downfscr.xyz Open in urlscan Pro
2606:4700:3037::ac43:cd20 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://downfscr.xyz/
Submission: On March 13 via manual (March 13th 2023, 12:52:16 pm UTC) from US — Scanned from DE

Summary HTTP 99 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 21 domains to perform 99 HTTP transactions. The main IP is 2606:4700:3037::ac43:cd20, located in United States and belongs to CLOUDFLARENET, US. The main domain is downfscr.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 28th 2023. Valid for: a year.

This is the only time downfscr.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:303... 2606:4700:3037::ac43:cd20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.243.59.13 192.243.59.13	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	23.109.87.203 23.109.87.203	7979 (SERVERS-COM) (SERVERS-COM)
23	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3037::ac43:bd78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3038::6815:eb94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
5	172.255.6.212 172.255.6.212	7979 (SERVERS-COM) (SERVERS-COM)
2	139.45.197.242 139.45.197.242	9002 (RETN-AS) (RETN-AS)
7	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 23	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
5 10	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::ac43:8e31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	174.137.133.18 174.137.133.18	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	130.211.31.231 130.211.31.231	15169 (GOOGLE) (GOOGLE)
3	173.233.137.44 173.233.137.44	7979 (SERVERS-COM) (SERVERS-COM)
1	2a02:6b8::346 2a02:6b8::346	208722 (GLOBAL_DC) (GLOBAL_DC)
99	21

5 2606:4700:3037::ac43:cd20 (United States)

ASN13335 (CLOUDFLARENET, US)

downfscr.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

profitablegatetocontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.109.87.203 (Netherlands)

ASN7979 (SERVERS-COM, US)

bleokerrie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

shavetape.cash	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.adforcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::ac43:bd78 (United States)

ASN13335 (CLOUDFLARENET, US)

superonclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:eb94 (United States)

ASN13335 (CLOUDFLARENET, US)

thumb.tapecontent.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.255.6.212 (Netherlands)

ASN7979 (SERVERS-COM, US)

aa.samaniclucked.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.242 (United Kingdom)

ASN9002 (RETN-AS, GB)

arsnivyr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a06:98c1:3120::3 (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

zimpolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:8e31 (United States)

ASN13335 (CLOUDFLARENET, US)

ufpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 174.137.133.18 (United States)

ASN27257 (WEBAIR-INTERNET, US)

xml.popmonetizer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.31.231 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 231.31.211.130.bc.googleusercontent.com

discovernative.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.233.137.44 (United States)

ASN7979 (SERVERS-COM, US)

lazypeacefullyutterly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::346 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

adfstat.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	yandex.com 1 redirects mc.yandex.com — Cisco Umbrella Rank: 9360	6 KB
18	shavetape.cash shavetape.cash	372 KB
10	zimpolo.com 5 redirects zimpolo.com — Cisco Umbrella Rank: 124809	5 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	410 KB
6	yandex.ru mc.yandex.ru — Cisco Umbrella Rank: 3749 adfstat.yandex.ru — Cisco Umbrella Rank: 26139	364 KB
5	popmonetizer.net xml.popmonetizer.net — Cisco Umbrella Rank: 136725	825 B
5	adforcast.com a.adforcast.com — Cisco Umbrella Rank: 153683	3 KB
5	samaniclucked.com aa.samaniclucked.com — Cisco Umbrella Rank: 176180
5	downfscr.xyz downfscr.xyz	41 KB
3	lazypeacefullyutterly.com lazypeacefullyutterly.com — Cisco Umbrella Rank: 381923
3	google.com www.google.com — Cisco Umbrella Rank: 2	27 KB
2	arsnivyr.com arsnivyr.com — Cisco Umbrella Rank: 127863	305 B
2	superonclick.com superonclick.com — Cisco Umbrella Rank: 267795	6 KB
1	discovernative.com discovernative.com — Cisco Umbrella Rank: 330197	103 B
1	ufpcdn.com ufpcdn.com — Cisco Umbrella Rank: 193671	1 KB
1	tapecontent.net thumb.tapecontent.net — Cisco Umbrella Rank: 151288	286 KB
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 32	5 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104	48 KB
1	bleokerrie.com bleokerrie.com	1 KB
1	profitablegatetocontent.com profitablegatetocontent.com — Cisco Umbrella Rank: 156313
0	acertb.com Failed xml.acertb.com Failed
99	21

	Domain	Requested by
18	mc.yandex.com	1 redirects shavetape.cash mc.yandex.ru
18	shavetape.cash	downfscr.xyz shavetape.cash
10	zimpolo.com	5 redirects shavetape.cash
7	www.gstatic.com	shavetape.cash www.google.com www.gstatic.com
5	xml.popmonetizer.net	shavetape.cash
5	a.adforcast.com	shavetape.cash
5	mc.yandex.ru	shavetape.cash
5	aa.samaniclucked.com	shavetape.cash
5	downfscr.xyz	downfscr.xyz
3	lazypeacefullyutterly.com	shavetape.cash
3	www.google.com	shavetape.cash www.gstatic.com www.google.com
2	fonts.gstatic.com	www.google.com
2	arsnivyr.com	shavetape.cash
2	superonclick.com	downfscr.xyz
1	adfstat.yandex.ru
1	discovernative.com	downfscr.xyz
1	ufpcdn.com	superonclick.com
1	thumb.tapecontent.net	shavetape.cash
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	pagead2.googlesyndication.com	downfscr.xyz
1	bleokerrie.com	downfscr.xyz
1	profitablegatetocontent.com	downfscr.xyz
0	xml.acertb.com Failed	shavetape.cash
99	23

This site contains links to these domains. Also see Links.

Domain
discovernative.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-28` - `2024-01-28`	a year	crt.sh
profitablegatetocontent.com R3	`2023-02-28` - `2023-05-29`	3 months	crt.sh
bleokerrie.com R3	`2023-03-03` - `2023-06-01`	3 months	crt.sh
*.shavetape.cash GTS CA 1P5	`2023-03-01` - `2023-05-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
aa.samaniclucked.com R3	`2023-01-10` - `2023-04-10`	3 months	crt.sh
arsnivyr.com R3	`2023-03-06` - `2023-06-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.zimpolo.com GTS CA 1P5	`2023-03-05` - `2023-06-03`	3 months	crt.sh
*.adforcast.com GTS CA 1P5	`2023-02-25` - `2023-05-26`	3 months	crt.sh
*.popmonetizer.net Sectigo RSA Domain Validation Secure Server CA	`2023-01-09` - `2024-01-09`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
discovernative.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-30` - `2024-01-30`	a year	crt.sh
lazypeacefullyutterly.com R3	`2023-02-22` - `2023-05-23`	3 months	crt.sh
adfstat.yandex.ru GlobalSign RSA OV SSL CA 2018	`2023-02-15` - `2023-08-15`	6 months	crt.sh

This page contains 16 frames:

Primary Page: https://downfscr.xyz/
Frame ID: A25F589276C77B1C81D0B9127FD98D0F
Requests: 11 HTTP requests in this frame

Frame: https://shavetape.cash/blocked
Frame ID: F3855FF9A1F64DE2A9A695B0F547697E
Requests: 57 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20190131/zrt_lookup.html
Frame ID: 516143D2708498AC0F443B439C223705
Requests: 1 HTTP requests in this frame

Frame: https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183
Frame ID: 8BDF100CB49EFF8C0C11C54750CBF903
Requests: 2 HTTP requests in this frame

Frame: https://xml.acertb.com/redirect?feed=489656&auth=h8OGfp&pubid=158935
Frame ID: 2EF3048C08BBAF73BB5724113A60E04E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs&co=aHR0cHM6Ly9zaGF2ZXRhcGUuY2FzaDo0NDM.&hl=de&v=MuIyr8Ej74CrXhJDQy37RPBe&size=invisible&cb=6gsx1g7nrr9e
Frame ID: 420B63F8C3E03E86DA6A94ED5D85D47C
Requests: 7 HTTP requests in this frame

Frame: https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 2126BCC7B30488C5F744D63FB646A91F
Requests: 1 HTTP requests in this frame

Frame: https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183
Frame ID: 6A697BA7B4AAD5A241CD2377D6413EF8
Requests: 2 HTTP requests in this frame

Frame: https://xml.acertb.com/redirect?feed=489656&auth=h8OGfp&pubid=158935
Frame ID: 4E2E77569914282F4DB6D96F1D7721E9
Requests: 2 HTTP requests in this frame

Frame: https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183
Frame ID: C410E62DF0BFBE5A49A6E0BA119572C5
Requests: 2 HTTP requests in this frame

Frame: https://xml.acertb.com/redirect?feed=489656&auth=h8OGfp&pubid=158935
Frame ID: 530C62D0E7F30E3C778765C087176905
Requests: 2 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 884BC1DD650736E5B7739BE874C73DDB
Requests: 2 HTTP requests in this frame

Frame: https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183
Frame ID: 2CCD86DC079002268DB0DC7E930A9153
Requests: 2 HTTP requests in this frame

Frame: https://xml.acertb.com/redirect?feed=489656&auth=h8OGfp&pubid=158935
Frame ID: D5EA33A463BC78889163B1732555CDCA
Requests: 2 HTTP requests in this frame

Frame: https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183
Frame ID: EF62941D184EE22EF93F034EDC18D103
Requests: 2 HTTP requests in this frame

Frame: https://xml.acertb.com/redirect?feed=489656&auth=h8OGfp&pubid=158935
Frame ID: 64F93BE057FDC2C324848EC2916CE9D7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dochetel… embed source streamtape | Embed Videos Online Free

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

99
Requests

92 %
HTTPS

65 %
IPv6

21
Domains

23
Subdomains

21
IPs

5
Countries

1573 kB
Transfer

3883 kB
Size

13
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://discovernative.com/al/visit.php?al=1,7

Search URL Search Domain Scan URL

URL: https://discovernative.com/al/visit.php?al=1,4

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://zimpolo.com/load HTTP 302
https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183

Request Chain 30

https://a.adforcast.com/load HTTP 302
https://xml.acertb.com/redirect?feed=489656&auth=h8OGfp&pubid=158935

Request Chain 37

https://mc.yandex.com/watch/61426822?wmode=7&page-url=https%3A%2F%2Fshavetape.cash%2Fe%2FBLm4k90l2GsyA16&page-ref=https%3A%2F%2Fdownfscr.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A321%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A823390883803%3Ahid%3A875038937%3Az%3A0%3Ai%3A20230313125211%3Aet%3A1678711931%3Ac%3A1%3Arn%3A765949495%3Arqn%3A1%3Au%3A1678711931352215835%3Aw%3A980x490%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A24%2C36%2C81%2C3%2C0%2C0%2C%2C182%2C0%2C%2C%2C%2C328%3Aco%3A0%3Acpf%3A1%3Ans%3A1678711930769%3Arqnl%3A1%3Ast%3A1678711931%3At%3AStreamtape.com&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/61426822/1?wmode=7&page-url=https%3A%2F%2Fshavetape.cash%2Fe%2FBLm4k90l2GsyA16&page-ref=https%3A%2F%2Fdownfscr.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A321%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A823390883803%3Ahid%3A875038937%3Az%3A0%3Ai%3A20230313125211%3Aet%3A1678711931%3Ac%3A1%3Arn%3A765949495%3Arqn%3A1%3Au%3A1678711931352215835%3Aw%3A980x490%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A24%2C36%2C81%2C3%2C0%2C0%2C%2C182%2C0%2C%2C%2C%2C328%3Aco%3A0%3Acpf%3A1%3Ans%3A1678711930769%3Arqnl%3A1%3Ast%3A1678711931%3At%3AStreamtape.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 53

https://zimpolo.com/load HTTP 302
https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183

