgFVrLPTucHtA.woff2
fonts.gstatic.com/s/poppins/v20/
7 KB
7 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrLPTucHtA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,200,300,regular,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9220f99b916978e5d7934b73be5ab91444871ba52a89032e4dd90e42b0a96e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sub-or-dom.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 05:13:12 GMT
x-content-type-options
nosniff
age
383662
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7484
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:12:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 05:13:12 GMT
pxiByp8kv8JHgFVrLFj_Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLFj_Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,200,300,regular,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f0c572590421075878908e0b380c5a6d404f72aa7d6d125385943be658f8399
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sub-or-dom.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 00:14:54 GMT
x-content-type-options
nosniff
age
401560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7932
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:10:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 00:14:54 GMT
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,200,300,regular,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sub-or-dom.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 08:55:25 GMT
x-content-type-options
nosniff
age
370329
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7840
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 08:55:25 GMT
pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,200,300,regular,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sub-or-dom.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 08:51:31 GMT
x-content-type-options
nosniff
age
370563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7824
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:52:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 08:51:31 GMT
truncated
/
2 KB
2 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4

Request headers

Referer
Origin
https://sub-or-dom.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
application/x-font-ttf;charset=utf-8
modules.e9ecc540a57d29aebf45.js
script.hotjar.com/
218 KB
55 KB
Script
General
Full URL
https://script.hotjar.com/modules.e9ecc540a57d29aebf45.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3478336.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-54.fra56.r.cloudfront.net
Software
/
Resource Hash
0f8aa5e7a5e9ccfec4b7c9f5e45308da58b758b347035a808e42bfea00c222cd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 17:16:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
167488
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55332
last-modified
Thu, 15 Feb 2024 17:15:35 GMT
etag
"c0fd02d44d882dfd953692a5d13e7049"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
7v-2H9teuCd36krMo0HJ7JXuwtzz3ki0DYAi7bpauYdKuqa7U1C70w==
collect
region1.analytics.google.com/g/
0
244 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-266QQSKMJ6&gtm=45je42e0v898312821za200&_p=1708184854016&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=2108511129.1708184854&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708184854&sct=1&seg=0&dl=https%3A%2F%2Fsub-or-dom.com%2F&dt=BDSM%20Dating&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=482
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-266QQSKMJ6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 15:47:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sub-or-dom.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
244 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-266QQSKMJ6&cid=2108511129.1708184854&gtm=45je42e0v898312821za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-266QQSKMJ6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 15:47:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sub-or-dom.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
210 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11044889158&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-266QQSKMJ6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
359e90e2fa223359bdf0a7879b4038bd5f08685a2c605c951540ce7e460c52a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:47:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77124
x-xss-protection
0
last-modified
Sat, 17 Feb 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 17 Feb 2024 15:47:34 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-266QQSKMJ6&cid=2108511129.1708184854&gtm=45je42e0v898312821za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=267862433
Requested by
Host: sub-or-dom.com
URL: https://sub-or-dom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 15:47:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
856f2b68ec173723
sub-or-dom.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 45B3
0
602 B
XHR
General
Full URL
https://sub-or-dom.com/cdn-cgi/challenge-platform/h/g/jsd/r/856f2b68ec173723
Requested by
Host: sub-or-dom.com
URL: https://sub-or-dom.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a830 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 17 Feb 2024 15:47:34 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHF4mt%2BWvuSKNKGsfIY36IMRKwZGUEhrsmqcIF7EMjbHc9jOPUwj0RNT3gPVj4edcrCXKNwsSjriHtRFoUc9TXcpOTgS4nYGA%2FF6p2DFj80ncDVtupWbB5oU503SzGjcttCYo8JhgEAPG0HS%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
856f2b6bed5e3644-FRA
alt-svc
h3=":443"; ma=86400
/
content.hotjar.io/
56 B
161 B
XHR
General
Full URL
https://content.hotjar.io/?site_id=3478336&gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e9ecc540a57d29aebf45.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.171.140.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-140-32.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6e2ec6b1d2b8a7a7a5a0970fec5cf05e9b14a631d0354b70fa29c9ec52ba7d6d

