urlscan.io logo urlscan.io
SecurityTrails logo

stfly.me Open in urlscan Pro
2606:4700:e0::ac40:6709  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://url.baixarseriesmp4.com/redirecionador/5d05749b48d84-405534
Effective URL: https://stfly.me/65mY
Submission: On December 02 via manual from AO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 4 countries across 22 domains to perform 72 HTTP transactions. The main IP is 2606:4700:e0::ac40:6709, located in United States and belongs to CLOUDFLARENET, US. The main domain is stfly.me.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 19th 2021. Valid for: a year.
This is the only time stfly.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
7 2606:4700:e0:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700:303... 13335 (CLOUDFLAR...)
2 139.45.197.238 9002 (RETN-AS)
1 23.109.248.173 7979 (SERVERS-COM)
3 2a00:1450:400... 15169 (GOOGLE)
3 139.45.197.237 9002 (RETN-AS)
5 139.45.197.239 9002 (RETN-AS)
2 139.45.195.8 9002 (RETN-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 7 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:303... 13335 (CLOUDFLAR...)
2 139.45.195.254 9002 (RETN-AS)
1 178.162.156.37 60781 (LEASEWEB-...)
4 142.250.184.226 15169 (GOOGLE)
2 2620:116:800d... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
72 25
1    2606:4700:3035::ac43:aaee (United States)

ASN13335 (CLOUDFLARENET, US)
url.baixarseriesmp4.com
1    2606:4700:3033::ac43:c369 (United States)

ASN13335 (CLOUDFLARENET, US)
shrtfly.com
7    2606:4700:e0::ac40:6709 (United States)

ASN13335 (CLOUDFLARENET, US)
stfly.me
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2606:4700:3037::6815:309a (United States)

ASN13335 (CLOUDFLARENET, US)
account.adstripe.net
2    139.45.197.238 (United Kingdom)

ASN9002 (RETN-AS, GB)
omchanseyr.com
1    23.109.248.173 (Netherlands)

ASN7979 (SERVERS-COM, US)
sanggilregard.com
3    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)
dozubatan.com
5    139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)
toglooman.com
2    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    2606:4700:3033::ac43:b4cb (United States)

ASN13335 (CLOUDFLARENET, US)
tagcachestaticx.com
6    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
7    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2606:4700:3036::ac43:859c (United States)

ASN13335 (CLOUDFLARENET, US)
itsguider.com
2    139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)
tagcachedataxrt.com
1    178.162.156.37 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com
perf.cdnads.com
4    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
9c3a52f51bee96c61a5154d00338302f.safeframe.googlesyndication.com
1    2600:9000:2156:600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
5    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
Domain Requested by
7 www.google.com 1 redirects stfly.me
tpc.googlesyndication.com
7 stfly.me stfly.me
6 pagead2.googlesyndication.com tagcachestaticx.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 account.adstripe.net stfly.me
account.adstripe.net
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
itsguider.com
5 toglooman.com omchanseyr.com
toglooman.com
4 securepubads.g.doubleclick.net itsguider.com
securepubads.g.doubleclick.net
4 itsguider.com account.adstripe.net
itsguider.com
3 dozubatan.com omchanseyr.com
dozubatan.com
3 fonts.gstatic.com fonts.googleapis.com
2 tagcachedataxrt.com tagcachestaticx.com
2 my.rtmark.net omchanseyr.com
dozubatan.com
2 omchanseyr.com stfly.me
omchanseyr.com
2 fonts.googleapis.com stfly.me
securepubads.g.doubleclick.net
1 googleads.g.doubleclick.net itsguider.com
1 pixel.quantserve.com itsguider.com
1 rules.quantcount.com secure.quantserve.com
1 9c3a52f51bee96c61a5154d00338302f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 secure.quantserve.com itsguider.com
1 perf.cdnads.com stfly.me
1 tagcachestaticx.com dozubatan.com
1 sanggilregard.com stfly.me
1 shrtfly.com 1 redirects
1 url.baixarseriesmp4.com 1 redirects
72 27