Request Chain 54

https://a.adforcast.com/load HTTP 302
https://xml.acertb.com/redirect?feed=489656&auth=h8OGfp&pubid=158935

Request Chain 65

https://a.adforcast.com/load HTTP 302
https://xml.acertb.com/redirect?feed=489656&auth=h8OGfp&pubid=158935

Request Chain 66

https://zimpolo.com/load HTTP 302
https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183

Request Chain 80

https://a.adforcast.com/load HTTP 302
https://xml.acertb.com/redirect?feed=489656&auth=h8OGfp&pubid=158935

Request Chain 81

https://zimpolo.com/load HTTP 302
https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183

Request Chain 92

https://zimpolo.com/load HTTP 302
https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183

Request Chain 94

https://a.adforcast.com/load HTTP 302
https://xml.acertb.com/redirect?feed=489656&auth=h8OGfp&pubid=158935

99 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
downfscr.xyz/ 18 KB
5 KB 98ms
47ms Document
text/html 2606:4700:3037::ac43:cd20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://downfscr.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d44ef14afa78a35daf3b5ee628e5d27f2487e8276e0ee5ff25cd9d7859dc5518

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a74699edf379012-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 13 Mar 2023 12:52:10 GMT
link: <https://downfscr.xyz/index.php?rest_route=/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zPAL45tcaKDJN7uZ87gHoyacxFHRzMWoNFrnYjCvZ5R46Q8OGgL5lXV8W7h8IkZD01hbz9U%2FJL2vcMphEJXrzaY9X3zM62IBUAy8zMBOa6o8ODCTgQeVIGgSLpTRz5GGTMBhiPylcXFpqA0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit
x-turbo-charged-by: LiteSpeed

GET
H2 200 style.min.css
downfscr.xyz/wp-includes/css/dist/block-library/ 93 KB
13 KB 17ms
15ms Stylesheet
text/css 2606:4700:3037::ac43:cd20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://downfscr.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: downfscr.xyz
URL: https://downfscr.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://downfscr.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:52:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 28 Jan 2023 05:52:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 184142
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5DZYvpCeY1dFODNzfze9q39RTRp%2FBhS7AX93e152vAJJpmQvZVYttD9ruo6wn%2FlEUzo7KLhnRE0v7N3UIwAU%2B63yI3LWZcMqiG4FE8r5HFTj8FLyIVYFofYB58AKdMaWo3ijIARmaK9iDqE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7a74699f2fa39012-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 18 Mar 2023 09:43:08 GMT

GET
H2 200 classic-themes.min.css
downfscr.xyz/wp-includes/css/ 217 B
519 B 15ms
13ms Stylesheet
text/css 2606:4700:3037::ac43:cd20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://downfscr.xyz/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: downfscr.xyz
URL: https://downfscr.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://downfscr.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:52:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 28 Jan 2023 05:52:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 178838
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tnTo001qEp%2F9ZE6sQuZZkJCIl%2F%2FPkziuiQscWTp5zi3r8JRbHkTXKpQTophubAPwwrm2EwDLFbAA%2BWAiF1Ofl3HY2F3ahi2bbz0VsL%2B6XzkRXfrsOF5x1fhUex7wi8kwLGqw6DTFIRFhiWw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7a74699f2fa49012-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 18 Mar 2023 11:11:32 GMT

GET
H2 200 style.css
downfscr.xyz/wp-content/themes/ivideo/ 2 KB
1 KB 16ms
14ms Stylesheet
text/css 2606:4700:3037::ac43:cd20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://downfscr.xyz/wp-content/themes/ivideo/style.css?ver=6.1.1
Requested by: Host: downfscr.xyz
URL: https://downfscr.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8ee788393557979384e776bccdcdfbb23a33791516151e87e74d25ce6563837

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://downfscr.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:52:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 28 Jan 2023 05:58:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 184141
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nnbneiAU1mroNS5rwRiKK6wPVWocKGi8uEY1wI0WrxIRBddSgZRSKulX49Ejnf8Y9kVCmUrTYaHBgjgoPif8oax5nX0eR66tvVLhB0SKts7bbYxJvb0x2NxFeMWsrh1lxxi41Yx4RLzOPag%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7a74699f2fa59012-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 18 Mar 2023 09:43:09 GMT

GET
H/1.1 403
Forbidden 68881dd8b72caf0194422455d0b10d44.js
profitablegatetocontent.com/68/88/1d/ 0
0 834ms
103ms Script
application/javascript 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://profitablegatetocontent.com/68/88/1d/68881dd8b72caf0194422455d0b10d44.js
Requested by: Host: downfscr.xyz
URL: https://downfscr.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://downfscr.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 13 Mar 2023 12:52:11 GMT
Server: nginx/1.17.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 51454 Show response
bleokerrie.com/rjAjyTYF48fZsN/ 0
1 KB 204ms
31ms Script
application/javascript 23.109.87.203
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://bleokerrie.com/rjAjyTYF48fZsN/51454

Requested by

Host: downfscr.xyz
URL: https://downfscr.xyz/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

23.109.87.203 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://downfscr.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 13 Mar 2023 12:52:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Server: nginx
Transfer-Encoding: chunked
Access-Control-Max-Age: 600
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: https://downfscr.xyz
Access-Control-Allow-Methods: GET, POST, OPTIONS
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for

GET
H2 200 BLm4k90l2GsyA16 Show response
shavetape.cash/e/ Frame F385 120 KB
33 KB 142ms
81ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shavetape.cash/e/BLm4k90l2GsyA16
Requested by: Host: downfscr.xyz
URL: https://downfscr.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0398eaa88b89d56f770c9e4f966a90d1f82bbb5d189924221a06abc8f998bf5b

Request headers

Referer: https://downfscr.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7a74699fbe9d9b86-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 13 Mar 2023 12:52:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mBaPg4Bu5vqaYPj8tYEWjGP1G%2BDmjMKPj7zYhXDtdDLMZ3%2Bi6P0jrafjAKZzXzEz2I%2FH5l20JyK%2F%2FAp8jnjjMXU0D23nD6DQt343%2FBL%2BubE2mRE19IpCjlqbXoBuNjg0g8yAYsntYHIxLsCktA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
48 KB 117ms
90ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: downfscr.xyz
URL: https://downfscr.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43ec6dbbed2b57cd87d18d357e6446b51fa5a34b410d99f09624bce2e6ea43a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://downfscr.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:52:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48557
x-xss-protection: 0
server: cafe
etag: 11175980167357222355
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 13 Mar 2023 12:52:10 GMT

GET
H3 200 white_sand.png
downfscr.xyz/wp-content/themes/ivideo/images/ 21 KB
22 KB 17ms
17ms Image
image/png 2606:4700:3037::ac43:cd20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://downfscr.xyz/wp-content/themes/ivideo/images/white_sand.png
Requested by: Host: downfscr.xyz
URL: https://downfscr.xyz/wp-content/themes/ivideo/style.css?ver=6.1.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10055ac3c9d72bba0edcf7813858f543e085183da9a554fe1cded14a7dc1b00f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://downfscr.xyz/wp-content/themes/ivideo/style.css?ver=6.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:52:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 439437
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21591
last-modified: Mon, 20 Jul 2015 14:56:46 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PRQygT9TMYbuJPmMH39U%2BW3VAUZkn4GF7RemTfgeLejSHFXKkskXQy6FEhzBLaj46PLs%2F0mt717VMNBKgTwqMj0CqmgvVehz7K6Kn8n%2BOlLej84Jr4bzDUduWRCUSICn19w%2B8IH%2B5lh7zEY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7a74699f5fb135fc-FRA
expires: Wed, 15 Mar 2023 10:48:13 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230308/r20190131/ Frame 5161 10 KB
5 KB 33ms
8ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230308/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://downfscr.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10675
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 09:54:15 GMT
etag: 2378337311435320485
expires: Mon, 27 Mar 2023 09:54:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 native_render.js Show response
superonclick.com/script/ 4 KB
2 KB 40ms
16ms Script
application/javascript 2606:4700:3037::ac43:bd78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://superonclick.com/script/native_render.js
Requested by: Host: downfscr.xyz
URL: https://downfscr.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bd78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://downfscr.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:52:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1486
x-guploader-uploadid: ADPycdv2f4RJwFvEiVIjn6Vhy_M___Kqkd95wPk7zCqR5TbArinPAQ_KklzsJU9vK8bsyybFJKDwxBwisT49n8RKpGQ-kg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 13 Feb 2019 10:15:50 GMT
server: cloudflare
etag: W/"8b801d68c6f63f9ef8a9a7aa484b9c75"
vary: Accept-Encoding
x-goog-hash: crc32c=rXethw==, md5=i4AdaMb2P574qaeqSEucdQ==
x-goog-generation: 1550052950916101
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iBkSmzjI%2Fm9Dj0mwTJpyMAEyWQBFev6rLu26wIX0pnTbKTJtL2aMjx1z%2BlrBCRHb9wTcM%2BJMWco1q4iNiRLBz2K%2BsoBKih5HdaxqejXzGxyGp%2Bm5WqpYkgcrRR34cjgBU9N7xV37jc8YgY0TtRks"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 4285
cf-ray: 7a7469a08d3e929b-FRA
expires: Mon, 13 Mar 2023 13:24:50 GMT

GET
H2 200 native_server.js Show response
superonclick.com/script/ 9 KB
3 KB 41ms
17ms Script
application/javascript 2606:4700:3037::ac43:bd78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://superonclick.com/script/native_server.js
Requested by: Host: downfscr.xyz
URL: https://downfscr.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bd78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://downfscr.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:52:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 774
x-guploader-uploadid: ADPycdtabBUYD2uv6NOmtFFwZ5-z7N-JAOQKfuQeRCPHfTO6GQqRU48bgdZq8eqqer5JnWjDTq5mSFDtPMp-TUyLWj4mNIh9iMUE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 13 Feb 2019 10:15:52 GMT
server: cloudflare
etag: W/"51d87e9ebd831fccab6a016079a60793"
vary: Accept-Encoding
x-goog-hash: crc32c=RAjq/g==, md5=Udh+nr2DH8yragFgeaYHkw==
x-goog-generation: 1550052952705094
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQjTxNEpS51sxusg097Vbcxc0eyhrBOT%2FPPBgsKntJYPMq15zwikKjfwX%2B7WyjGu0pPooOrbmiVH%2FcfN20yt84wRS0RMrsuydpdtMv%2B%2B2%2FbfhHSIQlGEoERLtGGdjRjfZR4MbxQWD66dXDwJcJTQ"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 9260
cf-ray: 7a7469a08d41929b-FRA
expires: Mon, 13 Mar 2023 12:45:58 GMT

GET
H2 200 ad.js Show response
shavetape.cash/ Frame F385 20 B
321 B 25ms
22ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shavetape.cash/ad.js
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/e/BLm4k90l2GsyA16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8964d85afd6d5d84b97872464646809c952ab900cdf5c5d7c3b7b4bdb74202fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/e/BLm4k90l2GsyA16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:52:10 GMT
cf-cache-status: HIT
last-modified: Sun, 29 Nov 2020 16:24:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3382
etag: "5fc3cb55-14"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cMSDGRaev76ZrpNLM8mzbDx1605e1jgkTxYjlrEhTR3zhkzvzYSS3poLeEDQEFwwxXEksUfRFlLEDc99OlnyzGXw2erw39PB3OYTghIGUi4rd3qffr7FbtzuDnrOZ4j9Sex0t2RKvqOVsu0eAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 7a7469a08fad9b86-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20