Request headers

Referer
https://sub-or-dom.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 17 Feb 2024 15:47:34 GMT
content-length
56
vary
Origin
content-type
application/json
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11044889158/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11044889158/?random=1708184854437&cv=11&fst=1708184854437&bg=ffffff&guid=ON&async=1&gtm=45be42e0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsub-or-dom.com%2F&hn=www.googleadservices.com&frm=0&tiba=BDSM%20Dating&npa=0&pscdl=noapi&auid=1413266291.1708184854&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11044889158&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cdf4140922761cd55a90140c5f4927537360d3c2033071345e49b6224381614
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 15:47:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1278
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/11044889158/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/11044889158/?random=1708184854437&cv=11&fst=1708182000000&bg=ffffff&guid=ON&async=1&gtm=45be42e0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsub-or-dom.com%2F&frm=0&tiba=BDSM%20Dating&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_BCoYDb1Hx_e51iQZKbwm8bTYZNZohQ&random=930463266&rmt_tld=0&ipr=y
Requested by
Host: sub-or-dom.com
URL: https://sub-or-dom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 15:47:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/11044889158/
42 B
154 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/11044889158/?random=1708184854437&cv=11&fst=1708182000000&bg=ffffff&guid=ON&async=1&gtm=45be42e0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsub-or-dom.com%2F&frm=0&tiba=BDSM%20Dating&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_BCoYDb1Hx_e51iQZKbwm8bTYZNZohQ&random=930463266&rmt_tld=1&ipr=y
Requested by
Host: sub-or-dom.com
URL: https://sub-or-dom.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 15:47:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bdsm2x.png
sub-or-dom.com/images/
813 KB
814 KB
Image
General
Full URL
https://sub-or-dom.com/images/bdsm2x.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a830 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6c91bdb8a4264a6e89506afc43911fe34657dff3cc4ea03db3d61e2c26d42cbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sub-or-dom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 15:47:37 GMT
cf-cache-status
MISS
last-modified
Thu, 07 Dec 2023 15:49:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"c0c4a602529da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8k1nv8u2m7horTgEzlUnHlHnecYQD3ND0Sc8NHYmx%2B7WE6ymbTBdQt4mTuHORsfNng1S6vVwhFXS33SdC1xXSL7xaTtfpoVfTdXYYAR5RUHin6553D7X8bzlqWALQ8RHDFcHb%2BbvsuLE7G6XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
856f2b7e9dde3644-FRA
alt-svc
h3=":443"; ma=86400
content-length
832645

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| WebFont function| gtag object| dataLayer function| hj object| _hjSettings function| $ function| jQuery function| tram object| Webflow function| setPopupCookie function| getPopupCookie object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| google_tag_manager object| google_tag_data object| gaGlobal object| GooglebQhCsO

8 Cookies

Domain/Path Name / Value
sub-or-dom.com/ Name: hubp-lander
Value: 2b0cfb5bf8ccc5d1caa9774ee7dc515c
.sub-or-dom.com/ Name: _ga_266QQSKMJ6
Value: GS1.1.1708184854.1.0.1708184854.60.0.0
.sub-or-dom.com/ Name: _ga
Value: GA1.1.2108511129.1708184854
.sub-or-dom.com/ Name: _hjSessionUser_3478336
Value: eyJpZCI6Ijg3ZWJjYmQ5LTE4YmMtNTIwMi1iYzgxLTUxNzZmODExYjU0MSIsImNyZWF0ZWQiOjE3MDgxODQ4NTQ0MDcsImV4aXN0aW5nIjp0cnVlfQ==
.sub-or-dom.com/ Name: _hjSession_3478336
Value: eyJpZCI6IjUyOTgzZjg5LTg0OGItNGJhZi05NmIyLTc1MDMwYWQ0OWIzMyIsImMiOjE3MDgxODQ4NTQ0MDgsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.sub-or-dom.com/ Name: cf_clearance
Value: yHvq9ui9.jnl7xWIkgCebi4I3VHi_es4a_5VInuG1Ew-1708184854-1.0-AUxk9u3HKWlGk+DC1lGQ9mxgGZONY77C22ISTjasTXNrtxZ4ZDrPkHbt4m3tYAtavLBCiu1jRGMGyeZiHqISXuE=
.sub-or-dom.com/ Name: _gcl_au
Value: 1.1.1413266291.1708184854
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