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-05-19 -
2022-05-18		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
omchanseyr.com
R3		 2021-11-04 -
2022-02-02		 3 months crt.sh
sanggilregard.com
R3		 2021-10-18 -
2022-01-16		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
dozubatan.com
R3		 2021-10-09 -
2022-01-07		 3 months crt.sh
toglooman.com
R3		 2021-11-06 -
2022-02-04		 3 months crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA		 2021-11-20 -
2022-11-26		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.itsguider.com
R3		 2021-10-14 -
2022-01-12		 3 months crt.sh
tagcachedataxrt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-09 -
2022-10-09		 a year crt.sh
cdnads.com
R3		 2021-11-18 -
2022-02-16		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://stfly.me/65mY
Frame ID: 293A1B5D1DF6A9B2E90A26BC7EB10BCF
Requests: 30 HTTP requests in this frame

Frame: https://account.adstripe.net/display/index.php?page=query/items/&aduid=21&pid=1&width=336&height=280&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=945&page_data=255da390f7e99e62e8300cf398c0f848&time=1638437928&deliver=stfly.me&search_keywords=&page_referrer=aHR0cHM6Ly9zdGZseS5tZS82NW1Z&page_title=&meta_description=
Frame ID: A4FE5EB44848B26D074DBD34E0FF8234
Requests: 5 HTTP requests in this frame

Frame: https://itsguider.com/336_2.php
Frame ID: DC9AE5B399D4356CD22CE02B5A654203
Requests: 15 HTTP requests in this frame

Frame: https://9c3a52f51bee96c61a5154d00338302f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: AA67D76339B434BE2E1BE03665E3F7E5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: F954E7AEA30FEBDF5AFF9DE4DFC117A5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2935D3632FEE73947FB59E00302AD675
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: 41EB487D1F4999754DFF05C4B9CC4503
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://url.baixarseriesmp4.com/redirecionador/5d05749b48d84-405534 HTTP 302
    https://shrtfly.com/full/?api=d1182fca3f6c76d66be50a6c9d818bd301bc442f&url=aHR0cDovL3BhbmRhZmlsZ... HTTP 301
    https://stfly.me/65mY Page URL

Page Statistics

72
Requests

99 %
HTTPS

69 %
IPv6

22
Domains

27
Subdomains

25
IPs

4
Countries

823 kB
Transfer

2288 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://url.baixarseriesmp4.com/redirecionador/5d05749b48d84-405534 HTTP 302
    https://shrtfly.com/full/?api=d1182fca3f6c76d66be50a6c9d818bd301bc442f&url=aHR0cDovL3BhbmRhZmlsZXMuY29tL2ZvbGRlci8xMjY1Mi8x&type=2 HTTP 301
    https://stfly.me/65mY Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