GET
H2 200 jquery.min.js Show response
shavetape.cash/js/ Frame F385 86 KB
31 KB 23ms
20ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shavetape.cash/js/jquery.min.js
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/e/BLm4k90l2GsyA16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/e/BLm4k90l2GsyA16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:52:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 29 Nov 2020 16:24:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3382
etag: W/"5fc3cb55-15851"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2mt1TPeE7fj8wgY%2BVbMI8JacPaY9oACCsFw1Tiigd4syDPSygO%2BKEBw1GqcgYQW8mgLFqEnw%2BqRQM%2Bh3bQsFc4MIcLTAzwSAmhjEHAJK4etpiwuWQXD5ZeX9aDUX%2FZixjpJtegmtVMfPtCP%2BNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7a7469a08faf9b86-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 player.ec3b7d.css
shavetape.cash/scss/ Frame F385 31 KB
6 KB 22ms
20ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shavetape.cash/scss/player.ec3b7d.css
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/e/BLm4k90l2GsyA16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25030a9d025c1e8c6d1bc7a95152b7265ef6eade6ed5d568b4631b828dc5e0db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/e/BLm4k90l2GsyA16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:52:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 12 Mar 2022 01:25:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 506
etag: W/"622bf685-7b0c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BcmZ4WJU5%2B46qP0gryJSckhxXyu5UndC19X0HlxxuzCLXQ4x6KkqOtFAqqbiJKvP5ZD53eMxq9LFFExMNMODhn24RRdSJ8IZ9ImKxTDLJ%2BygXrh2vCwaPbzSg6OC5cye5jYiJMxCeIuCUAxgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=259200
cf-ray: 7a7469a08fab9b86-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 LOJ9Gp417JURzkx.jpg
thumb.tapecontent.net/thumb/BLm4k90l2GsyA16/ Frame F385 285 KB
286 KB 84ms
26ms Image
image/jpeg 2606:4700:3038::6815:eb94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumb.tapecontent.net/thumb/BLm4k90l2GsyA16/LOJ9Gp417JURzkx.jpg
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/e/BLm4k90l2GsyA16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d2ea1a0f53dfd5ffae5cf43b3d6fd75f1f3666ec64a4927a412c75cc62f0603

Request headers

Referer: https://shavetape.cash/
Origin: https://shavetape.cash
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:52:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20985
content-disposition: inline; filename="LOJ9Gp417JURzkx.jpg"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 291486
last-modified: Mon, 13 Mar 2023 04:16:38 GMT
server: cloudflare
etag: 9fdc8486ae13
allow: OPTIONS, GET, HEAD, POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xjo8VmoHpUVOqgrXfra3tdO1yyJBHLBtcmnxaWmp%2BQ7xU85akvcCK0z30hDGWQGnjGUC8BFA2jxGx7ji33hbFnUIs%2BidaMdRhaH3VYtB%2B2G892Wdj7PgfFDysMEgF1QQWqC5Uq21te2FoaQ8eEPW5Hc%2B%2BhQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: ETag,Expires,Location,Content-Length,Accept-Ranges,Content-Encoding,Content-Range
cache-control: public, max-age=259200
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7a7469a0ef272405-LHR
access-control-allow-headers: Upgrade-Insecure-Requests,Range,Content-Type,If-Modified-Since
expires: Thu, 16 Mar 2023 04:16:46 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame F385 884 B
906 B 53ms
18ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs

Requested by

Host: shavetape.cash
URL: https://shavetape.cash/e/BLm4k90l2GsyA16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

35b07a9573a852abd2cf461bfc4644b1e77cd9c89b57f090ba8f8ac7f74d1c0b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:52:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 586
x-xss-protection: 1; mode=block
expires: Mon, 13 Mar 2023 12:52:11 GMT

GET
H/1.1 200
OK 58191 Show response
aa.samaniclucked.com/gsV9RVRXE38D9/ Frame F385 0
0 121ms
20ms Script
text/html 172.255.6.212
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.samaniclucked.com/gsV9RVRXE38D9/58191
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/e/BLm4k90l2GsyA16
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 172.255.6.212 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 200 1 Show response
arsnivyr.com/ Frame F385 0
153 B 71ms
13ms Script
text/plain 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://arsnivyr.com/1?z=4670225
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/e/BLm4k90l2GsyA16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: text/plain; charset=utf-8
pragma: no-cache
date: Mon, 13 Mar 2023 12:52:11 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 player.ec3b7e.js Show response
shavetape.cash/js/ Frame F385 145 KB
41 KB 18ms
17ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shavetape.cash/js/player.ec3b7e.js
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/e/BLm4k90l2GsyA16
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00c57c8b0121e3c2154bc0c181a5c01ad10550648cc4835a62dc887d5427c656

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/e/BLm4k90l2GsyA16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:52:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Feb 2021 09:32:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2044
etag: W/"601bbf3c-2423f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhrX1ok57SlvITpDoiI530z6GH8v1uIyXRSI1WuTVNBXA2A0JZBblSyJHP%2B5LhMA69DDCeMO4jZrRplFppV%2B85THMNtvaFeFSAIrurll6dqMxQuksT5%2BC2tzxLy4IxQGhosd2DsCYDke3T8FcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7a7469a0d8122c46-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 player.svg
shavetape.cash/ Frame F385 5 KB
3 KB 14ms
14ms Other
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shavetape.cash/player.svg
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/js/player.ec3b7e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b0a89316b4c4edfcaecd47b2cd0a992c29219a6bf57a9f6dcda37a3f037a02e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/e/BLm4k90l2GsyA16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:52:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 28 Aug 2020 11:07:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2043
etag: W/"5f48e57d-15ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bgtsN1Te1r%2FPNhpGExpYcWRV4dNYDtaTr5huXEWdXneIgSJINCReNYZV7lbotsYkMt28Ck%2FjX7GJDyHOyPqCTDFVMrGX82%2BOfCAPSqzzTW8v90tGEmuATJznIh0yZq1x73kegBzymY2r4HS2pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=259200
cf-ray: 7a7469a128712c46-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame F385 4 KB
2 KB 49ms
25ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: shavetape.cash
URL: https://shavetape.cash/js/player.ec3b7e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:52:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Mar 2023 12:52:11 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ Frame F385 211 KB
73 KB 227ms
103ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: shavetape.cash
URL: https://shavetape.cash/e/BLm4k90l2GsyA16

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

025131d9c15ae8bc85f70a51c95aece581630b3dc3caa26cfeb1f79532c224d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:52:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Mar 2023 10:05:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6406e24d-11fef"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73711
expires: Mon, 13 Mar 2023 13:52:11 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/ Frame F385 405 KB
162 KB 32ms
11ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e008e03e1be26d3c8a0291bb1d29f93bddeef133fefd946ed207245fc6e63ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shavetape.cash/
Origin: https://shavetape.cash
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165509
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 21:03:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Mar 2024 12:04:54 GMT

GET
H2 200 fJKjbg7Qps Show response
zimpolo.com/sub/ Frame 8BDF 239 B
614 B 70ms
36ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zimpolo.com/sub/fJKjbg7Qps
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/e/BLm4k90l2GsyA16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d7820d757464633f0cfef9e92bf9bafd9eedd4197fe0d2070c752fc8436be5

Request headers

Referer: https://shavetape.cash/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a7469a18c252c39-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 13 Mar 2023 12:52:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rG7AuB0ZeMZ%2FFdC7QqsyIpwUsrDLm%2BqcdWP%2FfrqUPh17tIPZ3z60YHVdBf3hzNxZbQPdgOfIm1b%2FNyzJzHlS0ez52Mssi6CT6%2BqO2EarnNJkG00ZAf3RTlaisnJUAIPNQ%2BiLRzt%2BPQSljA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 XrhN0kTsdA Show response
a.adforcast.com/sub/ Frame 2EF3 233 B
611 B 105ms
60ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.adforcast.com/sub/XrhN0kTsdA
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/e/BLm4k90l2GsyA16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c15903430626ae030ee8348a9bdc240de2ae4b98edb655e07f4a66091fd64430

Request headers

Referer: https://shavetape.cash/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a7469a198f92c46-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 13 Mar 2023 12:52:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6bwY3UzopK9xxW%2FW2xtdWE7XxTGYDTGXnn0oU1MVyeshsFh1ctq8hZiwgPAUT1aC9eCgQfWjZDAfhmcblyv5Cwlq9cGKG4sDR0or9Hex%2BmymQtywXjurhlczBKeOFF01Z%2BFlAYgSbnL0MZ1hKv8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame F385 35 KB
12 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:52:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12197
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Mon, 13 Mar 2023 12:52:11 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/111/ Frame F385 50 KB
15 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/111/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 20:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14872
x-xss-protection: 0
last-modified: Mon, 16 Jan 2023 16:05:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 13 Mar 2023 20:11:49 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 420B 46 KB
26 KB 30ms
29ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs&co=aHR0cHM6Ly9zaGF2ZXRhcGUuY2FzaDo0NDM.&hl=de&v=MuIyr8Ej74CrXhJDQy37RPBe&size=invisible&cb=6gsx1g7nrr9e

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1c43373995a8fb72a1b63b7864dc92d0cb911ff749af22a48cbf30b202c24a78

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SZhE_6_zIrm8GdPvpwAc6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shavetape.cash/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 25690
content-security-policy: script-src 'report-sample' 'nonce-SZhE_6_zIrm8GdPvpwAc6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 12:52:11 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 identify.html Show response
ufpcdn.com/script/ Frame 2126 2 KB
1 KB 169ms
149ms Document
text/html 2606:4700:3037::ac43:8e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufpcdn.com/script/identify.html?frmt=0
Requested by: Host: superonclick.com
URL: https://superonclick.com/script/native_server.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

Request headers

Referer: https://downfscr.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a7469a258bb3723-FRA
content-encoding: br
content-type: text/html
date: Mon, 13 Mar 2023 12:52:11 GMT
last-modified: Tue, 15 May 2018 06:39:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYvl5PnLZRF405r2ojDka95MvrGNLRp0%2BSB%2B5tfPEkiyAguQIZYmyiXhaQ6Og9J1Ztf08PD8PNOqWB2Cmcl97Oxvy7LygyHA7yFcyr3SlJbApd01fyrnQfjgifJFP9viGeUg2MUK%2F5HU"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1

200
OK

redirect Show response
xml.popmonetizer.net/ Frame 8BDF
Redirect Chain

https://zimpolo.com/load
https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183

0
165 B

289ms
90ms

Document
text/plain

174.137.133.18
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/e/BLm4k90l2GsyA16
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.18 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://zimpolo.com
Referer: https://zimpolo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: keep-alive
Content-Length: 0
Date: Mon, 13 Mar 2023 12:52:11 GMT
Pragma: no-cache
Server: nginx

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a7469a24d1d2c39-FRA
content-type: text/html; charset=utf-8
date: Mon, 13 Mar 2023 12:52:11 GMT
location: https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czkW4LDHpdUPISpTnmznUJsUmItEprT0CzjEQvW8rj3dI3IMf1honl2YQLzzVXXopNIDQjFuyFxxiBR5siSAF07VnSIHUbZpz56%2BmA5PezUHP90ispVAsM0vp%2F1MYpZALhpdhQ%2FZy0Hp%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET

redirect
xml.acertb.com/ Frame 2EF3
Redirect Chain

https://a.adforcast.com/load
https://xml.acertb.com/redirect?feed=489656&auth=h8OGfp&pubid=158935