3 Console Messages

Source Level URL
Text
rendering warning URL: https://sub-or-dom.com/
Message:
Specifying 'overflow: visible' on img, video and canvas tags may cause them to produce visual content outside of the element bounds. See https://github.com/WICG/view-transitions/blob/main/debugging_overflow_on_images.md for details.
network error URL: https://sub-or-dom.com/images/Quotes-1_1Quotes-1.png
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://sub-or-dom.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnc.thehubpeople.com
content.hotjar.io
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
region1.analytics.google.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
sub-or-dom.com
www.google.com
www.google.de
www.googletagmanager.com
13.32.27.54
18.66.97.49
2001:4860:4802:32::36
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:3030::ac43:a830
2606:4700:3036::6815:19ee
2a00:1450:4001:806::2008
2a00:1450:4001:808::2002
2a00:1450:4001:81c::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9d
52.222.232.39
54.171.140.32
09313719aac77f2212a20217fe0e643375d02d26dc297d8f73a8de312d00429d
0d336a97efd52a4ef44ef3270e71eac24ba405d4450016f9d3e943256e9e58c8
0f8aa5e7a5e9ccfec4b7c9f5e45308da58b758b347035a808e42bfea00c222cd
17ea10196a490a8d3b8da162c7d4af9c301c5229f70af90dad6fa33eb951d83f
1acc67cfed4f67c5ac0164e8e11af67ca641a2ad48f63f5de82f07b7d08eac0b
27a59396bbb7e607c114b5f5fca8923b9abc75420645d296e09b47b9a64ac96c
2d5e43317525b6512cc61fd07a68fa5fd5ec908c7a090e803e0a5780fa3e1d0e
30e7b56e4604a2947c7d01901ec4dab4889d2f1b8276f371f15cb10456dc3234
31a43b6b1109fc343682133f74a1332fcfa96577975b0ffa62a6c04d974312a4
359e90e2fa223359bdf0a7879b4038bd5f08685a2c605c951540ce7e460c52a7
3991757cce45cf99b0d0b2b302f8c4d396c898241ee937d06b80b1dc1ca3b828
499fa558ea51a7acdadb775ace94a3475f215e73b24a04f0f92335638e662d3b
56b1d07a887b55ee9de1bdf5f686c77604f67907c94cd941c5e49804f863b50e
5f38e4fca3f8d9eadf5bee6da378abfe9166ff3bd560a9fb5e6fa1c3e3c7b4ae
6044ecf76142d3e21715390d4ae6387f603f47c43784216808d5011d7c45226c
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
6c91bdb8a4264a6e89506afc43911fe34657dff3cc4ea03db3d61e2c26d42cbd
6e2ec6b1d2b8a7a7a5a0970fec5cf05e9b14a631d0354b70fa29c9ec52ba7d6d
6f0c572590421075878908e0b380c5a6d404f72aa7d6d125385943be658f8399
713f713086f0d24488c33579e08dc7bf0212f8ba7e457cbea0bd1743de0aa59e
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8cdf4140922761cd55a90140c5f4927537360d3c2033071345e49b6224381614
8e87cb83c4df5ad8732f8e49945f00197dde7a42fb0f3c1e50ddea3322550be3
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4
a9220f99b916978e5d7934b73be5ab91444871ba52a89032e4dd90e42b0a96e1
acd7e16352de6c6526a903d80563dc33a2d76e68732cac1ef305add68803296c
afc2b032cc1ae70893c66b163b6073eb187c2548fac1d3b4ec6897527a2224cf
b7e26c1a29572768b55b11bf93954f5576d3b2973ffea63d77aed5120c928a3f
bb3f983bc3f0e81d579dfb00e9235ffff3c481e20967289173a2d9bd3abdaa73
c5bd3efdd2e7e83c946ea480c59aa494541bedc251df6c7aaebcd994ca1c82d0
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cdd12592d86e8fb2fe3aea04c96f79671dd5a3c62b5368566526e610960c19b0
d3568ebb601aa4c56513c167e60d94a750c41bc291e9bfbc95ea481d7603e7de
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
dd07ff4679ad4ece65760796318b67adcd8ff75ff48fdbbd71d1333d7b6adf5e
dd80d7ede8d72aba0c61772b9be6b4a6574384691fdbafae5cc8d07915f3bd5f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64c2a2cb6f5c2296e503b7cb9136bb4226d7b6a08f83dad5b2e4c352cd5b914
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d