72 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 65mY
stfly.me/
Redirect Chain
  • https://url.baixarseriesmp4.com/redirecionador/5d05749b48d84-405534
  • https://shrtfly.com/full/?api=d1182fca3f6c76d66be50a6c9d818bd301bc442f&url=aHR0cDovL3BhbmRhZmlsZXMuY29tL2ZvbGRlci8xMjY1Mi8x&type=2
  • https://stfly.me/65mY
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stfly.me/65mY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6709 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df4189cc678d09a03ea6b51e819b3a1724f6ae508d6e2105c8689294a6e1741f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 02 Dec 2021 09:38:47 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
x-xss-protection
1; mode=block
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=njk%2BLj%2FwCGKdaDXNuP3T0pQfmkdmWSBS3EJwJ5B8yAcgkNClflRNfo8Ys19MsVXtCfrVT8eIU6gBxNrpl4SCGKVsVboNhDHLQnSw7%2F8OmhtWQxTSbIXx3KOUVvTCwSasiEI%2B%2B%2F7v0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b7395984d224e55-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Thu, 02 Dec 2021 09:38:47 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-robots-tag
noindex, nofollow
x-frame-options
SAMEORIGIN
location
https://stfly.me/65mY
vary
Accept-Encoding,User-Agent
x-xss-protection
1; mode=block
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2FOw0RPaixhjRA9J5FpID9MXODCIrc%2FJ%2FWdtueIXHisw7S7oJzt9h8gBlLS%2B6ar13fL7pzJhLB%2BooYiigsWEcdrgUsy71mVKWuOCPs1eWWdGq1xOWz3NZqjxdVptcckGJop0%2BN5dcMYEmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b7395955d373758-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700
Requested by
Host: stfly.me
URL: https://stfly.me/65mY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
66219bc99ac30a346552ced8a3a2739c915b441219cfd9cf3dbef943cf7ca7bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stfly.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 02 Dec 2021 08:26:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 02 Dec 2021 09:38:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 02 Dec 2021 09:38:47 GMT
bootstrap.min.css
stfly.me/customfiles/ 		108 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stfly.me/customfiles/bootstrap.min.css
Requested by
Host: stfly.me
URL: https://stfly.me/65mY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6709 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83521aad7c96625246ef4168f1d84d12b0652e8eb61ad0875066fee1fa797daf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stfly.me/65mY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
895
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 06 Oct 2020 10:59:12 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1ae1b-5b0fe7d2f8000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9CLMoyiSiKUNvMpzVsKKIedI7C9Jq70AOxiv%2FCOAkGDRpNZCVd3Ep3koxTmkDqcYRB%2FJUwPUofvOVow2MCazaaV9sUIcJ8hio6KD7VZrMFIavz8zHfRX71iXNDt%2BjG2jT2wFP2qnUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6b739599af854e55-FRA
expires
Sat, 01 Jan 2022 09:23:52 GMT
main.css
stfly.me/customfiles/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stfly.me/customfiles/main.css
Requested by
Host: stfly.me
URL: https://stfly.me/65mY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6709 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89e38ae45e4ab6870530ad77bc793c32dcb03a600156b9930ffe3104f6702b25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stfly.me/65mY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
895
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 06 Oct 2020 10:59:12 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"61d1-5b0fe7d2f8000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7Ef8eSfYsS7ki7qHoq2zAXHGrNf75DG6ZYK3OIElPUC4w4p54BvSaizR0JcTO%2BtqIKLNdbyiZ%2BUrysUNmPQQvkk88V0CKzejklAeKOQ6oS3dX83MabnyTmS9BdyxniFOlsGOrLAeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6b739599af864e55-FRA
expires
Sat, 01 Jan 2022 09:23:52 GMT
custom.css
stfly.me/customfiles/ 		47 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stfly.me/customfiles/custom.css
Requested by
Host: stfly.me
URL: https://stfly.me/65mY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6709 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b62d3ff7ec9f5543b6d6a2429170ed375b550d869b90d9886464143cd89b83ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stfly.me/65mY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
895
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 06 Oct 2020 10:59:12 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"bddd-5b0fe7d2f8000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wvB2ENErjWIcW4tbaOJI%2Bg5IBY%2FduXfvFBuq8%2B0zYrX3MV8DHuxU4Z58LqLiFf4ECLRFIAQI3L4UCCHPo7toj7OWIF%2BhO3ea5HX1JsF7CxHOLV1sSLM7lV01C%2FajIrQxCrKitgosaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