0
0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/ Frame 420B 55 KB
24 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs&co=aHR0cHM6Ly9zaGF2ZXRhcGUuY2FzaDo0NDM.&hl=de&v=MuIyr8Ej74CrXhJDQy37RPBe&size=invisible&cb=6gsx1g7nrr9e

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 08:40:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15096
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 21:03:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Mar 2024 08:40:35 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/ Frame 420B 405 KB
162 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e008e03e1be26d3c8a0291bb1d29f93bddeef133fefd946ed207245fc6e63ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165509
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 21:03:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Mar 2024 12:04:54 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 420B 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 08:02:07 GMT
x-content-type-options: nosniff
age: 17404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 20 Mar 2023 08:02:07 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 420B 15 KB
16 KB 32ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 15:27:04 GMT
x-content-type-options: nosniff
age: 336307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 15:27:04 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 420B 15 KB
15 KB 33ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:28:44 GMT
x-content-type-options: nosniff
age: 411807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 18:28:44 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 420B 102 B
134 B 16ms
16ms Other
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=MuIyr8Ej74CrXhJDQy37RPBe

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c47be0dbc8b8a0bd1ab27a7eb0f54af86ad21d8f0070dbceb0b36c47194dff54

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs&co=aHR0cHM6Ly9zaGF2ZXRhcGUuY2FzaDo0NDM.&hl=de&v=MuIyr8Ej74CrXhJDQy37RPBe&size=invisible&cb=6gsx1g7nrr9e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:52:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 13 Mar 2023 12:52:11 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/61426822/ Frame F385
Redirect Chain

https://mc.yandex.com/watch/61426822?wmode=7&page-url=https%3A%2F%2Fshavetape.cash%2Fe%2FBLm4k90l2GsyA16&page-ref=https%3A%2F%2Fdownfscr.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4nc...
https://mc.yandex.com/watch/61426822/1?wmode=7&page-url=https%3A%2F%2Fshavetape.cash%2Fe%2FBLm4k90l2GsyA16&page-ref=https%3A%2F%2Fdownfscr.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4...

447 B
530 B

53ms
52ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/61426822/1?wmode=7&page-url=https%3A%2F%2Fshavetape.cash%2Fe%2FBLm4k90l2GsyA16&page-ref=https%3A%2F%2Fdownfscr.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A321%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A823390883803%3Ahid%3A875038937%3Az%3A0%3Ai%3A20230313125211%3Aet%3A1678711931%3Ac%3A1%3Arn%3A765949495%3Arqn%3A1%3Au%3A1678711931352215835%3Aw%3A980x490%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A24%2C36%2C81%2C3%2C0%2C0%2C%2C182%2C0%2C%2C%2C%2C328%3Aco%3A0%3Acpf%3A1%3Ans%3A1678711930769%3Arqnl%3A1%3Ast%3A1678711931%3At%3AStreamtape.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: shavetape.cash
URL: https://shavetape.cash/e/BLm4k90l2GsyA16

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

104450103ee1e572db5a3029dbeccf319e898e95c93ae652bc218c1a7d38806f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:52:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 13-Mar-2023 12:52:11 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://shavetape.cash
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Mon, 13-Mar-2023 12:52:11 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:52:11 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 13-Mar-2023 12:52:11 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/61426822/1?wmode=7&page-url=https%3A%2F%2Fshavetape.cash%2Fe%2FBLm4k90l2GsyA16&page-ref=https%3A%2F%2Fdownfscr.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A321%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A823390883803%3Ahid%3A875038937%3Az%3A0%3Ai%3A20230313125211%3Aet%3A1678711931%3Ac%3A1%3Arn%3A765949495%3Arqn%3A1%3Au%3A1678711931352215835%3Aw%3A980x490%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A24%2C36%2C81%2C3%2C0%2C0%2C%2C182%2C0%2C%2C%2C%2C328%3Aco%3A0%3Acpf%3A1%3Ans%3A1678711930769%3Arqnl%3A1%3Ast%3A1678711931%3At%3AStreamtape.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://shavetape.cash
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 13-Mar-2023 12:52:11 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame F385 43 B
113 B 56ms
52ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: shavetape.cash
URL: https://shavetape.cash/e/BLm4k90l2GsyA16

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:52:11 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Mar 2023 10:05:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6406e24d-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 13 Mar 2023 13:52:11 GMT

GET
H2 204 native.php Show response
discovernative.com/script/ 0
103 B 248ms
127ms Script
text/plain 130.211.31.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://discovernative.com/script/native.php?nwpsv=1&r=4910187&cbrandom=0.3723831356700926&cbWidth=1600&cbHeight=1200&cbtitle=Dochetel%E2%80%A6%20embed%20source%20streamtape%20%7C%20Embed%20Videos%20Online%20Free&cbref=&cbdescription=&cbkeywords=&cbiframe=0&&callback=jsonp147199
Requested by: Host: downfscr.xyz
URL: https://downfscr.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.31.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.31.211.130.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://downfscr.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 13 Mar 2023 12:52:11 GMT
via: 1.1 google
server: openresty
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 61426822 Show response
mc.yandex.com/watch/ Frame F385 43 B
187 B 56ms
56ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/61426822?page-url=goal%3A%2F%2Fshavetape.cash%2Fsbox&page-ref=https%3A%2F%2Fshavetape.cash%2Fe%2FBLm4k90l2GsyA16&charset=utf-8&hittoken=1678711931_73332ffe33d897457b8a6cadaf99b55a322dbbe31c19713ec5f9ab36a5596ef3&browser-info=ar%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A1%3Als%3A823390883803%3Ahid%3A875038937%3Az%3A0%3Ai%3A20230313125211%3Aet%3A1678711932%3Ac%3A1%3Arn%3A891402667%3Arqn%3A2%3Au%3A1678711931352215835%3Aw%3A980x490%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1678711930769%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678711932%3At%3AStreamtape.com&t=gdpr(14)mc(g-1)clc(0-0-0)rqnt(2)lt(6300)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:52:11 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 13-Mar-2023 12:52:11 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://shavetape.cash
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 13-Mar-2023 12:52:11 GMT

GET
H2 200 61426822 Show response
mc.yandex.com/watch/ Frame F385 43 B
75 B 62ms
61ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/61426822?page-url=goal%3A%2F%2Fshavetape.cash%2Fsbox&page-ref=https%3A%2F%2Fshavetape.cash%2Fe%2FBLm4k90l2GsyA16&charset=utf-8&hittoken=1678711931_73332ffe33d897457b8a6cadaf99b55a322dbbe31c19713ec5f9ab36a5596ef3&browser-info=ar%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A1%3Als%3A823390883803%3Ahid%3A875038937%3Az%3A0%3Ai%3A20230313125211%3Aet%3A1678711932%3Ac%3A1%3Arn%3A802553999%3Arqn%3A3%3Au%3A1678711931352215835%3Aw%3A980x490%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C825%2C825%2C1%2C%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1678711930769%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678711932%3At%3AStreamtape.com&t=gdpr(14)mc(g-1)clc(0-0-0)rqnt(3)lt(6300)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:52:11 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 13-Mar-2023 12:52:11 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://shavetape.cash
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 13-Mar-2023 12:52:11 GMT

GET blocked
shavetape.cash/ Frame F385 0
0

GET
H3 200 blocked Show response
shavetape.cash/ Frame F385 115 KB
32 KB 36ms
35ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shavetape.cash/blocked
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/e/BLm4k90l2GsyA16
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6495d9ddd2bd445b562f41aa96a50a7d4a51120925286ec72a73d83847520b36

Request headers

Referer: https://shavetape.cash/e/BLm4k90l2GsyA16
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7a7469a708fc2c46-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 13 Mar 2023 12:52:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iri9m5K040bbMlGccWvBUXTA3%2Fid1DOJIxPxVkKxYU4HmzKhzKDhiusFvU8Nnt8i0hVbN%2B5Csdehidc%2FT40pTojuDxSf9eIhqkc%2FGEYYzKt7OHpgHfpEzGafz29PLboq7w%2FoGwmhG1Qp8FIJgg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 jquery.min.js Show response
shavetape.cash/js/ Frame F385 86 KB
31 KB 21ms
20ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shavetape.cash/js/jquery.min.js
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/blocked
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/blocked
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:52:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 13 Dec 2020 16:27:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3423
etag: W/"5fd64104-15851"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OREbPYpKHav1PTscbNuCkqlIdg5U5ghYLv1v5PBRaAFSXGoamhNi4ybfFC2sMqoTVvp3199iIkoIfy0PRXrOuOiWZfZ2Wt99W7JuZR2fINUMzSXVXeQKLIV1zyjS2GQIzaTXAfoSqFethSc7AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7a7469a7595e2c46-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ad.js Show response
shavetape.cash/ Frame F385 20 B
532 B 14ms
13ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shavetape.cash/ad.js
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/blocked
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8964d85afd6d5d84b97872464646809c952ab900cdf5c5d7c3b7b4bdb74202fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/blocked
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:52:12 GMT
cf-cache-status: HIT
last-modified: Sun, 13 Dec 2020 16:27:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1068
etag: "5fd64104-14"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KV3IUKQ52nsiMY2jpj2PmruWg%2B9CeGWK5BHP6sPeE2coARMsNewC7x%2BrbceDySNk%2FYCoHcqdhri7VYik43agIrlKQ4DhDbld%2B%2BFNys1Wsj77zlGoWdKLOqnUFcTPWddRG4aclmBIfIn%2FjpNInA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 7a7469a7595f2c46-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20

GET
H/1.1 200
OK 58191 Show response
aa.samaniclucked.com/gsV9RVRXE38D9/ Frame F385 0
0 41ms
14ms Script
text/html 172.255.6.212
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.samaniclucked.com/gsV9RVRXE38D9/58191
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/blocked
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 172.255.6.212 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H/1.1 403
Forbidden a643d84dff3acdde43da1bbe7a14fd9b.js
lazypeacefullyutterly.com/a6/43/d8/ Frame F385 0
0 297ms
96ms Script
application/javascript 173.233.137.44
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://lazypeacefullyutterly.com/a6/43/d8/a643d84dff3acdde43da1bbe7a14fd9b.js
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/blocked
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.44 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 13 Mar 2023 12:52:12 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ Frame F385 211 KB
72 KB 55ms
55ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: shavetape.cash
URL: https://shavetape.cash/blocked

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

025131d9c15ae8bc85f70a51c95aece581630b3dc3caa26cfeb1f79532c224d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:52:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Mar 2023 10:05:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6406e24d-11fef"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73711
expires: Mon, 13 Mar 2023 13:52:12 GMT

GET
H2 200 61426822 Show response
mc.yandex.com/watch/ Frame F385 439 B
523 B 61ms
61ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/61426822?wmode=7&page-url=https%3A%2F%2Fshavetape.cash%2Fblocked&page-ref=https%3A%2F%2Fshavetape.cash%2Fe%2FBLm4k90l2GsyA16&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A97%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A823390883803%3Ahid%3A803296051%3Az%3A0%3Ai%3A20230313125212%3Aet%3A1678711932%3Ac%3A1%3Arn%3A452438520%3Arqn%3A4%3Au%3A1678711931352215835%3Aw%3A980x490%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C36%2C6%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1678711931998%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678711932%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

67ad5ea660b529f464d865e2c8400d2af98139647f094556a004b5e1c9ca0436

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:52:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 13-Mar-2023 12:52:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://shavetape.cash
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 439
x-xss-protection: 1; mode=block
expires: Mon, 13-Mar-2023 12:52:12 GMT