6b739599af894e55-FRA
expires
Sat, 01 Jan 2022 09:23:52 GMT
invisible.js
stfly.me/cdn-cgi/challenge-platform/h/b/scripts/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stfly.me/cdn-cgi/challenge-platform/h/b/scripts/invisible.js
Requested by
Host: stfly.me
URL: https://stfly.me/65mY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6709 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fda5ca885a30ce33aeb41a38c0ea1a2f36a2d95a0383714372eb7e94f80fcc8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stfly.me/65mY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:47 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4efu4tswQvociZ9s%2BGrexCZNiPwco2m9n1i8a2BniPergkUhsQ5bxep7XIgJkxUzvdCXsu55KAw%2Bvh%2B5O2px5jeAF3F%2BxXk66YzL%2BQb3OU9iLTAN6biS18RZxJ1TP38C%2BJ48eWvPdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
6b739599af8a4e55-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
items.php
account.adstripe.net/display/ 		62 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.adstripe.net/display/items.php?21&1&336&280&1&0&0
Requested by
Host: stfly.me
URL: https://stfly.me/65mY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:309a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f00bd5605abf09d06d847cc7f88dc99a887b6f6aa6c294d035e22b8f2b5543bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stfly.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
no-cache
last-modified
Thu, 02 Dec 2021 09:38:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1K%2BWEyidyMZwODZiH%2BmPAJuB3DtqF9AsMKCovFtId8C2DTtLo0oFJEqOIEzgz%2F%2BbyAKunTXRjz3XeX4fOVZiNH1CgEukhWFuNZOS4Gq7QkOCvnpVezEIS2B%2F6LSFW33zlKHzWIUJ%2BRzsSbUyXDawws74iw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
6b739599d8f0d6c5-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
apu.php
omchanseyr.com/ 		56 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://omchanseyr.com/apu.php?zoneid=3381289
Requested by
Host: stfly.me
URL: https://stfly.me/65mY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
894a363fb19275ab5c0fb16de199a2094a703f97d189ac6d00ec70cd9e357f06
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stfly.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
access-control-max-age
86400
x-trace-id
a0e5263c8f17bec2014ae017f449f540
pragma
no-cache
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
expires
Tue, 11 Jan 1994 10:00:00 GMT
30732
sanggilregard.com/1clkn/ 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sanggilregard.com/1clkn/30732
Requested by
Host: stfly.me
URL: https://stfly.me/65mY
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.248.173 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stfly.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 09:38:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=1
Keep-Alive
timeout=20
rocket-loader.min.js
stfly.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stfly.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: stfly.me
URL: https://stfly.me/65mY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6709 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stfly.me/65mY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 22 Nov 2021 17:32:49 GMT
server
cloudflare
etag
W/"619bd441-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hRs3w6KKQt7ad%2F23LQj2qVmr8FoptfJQ67KKZqQVdleM3yOis0niw6C%2Fxszp31AfyEZchGf4yWz524ClJfCk6mi40p%2FKxtigY6CbeWuOe5MZNcEavh0SSpiANMUlFhYk1iExtsboXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b739599af8b4e55-FRA
vary
Accept-Encoding
expires
Sat, 04 Dec 2021 09:38:47 GMT
modernizr.min.js
stfly.me/customfiles/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stfly.me/customfiles/modernizr.min.js
Requested by
Host: stfly.me
URL: https://stfly.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6709 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
147b08aa6afaa0b704ebedb56d0b146a7e33600a971e5d20773b3371db70be11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stfly.me/65mY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
893
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 06 Oct 2020 10:59:12 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5f6-5b0fe7d2f8000-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jvaZxXL13u2O6XQshyiUPK0m2UDrzz3vWn2J%2BNX83Sf70BQl3hWB2WuPYyeTrVNWaAZPylcp%2BZU6TPgGmwhJrkXMf3zA72%2FrkJl6IbkoW6Ny3IEV0dKTkl2tt2GRecgGA1algm3vkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6b739599eff14e55-FRA
expires
Sat, 01 Jan 2022 09:23:54 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://stfly.me
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 15:57:38 GMT