GET
H2 200 61426822 Show response
mc.yandex.com/watch/ Frame F385 43 B
74 B 55ms
55ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/61426822?page-url=goal%3A%2F%2Fshavetape.cash%2Fsbox_bl&page-ref=https%3A%2F%2Fshavetape.cash%2Fblocked&charset=utf-8&hittoken=1678711932_a1b0256688ef8c6b55e5af6905603bc5cee9d11c1fbf40642196ae0ada96d970&browser-info=ar%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A1%3Als%3A823390883803%3Ahid%3A803296051%3Az%3A0%3Ai%3A20230313125212%3Aet%3A1678711932%3Ac%3A1%3Arn%3A765620211%3Arqn%3A5%3Au%3A1678711931352215835%3Aw%3A980x490%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1678711931998%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678711932%3At%3A&t=gdpr(14)mc(g-1)clc(0-0-0)rqnt(2)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:52:12 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 13-Mar-2023 12:52:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://shavetape.cash
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 13-Mar-2023 12:52:12 GMT

GET
H3 200 fJKjbg7Qps Show response
zimpolo.com/sub/ Frame 6A69 239 B
599 B 39ms
38ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zimpolo.com/sub/fJKjbg7Qps
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/blocked
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d7820d757464633f0cfef9e92bf9bafd9eedd4197fe0d2070c752fc8436be5

Request headers

Referer: https://shavetape.cash/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a7469a9394039da-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 13 Mar 2023 12:52:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UwEFHADv5VHoJGTaAsFV6ROW8SkmMhqdrueKxyzHytMm2xsCT5ypZ0qRjJkmDxFefGPLs%2Fn%2BBizEf46Zz040JuTu8CFp73CgLBf5J9XQQeC%2BbXAmIMCKfcn3wg2R6jPCYr577sZ7g0lliA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 XrhN0kTsdA Show response
a.adforcast.com/sub/ Frame 4E2E 233 B
603 B 64ms
63ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.adforcast.com/sub/XrhN0kTsdA
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/blocked
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c15903430626ae030ee8348a9bdc240de2ae4b98edb655e07f4a66091fd64430

Request headers

Referer: https://shavetape.cash/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a7469a93d409b82-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 13 Mar 2023 12:52:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ek2Kx23ywwT9jAJa%2ByeViB%2BikCIUmP%2F%2BsqT3aL1jRwoyby14QfxQOK42%2BM%2Fh4KYtS2%2BUH9G8felcuOaxO1h0eD%2FL5krrrO77Y893%2FNhp%2FoFN4Yk1C2%2F0qHTcHNYV4LwqhX2qdMROqiugx891yrI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1

200
OK

redirect Show response
xml.popmonetizer.net/ Frame 6A69
Redirect Chain

https://zimpolo.com/load
https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183

0
165 B

89ms
89ms

Document
text/plain

174.137.133.18
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/blocked
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.18 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://zimpolo.com
Referer: https://zimpolo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: keep-alive
Content-Length: 0
Date: Mon, 13 Mar 2023 12:52:12 GMT
Pragma: no-cache
Server: nginx

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a7469a9899239da-FRA
content-type: text/html; charset=utf-8
date: Mon, 13 Mar 2023 12:52:12 GMT
location: https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m37G0hVwW%2B2f8k9O6UePvdeBkNCLOeFuXDyYdAiqnZV0fboLAevVQLKNdHMP%2FFEjitITdY4AT3KsZ%2Fe39o79sJYMeqeoM5TZwoM0y8JPqWuRr7ixKqxEvlbFtfliewgUqMduNFAapFENLw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET

redirect
xml.acertb.com/ Frame 4E2E
Redirect Chain

https://a.adforcast.com/load
https://xml.acertb.com/redirect?feed=489656&auth=h8OGfp&pubid=158935

0
0

GET
H2 200 61426822 Show response
mc.yandex.com/watch/ Frame F385 43 B
74 B 53ms
53ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/61426822?page-url=goal%3A%2F%2Fshavetape.cash%2Fsbox&page-ref=https%3A%2F%2Fshavetape.cash%2Fblocked&charset=utf-8&hittoken=1678711932_a1b0256688ef8c6b55e5af6905603bc5cee9d11c1fbf40642196ae0ada96d970&browser-info=ar%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A1%3Als%3A823390883803%3Ahid%3A803296051%3Az%3A0%3Ai%3A20230313125212%3Aet%3A1678711933%3Ac%3A1%3Arn%3A974835097%3Arqn%3A6%3Au%3A1678711931352215835%3Aw%3A980x490%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C311%2C0%2C%2C%2C%2C354%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1678711931998%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678711933%3At%3A&t=gdpr(14)mc(g-1)clc(0-0-0)rqnt(3)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:52:12 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 13-Mar-2023 12:52:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://shavetape.cash
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 13-Mar-2023 12:52:12 GMT

GET
H3 200 blocked Show response
shavetape.cash/ Frame F385 115 KB
32 KB 57ms
56ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shavetape.cash/blocked
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/blocked
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bbb9e51e4cfd6ff0dfcfce6c873224aac6f3cdf8d084e69f2f9a9e4badde548

Request headers

Referer: https://shavetape.cash/blocked
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7a7469ad392c2c46-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 13 Mar 2023 12:52:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yV2w13gxNqfyx3xgB5ErtxdziNjHfXc6nLuD5TCgmYfuoa1TRDkfYcdT1jiY183Kv3Ned7%2BpY6L0PJfU9v%2FK7K1VXUoh1mVYxWOgJQV70JdelupnmNNl6bj%2FGvz0DPM%2FaHRVwTAnBwMKWTXZww%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 jquery.min.js Show response
shavetape.cash/js/ Frame F385 86 KB
31 KB 16ms
16ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shavetape.cash/js/jquery.min.js
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/blocked
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/blocked
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:52:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 13 Dec 2020 16:27:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3424
etag: W/"5fd64104-15851"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnikqvG6tm%2FS%2FgppRvSNkjmM38SLRAvTkXYdIUG9CKWaPTMGBn0V6RpmbBUSRkA00lD01cD%2Byc8NQIn6jjX9vGaSWXS36Mk%2Ft0AEheH2uj3B9hQanRhr3Fl4w8ucmj4N%2FXDJ6zc4hbJ2bxsb3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7a7469ada9a82c46-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ad.js Show response
shavetape.cash/ Frame F385 20 B
536 B 14ms
13ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shavetape.cash/ad.js
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/blocked
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8964d85afd6d5d84b97872464646809c952ab900cdf5c5d7c3b7b4bdb74202fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/blocked
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:52:13 GMT
cf-cache-status: HIT
last-modified: Sun, 13 Dec 2020 16:27:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1069
etag: "5fd64104-14"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PWLCg8D7ZBCyXtdD4%2B6RFkWRqnp4WtsV6nypXrqitFkvW%2B3jaTdQoO1kS%2B%2B%2FFPmjl32zmhDLYbssvWY3KWp1%2BY4a3jeUb9xrDjHZuYzrTBxrX2eI9Zn1AFmBLGmhM9nxeLFFI5Nm1xjgaK%2Bfxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 7a7469ada9aa2c46-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20

GET
H/1.1 200
OK 58191 Show response
aa.samaniclucked.com/gsV9RVRXE38D9/ Frame F385 0
0 41ms
14ms Script
text/html 172.255.6.212
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.samaniclucked.com/gsV9RVRXE38D9/58191
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/blocked
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 172.255.6.212 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H/1.1 403
Forbidden a643d84dff3acdde43da1bbe7a14fd9b.js
lazypeacefullyutterly.com/a6/43/d8/ Frame F385 0
0 96ms
95ms Script
application/javascript 173.233.137.44
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://lazypeacefullyutterly.com/a6/43/d8/a643d84dff3acdde43da1bbe7a14fd9b.js
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/blocked
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.44 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 13 Mar 2023 12:52:13 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ Frame F385 219 KB
75 KB 53ms
53ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: shavetape.cash
URL: https://shavetape.cash/blocked

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

a085a2d615369a0e582f00d45fdb0dfa425579658d726294686de24d7aa3bae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:52:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Mar 2023 10:05:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6406e24d-12c4e"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 76878
expires: Mon, 13 Mar 2023 13:52:13 GMT

GET
H3 200 fJKjbg7Qps Show response
zimpolo.com/sub/ Frame C410 239 B
561 B 38ms
37ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zimpolo.com/sub/fJKjbg7Qps
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/blocked
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d7820d757464633f0cfef9e92bf9bafd9eedd4197fe0d2070c752fc8436be5

Request headers

Referer: https://shavetape.cash/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a7469ae4a1c39da-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 13 Mar 2023 12:52:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTBYVkaZlVHtpHIDEFNQ9EYip5GNAz7pYHuHpKIYJe3UE0mRbg4Xbf9%2FlP2kbjIoOeAoTu0MITStVtuj5ztlg6EkXupOSNv62T6xLP4eSbdsrLfrMBBx9uGrbntdmsV5hBARoJXcpJ0J%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 XrhN0kTsdA Show response
a.adforcast.com/sub/ Frame 530C 233 B
563 B 36ms
35ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.adforcast.com/sub/XrhN0kTsdA
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/blocked
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c15903430626ae030ee8348a9bdc240de2ae4b98edb655e07f4a66091fd64430

Request headers

Referer: https://shavetape.cash/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a7469ae4cea9b82-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 13 Mar 2023 12:52:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbpFqT2e%2FkrdrukGk0DXylKCeuNxiRR94vPL1nXmmursG2xY5YzJI4y8Crxk6nFP%2B%2FfRyexyJcWxeETYpOWMKMaTDQ6Gz%2FjLIdceYGUPw5Bb%2FV4WxHUOdLo%2F7LyTm7HiYhuGL6tJ2bENJalrXVg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 61426822 Show response
mc.yandex.com/watch/ Frame F385 439 B
518 B 62ms
61ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/61426822?wmode=7&page-url=https%3A%2F%2Fshavetape.cash%2Fblocked&charset=utf-8&browser-info=pv%3A1%3Avf%3A1l9q8t2xwu9apk6vq4sn3b%3Afp%3A106%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A982%3Acn%3A1%3Adp%3A0%3Als%3A823390883803%3Ahid%3A182354515%3Az%3A0%3Ai%3A20230313125213%3Aet%3A1678711933%3Ac%3A1%3Arn%3A1045171906%3Arqn%3A7%3Au%3A1678711931352215835%3Aw%3A980x490%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C57%2C2%2C0%2C0%2C%2C111%2C0%2C%2C%2C%2C171%3Aco%3A0%3Acpf%3A1%3Ans%3A1678711932993%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678711933%3At%3A&t=gdpr(14)clc(0-0-0)mtb(0)rqnt(1)aw(1)pe(1)cs(1)efid(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

4aae12a5357524d482c0087a5032bb8f42d6b60b238ac5a89a7bcb93779d6698

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:52:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 13-Mar-2023 12:52:13 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://shavetape.cash
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 439
x-xss-protection: 1; mode=block
expires: Mon, 13-Mar-2023 12:52:13 GMT

GET

redirect
xml.acertb.com/ Frame 530C
Redirect Chain

https://a.adforcast.com/load
https://xml.acertb.com/redirect?feed=489656&auth=h8OGfp&pubid=158935

0
0

GET
H/1.1

200
OK

redirect Show response
xml.popmonetizer.net/ Frame C410
Redirect Chain

https://zimpolo.com/load
https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183

0
165 B

132ms
131ms

Document
text/plain

174.137.133.18
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/blocked
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.18 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://zimpolo.com
Referer: https://zimpolo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: keep-alive
Content-Length: 0
Date: Mon, 13 Mar 2023 12:52:13 GMT
Pragma: no-cache
Server: nginx