x-content-type-options
nosniff
age
63670
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 01 Dec 2022 15:57:38 GMT
4495548
dozubatan.com/400/ 		65 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dozubatan.com/400/4495548
Requested by
Host: omchanseyr.com
URL: https://omchanseyr.com/apu.php?zoneid=3381289
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4dcfc4e6b6c114d5b8974da86cc713ef6083f9c58a6b34f7aeb61b279b18f1f6
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stfly.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-trace-id
7d9b761cf6c76291adf5a2b8308a9eae
pragma
no-cache
date
Thu, 02 Dec 2021 09:38:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
1
toglooman.com/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://toglooman.com/1?z=3968308
Requested by
Host: omchanseyr.com
URL: https://omchanseyr.com/apu.php?zoneid=3381289
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
9bf0fba8fef236800f22c422836fc23037c0b4370d2a28405cbab1f69314be04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stfly.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 09:38:48 GMT
content-encoding
gzip
x-sc
gZmcGO3_ccEHAFaK43zpazdj6l5GODfJx3ES1m4aKvQSyW6j0Ll9Jz3eQwEBjujgYuYqK1NOn3z6GQycWk4OpZ1pXw8=
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires
Mon, 26 Jul 1997 05:00:00 GMT
gid.js
my.rtmark.net/ 		65 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=bfe0628f714c43eeb5b452523c1a5f6a
Requested by
Host: omchanseyr.com
URL: https://omchanseyr.com/apu.php?zoneid=3381289
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ec1bbcc430dc17f7ac3352cce9d392e6e7b64b28fda70ce63a0ae9c6ad9a27ea
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stfly.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:48 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://stfly.me
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
/
omchanseyr.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://omchanseyr.com/?rb=JXrzJmpS6NIj8ihp98m4PdSYu3paEcW_oarkkt7LB6_LDtdwr7aoVWBs1RK-smaOy0GAerRolGXoxOLidlHGiztSUPUMGV3IwAwNW5FOZMrpMmtbL_KNYe39776a5LaNNk1QIIocyejn7naGto5w8SY-WXpnTR_UZnvkXlJWRxJSpdNH_TKNqJNTUBkJqnxQLO3_DlggjUO3qrBCUUpJCrFEJ5tN5i93GKjr3PEDJtU7tBE12FYU2GrtpvvrJICxYimfqmaVQSstwlj2&zoneid=3381289&request_ab2=0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Fstfly.me%2F65mY&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=2&bs=0ab2efaa-f0ed-4aa3-b23d-72a68d0193df&userId=bfe0628f714c43eeb5b452523c1a5f6a&m=link
Requested by
Host: omchanseyr.com
URL: https://omchanseyr.com/apu.php?zoneid=3381289
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stfly.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-trace-id
121c34026b0f26f2f3f68eb92ab1d08e
pragma
no-cache
date
Thu, 02 Dec 2021 09:38:48 GMT
x-content-type-options
nosniff
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://stfly.me
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT
bbb07d681d5b5503eca0adbbc4bd0c9f
toglooman.com/27/ 		384 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://toglooman.com/27/bbb07d681d5b5503eca0adbbc4bd0c9f
Requested by
Host: toglooman.com
URL: https://toglooman.com/1?z=3968308
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
307eefdc0600ba0495c999ff6fd97baa6e33a1d780414a4970cc5b760d523b01
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stfly.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Nov 2021 07:33:35 GMT
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
cache-control
max-age:290304000, public
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires
Tue, 16 Dec 2081 07:33:35 GMT
38
toglooman.com/42/ 		0
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://toglooman.com/42/38?z=3968308
Requested by
Host: toglooman.com
URL: https://toglooman.com/1?z=3968308
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stfly.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 09:38:48 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
index.php
account.adstripe.net/display/ Frame A4FE 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://account.adstripe.net/display/index.php?page=query/items/&aduid=21&pid=1&width=336&height=280&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=945&page_data=255da390f7e99e62e8300cf398c0f848&time=1638437928&deliver=stfly.me&search_keywords=&page_referrer=aHR0cHM6Ly9zdGZseS5tZS82NW1Z&page_title=&meta_description=
Requested by
Host: account.adstripe.net
URL: https://account.adstripe.net/display/items.php?21&1&336&280&1&0&0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:309a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8312a200c1f6370b480df9b8f548b65ea5f05cef0ae2b45ec591896ee76ff799

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://stfly.me/

Response headers

date
Thu, 02 Dec 2021 09:38:48 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9H%2FVfj%2F41F1A%2B6lGEEkWbd0Xex2NmPXmOM2om%2BfhvXmNsTIDWRTB4y%2FrHwCzbqouAbpAjUv5WrDk8vKtTVkLb5FXiUwjWYQDxgdRg0ONVwtwQU4b0lOGRMUZqGtSUc9rzZWU0glxs1Gw42qEr1VrHZjYtw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b73959b7b62d6c5-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
9
toglooman.com/ 		7 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://toglooman.com/9?z=3968308&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fstfly.me%2F65mY&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&sah=1200&drf=&hil=1&ist=0
Requested by
Host: toglooman.com
URL: https://toglooman.com/27/bbb07d681d5b5503eca0adbbc4bd0c9f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Request headers

Referer
https://stfly.me/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 09:38:48 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://stfly.me
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length
7
expires
Mon, 26 Jul 1997 05:00:00 GMT
9
toglooman.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://toglooman.com/9?z=3968308&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fstfly.me%2F65mY&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&sah=1200&drf=&hil=1&ist=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://stfly.me
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 02 Dec 2021 09:38:48 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://stfly.me
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma
no-cache
cache-control
no-store, no-cache, must-revalidate, max-age=0
expires
Mon, 26 Jul 1997 05:00:00 GMT
tag.js
tagcachestaticx.com/ 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagcachestaticx.com/tag.js
Requested by
Host: dozubatan.com
URL: https://dozubatan.com/400/4495548
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b4cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9554e80e9205a72958e651c671af8454206f962a3b73a8d1d1da08436020fc48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stfly.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 25 Nov 2021 19:04:24 GMT
server
cloudflare
age
5363
etag
W/"619fde38-c7ee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLcrzQHH%2FvkmmbQ6MhKgQGgjBIkDKMNM8YU%2BrezGpQy7IowuAwLA0%2FaJlXh4UmAIju4rB%2BMTtlyElVovPYB2PbVt9r1pqRGGPE7WZbVu65gOh%2FrJcy9BHVstaQHOILGVJ6e0FtqLQfjwTLdRr2nLtxfK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b73959c5a45f91f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tagcachestaticx.com
URL: https://tagcachestaticx.com/tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stfly.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 02 Dec 2021 09:38:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
etag
3408380900890068055
vary
Accept-Encoding, Origin
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private, max-age=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Thu, 02 Dec 2021 09:38:48 GMT
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: stfly.me
URL: https://stfly.me/65mY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stfly.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 02 Dec 2021 09:38:48 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: stfly.me
URL: https://stfly.me/65mY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stfly.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 02 Dec 2021 09:38:48 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: stfly.me
URL: https://stfly.me/65mY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stfly.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 02 Dec 2021 09:38:48 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Requested by
Host: stfly.me
URL: https://stfly.me/65mY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stfly.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7048
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 02 Dec 2021 09:38:48 GMT
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: stfly.me
URL: https://stfly.me/65mY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stfly.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 02 Dec 2021 09:38:48 GMT
jquery.min.js
account.adstripe.net/display/js/ Frame A4FE 		243 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.adstripe.net/display/js/jquery.min.js
Requested by
Host: account.adstripe.net
URL: https://account.adstripe.net/display/index.php?page=query/items/&aduid=21&pid=1&width=336&height=280&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=945&page_data=255da390f7e99e62e8300cf398c0f848&time=1638437928&deliver=stfly.me&search_keywords=&page_referrer=aHR0cHM6Ly9zdGZseS5tZS82NW1Z&page_title=&meta_description=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:309a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://account.adstripe.net/display/index.php?page=query/items/&aduid=21&pid=1&width=336&height=280&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=945&page_data=255da390f7e99e62e8300cf398c0f848&time=1638437928&deliver=stfly.me&search_keywords=&page_referrer=aHR0cHM6Ly9zdGZseS5tZS82NW1Z&page_title=&meta_description=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 17 Apr 2021 10:55:55 GMT
server
cloudflare
age
2848
etag
W/"3cd47-5c028f0d0e4c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJOMDCODVGqQ3zWpc2%2BsISrvwBYaE%2BS54X0sJ5arNbC8T0aPNK0yhiuvHiyxnj57n4XoYVXo47KT7zZ2u9khrbCneodNE5LUBTR3YNDx79y00%2B1tzGUu3CazGHTCEDoNFqeKIeF5bNwbIpKg1aAR0931jA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b73959d4fba374c-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