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a7469aeeb3839da-FRA
content-type: text/html; charset=utf-8
date: Mon, 13 Mar 2023 12:52:13 GMT
location: https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=baiJjtVXGYYzUbY%2FBCuhy8d7cWggx6IpKlG0DEA%2FIMnfNOEcBaxWgH6QrpJkz29jlV7A1KtIXYjwhSLhgI8IOhI3GgPH4ENTQNUlJT6OS1645DzTQGVK75zx6HfNdJMoANysYO486rDrgg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H2 200 61426822
mc.yandex.com/watch/ Frame F385 43 B
74 B 54ms
53ms Ping
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/61426822?page-url=goal%3A%2F%2Fshavetape.cash%2Fsbox_bl&page-ref=https%3A%2F%2Fshavetape.cash%2Fblocked&charset=utf-8&hittoken=1678711933_24c090b91f14e716fe75126dfa8ad4ef64d1313a0180b85d18da91abccd3b92d&browser-info=ar%3A1%3Avf%3A1l9q8t2xwu9apk6vq4sn3b%3Afu%3A2%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A982%3Acn%3A1%3Adp%3A1%3Als%3A823390883803%3Ahid%3A182354515%3Az%3A0%3Ai%3A20230313125213%3Aet%3A1678711933%3Ac%3A1%3Arn%3A80395934%3Arqn%3A8%3Au%3A1678711931352215835%3Aw%3A980x490%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1678711932993%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678711933%3At%3A&t=gdpr(14)mc(g-1)clc(0-0-0)mtb(0)rqnt(2)aw(1)pe(1)cs(112)efid(1)ti(0)&force-urlencoded=1

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:52:13 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 13-Mar-2023 12:52:13 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://shavetape.cash
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 13-Mar-2023 12:52:13 GMT

GET
H2 200 metrika_match.html Show response
mc.yandex.com/metrika/ Frame 884B 2 KB
1 KB 53ms
53ms Document
text/html 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8a709796e01e5a95222fc0b9b7eec897327e421a12311660d330a65bc818ee41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://shavetape.cash/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 696
content-type: text/html
date: Mon, 13 Mar 2023 12:52:13 GMT
etag: "6406e24d-2b8"
expires: Mon, 13 Mar 2023 13:52:13 GMT
last-modified: Tue, 07 Mar 2023 10:05:49 GMT
strict-transport-security: max-age=31536000

GET
H/1.1 200
OK metrica
adfstat.yandex.ru/ Frame 884B 0
0 174ms
58ms Image
application/json 2a02:6b8::346
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adfstat.yandex.ru/metrica?id=182354515
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::346 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mc.yandex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

POST
H2 200 61426822
mc.yandex.com/watch/ Frame F385 43 B
77 B 61ms
60ms Ping
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/61426822?page-url=goal%3A%2F%2Fshavetape.cash%2Fsbox&page-ref=https%3A%2F%2Fshavetape.cash%2Fblocked&charset=utf-8&hittoken=1678711933_24c090b91f14e716fe75126dfa8ad4ef64d1313a0180b85d18da91abccd3b92d&browser-info=ar%3A1%3Avf%3A1l9q8t2xwu9apk6vq4sn3b%3Afu%3A2%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A982%3Acn%3A1%3Adp%3A1%3Als%3A823390883803%3Ahid%3A182354515%3Az%3A0%3Ai%3A20230313125213%3Aet%3A1678711934%3Ac%3A1%3Arn%3A457596928%3Arqn%3A9%3Au%3A1678711931352215835%3Aw%3A980x490%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C447%2C448%2C0%2C%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1678711932993%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678711934%3At%3A&t=gdpr(14)mc(g-1)clc(0-0-0)mtb(0)rqnt(3)aw(1)pe(1)cs(11212)efid(1)ti(0)&force-urlencoded=1

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:52:13 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 13-Mar-2023 12:52:13 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://shavetape.cash
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 13-Mar-2023 12:52:13 GMT

GET
H3 200 blocked Show response
shavetape.cash/ Frame F385 115 KB
32 KB 58ms
58ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shavetape.cash/blocked
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/blocked
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 227c95a796b283a976209cb04843bf0fef1fde0555e1b82558da2d45696c1e79

Request headers

Referer: https://shavetape.cash/blocked
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7a7469b38a302c46-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 13 Mar 2023 12:52:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jnXnEU9iijiGGne5pvVT0nf97wdUYC%2FrlMPTpOlVeZDXsXsBefBuqT34xKnMwUPwKd1HjgxVBkbyXcRNSmUH03a0AoHsz8ZrafrgPJ%2BQRVAhefH91jtCmG%2Fj7oodaSd%2FerXUvIRyNbGCEBU%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 jquery.min.js Show response
shavetape.cash/js/ Frame F385 86 KB
31 KB 22ms
21ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shavetape.cash/js/jquery.min.js
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/blocked
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/blocked
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:52:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 13 Dec 2020 16:27:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3425
etag: W/"5fd64104-15851"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g34YKbv2rllT32w3MCO6%2BDfl4sJUsy1QshPNzcebTuTrAAMx4VelRTqygMJSt555oP3j%2BTX1WdIT2RXu2J9fVGAnBRDTeAkn263g%2Bq87WzkCJbvojfZpH4mWtXmLUMweglNiWtQV39cIU4qzgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7a7469b3fad32c46-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ad.js Show response
shavetape.cash/ Frame F385 20 B
530 B 18ms
17ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shavetape.cash/ad.js
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/blocked
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8964d85afd6d5d84b97872464646809c952ab900cdf5c5d7c3b7b4bdb74202fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/blocked
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:52:14 GMT
cf-cache-status: HIT
last-modified: Sun, 13 Dec 2020 16:27:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1070
etag: "5fd64104-14"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PupZ17ZQesenZqU%2B1oB1gu%2BT1ga%2BWBB0IkVEeCF2gVamgtmIgtBz%2BDNYmCg0koSH3fQ6YWP6W0TXT9Wt50Ok6ugUPNaYVKVgj0oUnNzmEzTs4nckbV2GsQpfS6EE72Hq0YioDJIi9E4nRxQMvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 7a7469b3fad52c46-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20

GET
H/1.1 200
OK 58191 Show response
aa.samaniclucked.com/gsV9RVRXE38D9/ Frame F385 0
0 43ms
15ms Script
text/html 172.255.6.212
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.samaniclucked.com/gsV9RVRXE38D9/58191
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/blocked
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 172.255.6.212 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H/1.1 403
Forbidden a643d84dff3acdde43da1bbe7a14fd9b.js
lazypeacefullyutterly.com/a6/43/d8/ Frame F385 0
0 103ms
102ms Script
application/javascript 173.233.137.44
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://lazypeacefullyutterly.com/a6/43/d8/a643d84dff3acdde43da1bbe7a14fd9b.js
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/blocked
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.44 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 13 Mar 2023 12:52:14 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ Frame F385 211 KB
72 KB 55ms
55ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: shavetape.cash
URL: https://shavetape.cash/blocked

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

025131d9c15ae8bc85f70a51c95aece581630b3dc3caa26cfeb1f79532c224d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:52:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Mar 2023 10:05:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6406e24d-11fef"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73711
expires: Mon, 13 Mar 2023 13:52:14 GMT

GET
H3 200 fJKjbg7Qps Show response
zimpolo.com/sub/ Frame 2CCD 239 B
567 B 40ms
40ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zimpolo.com/sub/fJKjbg7Qps
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/blocked
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d7820d757464633f0cfef9e92bf9bafd9eedd4197fe0d2070c752fc8436be5

Request headers

Referer: https://shavetape.cash/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a7469b4ab7b39da-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 13 Mar 2023 12:52:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XijSTuRHu0KofmqiL618yjOXruE2hcPiZcf8opMAtwmcf7%2BD36cqSA1c1fovsej4RWdEc%2Fc%2FhsOUBQE%2Bt8KdbWG%2BJLgI%2B9CwhKVoOdnLk%2FZtWx4PVeMuVGuxOYvNdj1SHgFdEOMbZ1ZCYA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 XrhN0kTsdA Show response
a.adforcast.com/sub/ Frame D5EA 233 B
558 B 38ms
38ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.adforcast.com/sub/XrhN0kTsdA
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/blocked
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c15903430626ae030ee8348a9bdc240de2ae4b98edb655e07f4a66091fd64430

Request headers

Referer: https://shavetape.cash/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a7469b4adef9b82-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 13 Mar 2023 12:52:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecZFTExDOMqvwFLRbnYyE%2BaxO5e2M7STbuv2wfoUc0x8PWSqVTHukDnmJnlnt3%2BuAZu42JgNDPCPOuTIAmyI9MQaxD5M3MALoLzoS8oWDGw45sX0B8S83TGQ6OVQM20G7Zc5JLK0ggcnRB1%2BMLA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 61426822 Show response
mc.yandex.com/watch/ Frame F385 439 B
519 B 56ms
55ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/61426822?wmode=7&page-url=https%3A%2F%2Fshavetape.cash%2Fblocked&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A120%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A823390883803%3Ahid%3A341907196%3Az%3A0%3Ai%3A20230313125214%3Aet%3A1678711934%3Ac%3A1%3Arn%3A1039555210%3Arqn%3A10%3Au%3A1678711931352215835%3Aw%3A980x490%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C58%2C2%2C0%2C0%2C%2C123%2C0%2C%2C%2C%2C184%3Aco%3A0%3Acpf%3A1%3Ans%3A1678711933998%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678711934%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

a76c10f89acc90bed79ad874524234e565b79a250c53abd0afc62221fb6603ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:52:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 13-Mar-2023 12:52:14 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://shavetape.cash
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 439
x-xss-protection: 1; mode=block
expires: Mon, 13-Mar-2023 12:52:14 GMT

GET

redirect
xml.acertb.com/ Frame D5EA
Redirect Chain

https://a.adforcast.com/load
https://xml.acertb.com/redirect?feed=489656&auth=h8OGfp&pubid=158935

0
0

GET
H/1.1

200
OK

redirect Show response
xml.popmonetizer.net/ Frame 2CCD
Redirect Chain

https://zimpolo.com/load
https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183

0
165 B

93ms
92ms

Document
text/plain

174.137.133.18
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/blocked
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.18 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://zimpolo.com
Referer: https://zimpolo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: keep-alive
Content-Length: 0
Date: Mon, 13 Mar 2023 12:52:14 GMT
Pragma: no-cache
Server: nginx

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a7469b51c2e39da-FRA
content-type: text/html; charset=utf-8
date: Mon, 13 Mar 2023 12:52:14 GMT
location: https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=onQjPwcU9ndGkNIp0pb7EcngBvpRQ7jdQqvr6BNIAFR%2FtqGr0rkKvauN0MCfRML9lsibcYyOV3BGg%2BVb1XEZqZ3JHGQ3CvEl9PV2Ql%2BHak3LFYyP611ukOEi243kVJJ6uvw6vjJVRwmuEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 61426822 Show response
mc.yandex.com/watch/ Frame F385 43 B
83 B 62ms
62ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/61426822?page-url=goal%3A%2F%2Fshavetape.cash%2Fsbox_bl&page-ref=https%3A%2F%2Fshavetape.cash%2Fblocked&charset=utf-8&hittoken=1678711934_a7078bcf6f734c4d3ea3a6266787fb875ac52549e9c653ab0a7a64fade5e0983&browser-info=ar%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A2%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A1%3Als%3A823390883803%3Ahid%3A341907196%3Az%3A0%3Ai%3A20230313125214%3Aet%3A1678711934%3Ac%3A1%3Arn%3A559098957%3Arqn%3A11%3Au%3A1678711931352215835%3Aw%3A980x490%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1678711933998%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678711934%3At%3A&t=gdpr(14)mc(g-1)clc(0-0-0)rqnt(2)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:52:14 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 13-Mar-2023 12:52:14 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://shavetape.cash
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 13-Mar-2023 12:52:14 GMT

GET
H2 200 61426822 Show response
mc.yandex.com/watch/ Frame F385 43 B
74 B 54ms
54ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/61426822?page-url=goal%3A%2F%2Fshavetape.cash%2Fsbox&page-ref=https%3A%2F%2Fshavetape.cash%2Fblocked&charset=utf-8&hittoken=1678711934_a7078bcf6f734c4d3ea3a6266787fb875ac52549e9c653ab0a7a64fade5e0983&browser-info=ar%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A2%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A1%3Als%3A823390883803%3Ahid%3A341907196%3Az%3A0%3Ai%3A20230313125214%3Aet%3A1678711935%3Ac%3A1%3Arn%3A709835230%3Arqn%3A12%3Au%3A1678711931352215835%3Aw%3A980x490%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C451%2C451%2C0%2C%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1678711933998%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678711935%3At%3A&t=gdpr(14)mc(g-1)clc(0-0-0)rqnt(3)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:52:14 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 13-Mar-2023 12:52:14 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://shavetape.cash
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 13-Mar-2023 12:52:14 GMT

GET
H3 200 blocked Show response
shavetape.cash/ Frame F385 115 KB
32 KB 33ms
32ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shavetape.cash/blocked
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/blocked
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58565cc8dbd7ae313cb85d491c8e6fcf5f9178ae3a64fb5b31cd2b8cdb47ac36

Request headers

Referer: https://shavetape.cash/blocked
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7a7469baad342c46-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 13 Mar 2023 12:52:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3bMkqrHv2AbpCtkTVNfV0rk2KQbAvD5jvdbJPSL%2BazEWwwgjWI9HWOiCONGQoqpyGv%2FDlbjT4lcXXNxuig%2FGr41XJFMXqYo%2F1j2FJ3oM6QVMAurEurqp63QV8rpznUjS1rPmdBdjEs2eVNWsg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 jquery.min.js Show response
shavetape.cash/js/ Frame F385 86 KB
31 KB 18ms
17ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shavetape.cash/js/jquery.min.js
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/blocked
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/blocked
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:52:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 13 Dec 2020 16:27:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3426
etag: W/"5fd64104-15851"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qO%2BewrsFkia0qVCOBOOOBijEkdmKSbdJS2%2FOfsvLyKozjNarrGnMx56atbOoAgdnhsoBDK3Euo97Pa3MHCY7C6KslUREncnQc8ba6MaBtVM43zv3GSIPuvKNFw7FUd6CO4HtajCeSNt5yhX5kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=259200
cf-ray: 7a7469baed952c46-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ad.js Show response
shavetape.cash/ Frame F385 20 B
541 B 16ms
15ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shavetape.cash/ad.js
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/blocked
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8964d85afd6d5d84b97872464646809c952ab900cdf5c5d7c3b7b4bdb74202fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/blocked
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:52:15 GMT
cf-cache-status: HIT
last-modified: Sun, 13 Dec 2020 16:27:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1071
etag: "5fd64104-14"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXGVYvp196GmMEfvvfNICN%2BznWgbJONMC%2FDa5pOeFqc96n8g4l3uWL9%2BaoO6dXLDTyySz%2BXE0DUoFQmHkR07qkFP98%2FEtnNssW%2FCWBVbU1jpuYMO6xSgSDh94RZDukPkJB9q%2F8ZRIuSR0%2FIeNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 7a7469baed962c46-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20

GET
H/1.1 200
OK 58191 Show response
aa.samaniclucked.com/gsV9RVRXE38D9/ Frame F385 0
0 41ms
14ms Script
text/html 172.255.6.212
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.samaniclucked.com/gsV9RVRXE38D9/58191
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/blocked
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 172.255.6.212 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 200 1 Show response
arsnivyr.com/ Frame F385 0
152 B 16ms
15ms Script
text/plain 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://arsnivyr.com/1?z=4670225
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/blocked
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: text/plain; charset=utf-8
pragma: no-cache
date: Mon, 13 Mar 2023 12:52:15 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ Frame F385 211 KB
72 KB 104ms
104ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: shavetape.cash
URL: https://shavetape.cash/blocked

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

025131d9c15ae8bc85f70a51c95aece581630b3dc3caa26cfeb1f79532c224d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 12:52:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Mar 2023 10:05:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6406e24d-11fef"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73711
expires: Mon, 13 Mar 2023 13:52:15 GMT

GET
H3 200 fJKjbg7Qps Show response
zimpolo.com/sub/ Frame EF62 239 B
567 B 37ms
36ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zimpolo.com/sub/fJKjbg7Qps
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/blocked
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d7820d757464633f0cfef9e92bf9bafd9eedd4197fe0d2070c752fc8436be5

Request headers

Referer: https://shavetape.cash/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a7469bb2c0739da-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 13 Mar 2023 12:52:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDZcfhuvWW1Aj%2FDDQW6X08br6WqAdGxrR8d%2FPG2C1UeYeMCAJhgOuGgcKCU8WN9wW5h%2BOyI63jlgVQEx6YivU0tGjlOfd%2B17l712T2wOhlDaGrZ44p0wczGxXpfc%2BjdqjYOZBlpW73W%2FfA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 XrhN0kTsdA Show response
a.adforcast.com/sub/ Frame 64F9 233 B
559 B 38ms
37ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.adforcast.com/sub/XrhN0kTsdA
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/blocked
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c15903430626ae030ee8348a9bdc240de2ae4b98edb655e07f4a66091fd64430

Request headers

Referer: https://shavetape.cash/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a7469bb2e479b82-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 13 Mar 2023 12:52:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C9qGsf0mH3gKmrvCcaD%2BtR5EIFGKOJa9F0nM79kqCMhcp9g5FE%2BhHmIoEnxB72oaeg2sDEOGeaysPTE%2FWFWkYntwbqpNps%2FCFZqoFRmwQ2SVieD7civ7LUEo%2Bls6n127wG7swUSZjbXbdS47QyY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1

200
OK

redirect Show response
xml.popmonetizer.net/ Frame EF62
Redirect Chain

https://zimpolo.com/load
https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183

0
165 B

220ms
220ms

Document
text/plain

174.137.133.18
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183
Requested by: Host: shavetape.cash
URL: https://shavetape.cash/blocked
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.18 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://zimpolo.com
Referer: https://zimpolo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: keep-alive
Content-Length: 0
Date: Mon, 13 Mar 2023 12:52:15 GMT
Pragma: no-cache
Server: nginx

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a7469bc7e2d39da-FRA
content-type: text/html; charset=utf-8
date: Mon, 13 Mar 2023 12:52:15 GMT
location: https://xml.popmonetizer.net/redirect?feed=493479&auth=ZR4GkP&pubid=155183
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSFDKCWCoLLsZQqduPyYUtxAmRi6WEQn93eHYK1frtqzuc0eRTStEkKXzTe07Yb1au2JRzv7mynP5CZVmshaVbMsxO8wpF5cm0qNNt0UGd%2FtjVHVFag5oxR7L2HeodUZtiYqzDxsVKuokA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 61426822 Show response
mc.yandex.com/watch/ Frame F385 439 B
518 B 55ms
54ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/61426822?wmode=7&page-url=https%3A%2F%2Fshavetape.cash%2Fblocked&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A212%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A823390883803%3Ahid%3A685625378%3Az%3A0%3Ai%3A20230313125215%3Aet%3A1678711935%3Ac%3A1%3Arn%3A1067235779%3Arqn%3A13%3Au%3A1678711931352215835%3Aw%3A980x490%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C32%2C15%2C121%2C0%2C%2C36%2C0%2C%2C%2C%2C206%3Aco%3A0%3Acpf%3A1%3Ans%3A1678711935016%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678711935%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

50e001dc77cab1e1b656d3abde5c901b216b7a55b7adb8c12d2f93a9399169c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:52:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 13-Mar-2023 12:52:15 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://shavetape.cash
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 439
x-xss-protection: 1; mode=block
expires: Mon, 13-Mar-2023 12:52:15 GMT

GET

redirect
xml.acertb.com/ Frame 64F9
Redirect Chain

https://a.adforcast.com/load
https://xml.acertb.com/redirect?feed=489656&auth=h8OGfp&pubid=158935

0
0

GET
H2 200 61426822 Show response
mc.yandex.com/watch/ Frame F385 43 B
74 B 60ms
60ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/61426822?page-url=goal%3A%2F%2Fshavetape.cash%2Fsbox_bl&page-ref=https%3A%2F%2Fshavetape.cash%2Fblocked&charset=utf-8&hittoken=1678711935_0c0386d8b83402303a6294a225a62bbe32a4f8809ae8830c414e65fe06502455&browser-info=ar%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A2%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A1%3Als%3A823390883803%3Ahid%3A685625378%3Az%3A0%3Ai%3A20230313125215%3Aet%3A1678711935%3Ac%3A1%3Arn%3A528228514%3Arqn%3A14%3Au%3A1678711931352215835%3Aw%3A980x490%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1678711935016%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678711935%3At%3A&t=gdpr(14)mc(g-1)clc(0-0-0)rqnt(2)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:52:15 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 13-Mar-2023 12:52:15 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://shavetape.cash
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 13-Mar-2023 12:52:15 GMT

GET
H2 200 61426822 Show response
mc.yandex.com/watch/ Frame F385 43 B
74 B 54ms
54ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/61426822?page-url=goal%3A%2F%2Fshavetape.cash%2Fsbox&page-ref=https%3A%2F%2Fshavetape.cash%2Fblocked&charset=utf-8&hittoken=1678711935_0c0386d8b83402303a6294a225a62bbe32a4f8809ae8830c414e65fe06502455&browser-info=ar%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A2%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A1%3Als%3A823390883803%3Ahid%3A685625378%3Az%3A0%3Ai%3A20230313125215%3Aet%3A1678711936%3Ac%3A1%3Arn%3A120474760%3Arqn%3A15%3Au%3A1678711931352215835%3Aw%3A980x490%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C687%2C687%2C0%2C%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1678711935016%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678711936%3At%3A&t=gdpr(14)mc(g-1)clc(0-0-0)rqnt(3)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shavetape.cash/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 12:52:15 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 13-Mar-2023 12:52:15 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://shavetape.cash
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 13-Mar-2023 12:52:15 GMT

GET blocked
shavetape.cash/ Frame F385 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: xml.acertb.com
URL: https://xml.acertb.com/redirect?feed=489656&auth=h8OGfp&pubid=158935

Domain: shavetape.cash
URL: https://shavetape.cash/blocked

Domain: xml.acertb.com
URL: https://xml.acertb.com/redirect?feed=489656&auth=h8OGfp&pubid=158935

Domain: xml.acertb.com
URL: https://xml.acertb.com/redirect?feed=489656&auth=h8OGfp&pubid=158935

Domain: xml.acertb.com
URL: https://xml.acertb.com/redirect?feed=489656&auth=h8OGfp&pubid=158935

Domain: xml.acertb.com
URL: https://xml.acertb.com/redirect?feed=489656&auth=h8OGfp&pubid=158935