data.png
account.adstripe.net/images/ Frame A4FE 		931 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://account.adstripe.net/images/data.png
Requested by
Host: account.adstripe.net
URL: https://account.adstripe.net/display/index.php?page=query/items/&aduid=21&pid=1&width=336&height=280&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=945&page_data=255da390f7e99e62e8300cf398c0f848&time=1638437928&deliver=stfly.me&search_keywords=&page_referrer=aHR0cHM6Ly9zdGZseS5tZS82NW1Z&page_title=&meta_description=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:309a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f65dd0ed5ab0097e2cb276b346ccfaddb2a9134c9278af39c6a24cd821fce06f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://account.adstripe.net/display/index.php?page=query/items/&aduid=21&pid=1&width=336&height=280&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=945&page_data=255da390f7e99e62e8300cf398c0f848&time=1638437928&deliver=stfly.me&search_keywords=&page_referrer=aHR0cHM6Ly9zdGZseS5tZS82NW1Z&page_title=&meta_description=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2848
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
931
last-modified
Sat, 17 Apr 2021 10:55:55 GMT
server
cloudflare
etag
"3a3-5c028f0d0e4c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=niqUD4iREFl9QOp2CPjwrgY5k0KBd5eqsqH0cuByWWAkoeJGBlSn5ibYWWNCUPEfIBBDuQRcmX6HFKU1OZtO5q%2FPSXxSQghALHG8cE4Pe8%2FDlbxjBSS%2BoAAeZWn3xe%2Bp9xA3YCJZtDqpxj0%2FekMYdMREoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6b73959d4fbc374c-MXP
1-icon-1635666360.png
account.adstripe.net/upload/credit/ Frame A4FE 		546 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://account.adstripe.net/upload/credit/1-icon-1635666360.png
Requested by
Host: account.adstripe.net
URL: https://account.adstripe.net/display/index.php?page=query/items/&aduid=21&pid=1&width=336&height=280&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=945&page_data=255da390f7e99e62e8300cf398c0f848&time=1638437928&deliver=stfly.me&search_keywords=&page_referrer=aHR0cHM6Ly9zdGZseS5tZS82NW1Z&page_title=&meta_description=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:309a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85821da273b7d5dc51f8c9ff01bb46fa3461f36aef2977a6c74aa66cc2bd503e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://account.adstripe.net/display/index.php?page=query/items/&aduid=21&pid=1&width=336&height=280&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=945&page_data=255da390f7e99e62e8300cf398c0f848&time=1638437928&deliver=stfly.me&search_keywords=&page_referrer=aHR0cHM6Ly9zdGZseS5tZS82NW1Z&page_title=&meta_description=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2847
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
546
last-modified
Sun, 31 Oct 2021 07:46:00 GMT
server
cloudflare
etag
"222-5cfa1406a0ef7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWNXldx871jEBAPb5kCUMbiThZf%2FQ5vA4Uw2keonTx6l3JdJaTrlxMSQd9ODClAUf2%2BJlLAhfi%2FFHt6Gy%2BHChJMZrYVRSKH%2BTaeZr3gpU2NFeOI91y2hUyxWOT4qHJECfa3%2B7jpSpMQjJFqrnY1WX6Q%2BFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6b73959d7859374c-MXP
gid.js
my.rtmark.net/ 		65 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: dozubatan.com
URL: https://dozubatan.com/400/4495548
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ec1bbcc430dc17f7ac3352cce9d392e6e7b64b28fda70ce63a0ae9c6ad9a27ea
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stfly.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:48 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://stfly.me
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
4495548
dozubatan.com/500/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dozubatan.com/500/4495548?excludes=&oaid=bfe0628f714c43eeb5b452523c1a5f6a&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Fstfly.me%2F65mY&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://stfly.me
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 02 Dec 2021 09:38:48 GMT
content-length
0
allow
GET, OPTIONS
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin
https://stfly.me
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials
true
access-control-max-age
600
strict-transport-security
max-age=1
x-content-type-options
nosniff
timing-allow-origin
*
4495548
dozubatan.com/500/ 		0
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dozubatan.com/500/4495548?excludes=&oaid=bfe0628f714c43eeb5b452523c1a5f6a&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Fstfly.me%2F65mY&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Requested by
Host: dozubatan.com
URL: https://dozubatan.com/400/4495548
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://stfly.me/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
e74b4f8c5c4b786ff9358bcc70262592
pragma
no-cache
date
Thu, 02 Dec 2021 09:38:48 GMT
x-content-type-options
nosniff
server
nginx
vary
Origin
access-control-allow-origin
https://stfly.me
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
336_2.php
itsguider.com/ Frame DC9A 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://itsguider.com/336_2.php
Requested by
Host: account.adstripe.net
URL: https://account.adstripe.net/display/index.php?page=query/items/&aduid=21&pid=1&width=336&height=280&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=945&page_data=255da390f7e99e62e8300cf398c0f848&time=1638437928&deliver=stfly.me&search_keywords=&page_referrer=aHR0cHM6Ly9zdGZseS5tZS82NW1Z&page_title=&meta_description=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:859c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fd1ae04d324a0fa8b9b01a6564bb6c6a36f5c3c5dad0c70a23b2572890ca209