Domain: shavetape.cash
URL: https://shavetape.cash/blocked

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bleokerrie.com/	1970-01-20 10:19:58	Name: GL_UI4 Value: eJw9TVlugzAUhJilUQrqSBwgR8ARVMln1UP0E3l5EDdgR8YN6u1rVWrnZ0azaJIk2TU10kfBwL5Ej2PbndWousspgkR7HmXL%2B4uS3auQ%2FUkp7M06BCFnChmeJ7LkjRqU01ThJUZ%2Fzs26zWbIpRdWV8iX2JgrlNK7bSXfMGRWLITi%2Fepd5HwRn86Dcc6jNjbqtMXOrQ2r9yg%2FjNVxWB%2Bw421dFQkO91mE0fllMLpIkU9eaEL6hiclAk3Of6PUtN6CuwNu1sN%2F%2F%2FeXbbxFoelhVDx34Ur%2BB7aESuI%3D
bleokerrie.com/	1970-01-20 10:19:58	Name: GL_GI10 Value: eJxljNFqwkAQReOmxkpL2gt%2BQH6ggvqiz01aH%2FQbliVOZJDdWXZXafr1NQql0Kd7OTPnZlmmZiUUe5SL1Xq%2B2GzmQ6yWyI8kUHWD51bOLoVeO2MJk08K1rgeRaAji4PaNni6d93KgTCum7c%2F7GaNtxQj4aHl1AMfwbhTdw6pMrbaG3aYDoe7Prvq%2Fx9yjh6vtUmmNdZXO7ac6ICpo6Sjp6G%2BS%2FASTCKUv%2FQ2WeR45Kh9kK%2B%2BGOElsaVvcaSl6yKlKxpdCvUD11lQnQ%3D%3D
aa.samaniclucked.com/	1970-01-20 10:19:58	Name: GL_UI4 Value: eJw9TVlugzAUhJilUQrqSBwgR8ARVMln1UP0E3l5EDdgR8YN6u1rVWrnZ0azaJIk2TU10kfBwL5Ej2PbndWousspgkR7HmXL%2B4uS3auQ%2FUkp7M06BCFnChmeJ7LkjRqU01ThJUZ%2Fzs26zWbIpRdWV8iX2JgrlNK7bSXfMGRWLITi%2Fepd5HwRn86Dcc6jNjbqtMXOrQ2r9yg%2FjNVxWB%2Bw421dFQkO91mE0fllMLpIkU9eaEL6hiclAk3Of6PUtN6CuwNu1sN%2F%2F%2FeXbbxFoelhVDx34Ur%2BB7aESuI%3D
aa.samaniclucked.com/	1970-01-20 10:19:58	Name: GL_GI10 Value: eJxljNFqwkAQReOmxkpL2gt%2BQH6ggvqiz01aH%2FQbliVOZJDdWXZXafr1NQql0Kd7OTPnZlmmZiUUe5SL1Xq%2B2GzmQ6yWyI8kUHWD51bOLoVeO2MJk08K1rgeRaAji4PaNni6d93KgTCum7c%2F7GaNtxQj4aHl1AMfwbhTdw6pMrbaG3aYDoe7Prvq%2Fx9yjh6vtUmmNdZXO7ac6ICpo6Sjp6G%2BS%2FASTCKUv%2FQ2WeR45Kh9kK%2B%2BGOElsaVvcaSl6yKlKxpdCvUD11lQnQ%3D%3D
.shavetape.cash/	1970-01-20 19:04:07	Name: _ym_uid Value: 1678711931352215835
.shavetape.cash/	1970-01-20 19:04:07	Name: _ym_d Value: 1678711931
downfscr.xyz/	1970-01-20 11:44:55	Name: adcashufpv3 Value: 945941268188151700883130437
.shavetape.cash/	1970-01-20 10:19:43	Name: _ym_isad Value: 2
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2050835181678711931
.yandex.com/	1970-01-20 19:54:31	Name: i Value: HAljwDT2uPdc87ktj2Sxb+C/qDkz8IESlr+SXkrY2ftjXRY/MmroRhUNeHJC9DY8OVVVgPKLSUb/2s4JElbQjsvLes0=
.yandex.com/	1970-01-20 19:54:31	Name: yandexuid Value: 9530555901678711931
.yandex.com/	1970-01-20 19:04:07	Name: yuidss Value: 9530555901678711931
.yandex.com/	1970-01-20 19:04:07	Name: ymex Value: 1710247931.yrts.1678711931#1710247931.yrtsi.1678711931

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://profitablegatetocontent.com/68/88/1d/68881dd8b72caf0194422455d0b10d44.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
security	error	URL: https://a.adforcast.com/sub/XrhN0kTsdA(Line 2) Message: Mixed Content: The page at 'https://downfscr.xyz/' was loaded over HTTPS, but requested an insecure form action 'http://xml.expialidosius.com/redirect?feed=496482&auth=16jDmy&subid=&query=&url=https%3A%2F%2Fa.adforcast.com%2FMozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F111.0.5563.64+Safari%2F537.36'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://lazypeacefullyutterly.com/a6/43/d8/a643d84dff3acdde43da1bbe7a14fd9b.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
security	error	URL: https://a.adforcast.com/sub/XrhN0kTsdA(Line 2) Message: Mixed Content: The page at 'https://downfscr.xyz/' was loaded over HTTPS, but requested an insecure form action 'http://xml.expialidosius.com/redirect?feed=496482&auth=16jDmy&subid=&query=&url=https%3A%2F%2Fa.adforcast.com%2FMozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F111.0.5563.64+Safari%2F537.36'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://lazypeacefullyutterly.com/a6/43/d8/a643d84dff3acdde43da1bbe7a14fd9b.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
security	error	URL: https://a.adforcast.com/sub/XrhN0kTsdA(Line 2) Message: Mixed Content: The page at 'https://downfscr.xyz/' was loaded over HTTPS, but requested an insecure form action 'http://xml.expialidosius.com/redirect?feed=496482&auth=16jDmy&subid=&query=&url=https%3A%2F%2Fa.adforcast.com%2FMozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F111.0.5563.64+Safari%2F537.36'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://lazypeacefullyutterly.com/a6/43/d8/a643d84dff3acdde43da1bbe7a14fd9b.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
security	error	URL: https://a.adforcast.com/sub/XrhN0kTsdA(Line 2) Message: Mixed Content: The page at 'https://downfscr.xyz/' was loaded over HTTPS, but requested an insecure form action 'http://xml.expialidosius.com/redirect?feed=496482&auth=16jDmy&subid=&query=&url=https%3A%2F%2Fa.adforcast.com%2FMozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F111.0.5563.64+Safari%2F537.36'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://a.adforcast.com/sub/XrhN0kTsdA(Line 2) Message: Mixed Content: The page at 'https://downfscr.xyz/' was loaded over HTTPS, but requested an insecure form action 'http://xml.expialidosius.com/redirect?feed=496482&auth=16jDmy&subid=&query=&url=https%3A%2F%2Fa.adforcast.com%2FMozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F111.0.5563.64+Safari%2F537.36'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.adforcast.com
aa.samaniclucked.com
adfstat.yandex.ru
arsnivyr.com
bleokerrie.com
discovernative.com
downfscr.xyz
fonts.gstatic.com
googleads.g.doubleclick.net
lazypeacefullyutterly.com
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
profitablegatetocontent.com
shavetape.cash
superonclick.com
thumb.tapecontent.net
ufpcdn.com
www.google.com
www.gstatic.com
xml.acertb.com
xml.popmonetizer.net
zimpolo.com
shavetape.cash
xml.acertb.com
130.211.31.231
139.45.197.242
172.255.6.212
173.233.137.44
174.137.133.18
192.243.59.13
23.109.87.203
2606:4700:3037::ac43:8e31
2606:4700:3037::ac43:bd78
2606:4700:3037::ac43:cd20
2606:4700:3038::6815:eb94
2a00:1450:4001:802::2002
2a00:1450:4001:808::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2002
2a02:6b8::1:119
2a02:6b8::346
2a06:98c1:3120::3
2a06:98c1:3121::3
00c57c8b0121e3c2154bc0c181a5c01ad10550648cc4835a62dc887d5427c656
025131d9c15ae8bc85f70a51c95aece581630b3dc3caa26cfeb1f79532c224d4
0398eaa88b89d56f770c9e4f966a90d1f82bbb5d189924221a06abc8f998bf5b
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
10055ac3c9d72bba0edcf7813858f543e085183da9a554fe1cded14a7dc1b00f
104450103ee1e572db5a3029dbeccf319e898e95c93ae652bc218c1a7d38806f
1b0a89316b4c4edfcaecd47b2cd0a992c29219a6bf57a9f6dcda37a3f037a02e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c43373995a8fb72a1b63b7864dc92d0cb911ff749af22a48cbf30b202c24a78
227c95a796b283a976209cb04843bf0fef1fde0555e1b82558da2d45696c1e79
25030a9d025c1e8c6d1bc7a95152b7265ef6eade6ed5d568b4631b828dc5e0db
35b07a9573a852abd2cf461bfc4644b1e77cd9c89b57f090ba8f8ac7f74d1c0b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ec6dbbed2b57cd87d18d357e6446b51fa5a34b410d99f09624bce2e6ea43a6
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
4aae12a5357524d482c0087a5032bb8f42d6b60b238ac5a89a7bcb93779d6698
50e001dc77cab1e1b656d3abde5c901b216b7a55b7adb8c12d2f93a9399169c7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58565cc8dbd7ae313cb85d491c8e6fcf5f9178ae3a64fb5b31cd2b8cdb47ac36
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d2ea1a0f53dfd5ffae5cf43b3d6fd75f1f3666ec64a4927a412c75cc62f0603
5e008e03e1be26d3c8a0291bb1d29f93bddeef133fefd946ed207245fc6e63ea
6495d9ddd2bd445b562f41aa96a50a7d4a51120925286ec72a73d83847520b36
67ad5ea660b529f464d865e2c8400d2af98139647f094556a004b5e1c9ca0436
7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51
82d7820d757464633f0cfef9e92bf9bafd9eedd4197fe0d2070c752fc8436be5
8964d85afd6d5d84b97872464646809c952ab900cdf5c5d7c3b7b4bdb74202fa
8a709796e01e5a95222fc0b9b7eec897327e421a12311660d330a65bc818ee41
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9bbb9e51e4cfd6ff0dfcfce6c873224aac6f3cdf8d084e69f2f9a9e4badde548
a085a2d615369a0e582f00d45fdb0dfa425579658d726294686de24d7aa3bae6
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a76c10f89acc90bed79ad874524234e565b79a250c53abd0afc62221fb6603ac
c15903430626ae030ee8348a9bdc240de2ae4b98edb655e07f4a66091fd64430
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c47be0dbc8b8a0bd1ab27a7eb0f54af86ad21d8f0070dbceb0b36c47194dff54
c8ee788393557979384e776bccdcdfbb23a33791516151e87e74d25ce6563837
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
d44ef14afa78a35daf3b5ee628e5d27f2487e8276e0ee5ff25cd9d7859dc5518
e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

downfscr.xyz Open in urlscan Pro 2606:4700:3037::ac43:cd20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

99 Requests

92 %HTTPS

65 %IPv6

21 Domains

23 Subdomains

21 IPs

5 Countries

1573 kBTransfer

3883 kBSize

13 Cookies

2 Outgoing links

Redirected requests

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

downfscr.xyz Open in urlscan Pro
2606:4700:3037::ac43:cd20 Public Scan

Screenshot
Live screenshot

Full Image

99
Requests

92 %
HTTPS

65 %
IPv6

21
Domains

23
Subdomains

21
IPs

5
Countries

1573 kB
Transfer

3883 kB
Size

13
Cookies

99 HTTP transactions
0 data transactions