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://account.adstripe.net/

Response headers

date
Thu, 02 Dec 2021 09:38:49 GMT
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
display
orig_site_sol
expires
Wed, 01 Dec 2021 09:38:49 GMT
pagespeed
off
response
200
vary
Accept-Encoding Accept-Encoding,User-Agent
x-ezoic-cdn
Miss
x-middleton-display
orig_site_sol
x-middleton-response
200
x-origin-cache-control
max-age=0
x-sol
orig
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BeoYUgr3g8rzfOqa5yfSHgyxkfDultxmmeOKj5Bjunz8FSw%2BnFV9EoWGm53kqKOLjokBn3KaUj2nsybYloaECQT1yifwbaEhfE1p9L5yfcYb8R67nLMWuXImh0AAfTYLmBj9u9G0eGP868UG"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b73959e79c10f5a-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
index.php
account.adstripe.net/track/ Frame A4FE 		131 B
653 B 		Script
General
Check archive.org
Download Go to
Full URL
https://account.adstripe.net/track/index.php?page=click/data/0|2|2|1|21|1|2|2|0|2|0.00055|0.00055|0|0/a65ba34bb466cf242b4b4fcdb24bf2e6/1638437938/DE/
Requested by
Host: account.adstripe.net
URL: https://account.adstripe.net/display/index.php?page=query/items/&aduid=21&pid=1&width=336&height=280&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=945&page_data=255da390f7e99e62e8300cf398c0f848&time=1638437928&deliver=stfly.me&search_keywords=&page_referrer=aHR0cHM6Ly9zdGZseS5tZS82NW1Z&page_title=&meta_description=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:309a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df13b2bb492cfe24e54a5fbdda0b434e5071be93b12683ab32ddc4318bc44a63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://account.adstripe.net/display/index.php?page=query/items/&aduid=21&pid=1&width=336&height=280&displaytype=1&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=945&page_data=255da390f7e99e62e8300cf398c0f848&time=1638437928&deliver=stfly.me&search_keywords=&page_referrer=aHR0cHM6Ly9zdGZseS5tZS82NW1Z&page_title=&meta_description=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rqqpT5P2M0rjQikOfwvTjRvAbsVRiCLC75W70jYAn%2FiURiJZLdODKGCnEUhXj9F5FDEqlKhs%2FyVQU95xVM3OvKUNNmDAhuHxtpdnT1ITi4WSo08pOYU73QXCzi%2FPy7Rgw%2Ff1H2I3pMRpeo6KHt86Bfg9MA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
6b73959e299d374c-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
add
tagcachedataxrt.com/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tagcachedataxrt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://stfly.me
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.19.10
Date
Thu, 02 Dec 2021 09:38:54 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://stfly.me
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials
true
add
tagcachedataxrt.com/log/ 		12 B
478 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tagcachedataxrt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by
Host: tagcachestaticx.com
URL: https://tagcachestaticx.com/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Request headers

Referer
https://stfly.me/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

Date
Thu, 02 Dec 2021 09:38:54 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://stfly.me
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
perf.gif
perf.cdnads.com/ 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.cdnads.com/perf.gif
Requested by
Host: stfly.me
URL: https://stfly.me/65mY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.156.37 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stfly.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 09:38:49 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
max-age=86400
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
Expires
Fri, 03 Dec 2021 09:38:49 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame DC9A 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: itsguider.com
URL: https://itsguider.com/336_2.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
7111587ad6ef6489c8cab851f67da4cf52cab046badcb65c727e90b990ce7fe7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itsguider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1060 / 266 of 1000 / last-modified: 1638400030"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26859
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 02 Dec 2021 09:38:49 GMT
cmbv2.js
itsguider.com/detroitchicago/ Frame DC9A 		67 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://itsguider.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1a-2y1f-3y51-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1fx51&abt=RecordTimeViewed
Requested by
Host: itsguider.com
URL: https://itsguider.com/336_2.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:859c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4ada2036c22124a2a1c05992805a0b49a414fe2ea46332063e640a38b7cf13

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itsguider.com/336_2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3043147
cf-polished
origSize=68973
cf-ray
6b7395a0ef797037-FRA
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 28 Oct 2021 04:19:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aOXHyPAxeXArfUumU4MR4qzjAAFxH%2BeI32wACrq%2B7G7hfRq1JLXn%2FcYZM692e2EH7uqszlieWe1yorUfcydh6jZv1BA36s2RE6eUdAkstO%2FjAx03YpqkjlOwfu%2F5qxiqYH6HWIPeYrVq7%2F6H"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-bgj
minify
pubads_impl_2021111701.js
securepubads.g.doubleclick.net/gpt/ Frame DC9A 		345 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063842
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
8d8aa9c2c3798099cba43890c7808bfb34b70dbc853177ef287b50bc28161911
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itsguider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118578
x-xss-protection
0
last-modified
Wed, 17 Nov 2021 09:34:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 02 Dec 2021 09:38:49 GMT
imp.gif
itsguider.com/detroitchicago/ Frame DC9A 		43 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://itsguider.com/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A0%2C%22ad_lazyload_version%22%3A0%2C%22ad_load_version%22%3A0%2C%22city%22%3A%22Berlin%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22domain_id%22%3A297268%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A1%2C%22ezcache_skip_code%22%3A7%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22metro_code%22%3A0%2C%22page_ad_positions%22%3A%22%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22442c96c0-a03d-47d6-7550-ce38e7895d5e%22%2C%22position_selection_id%22%3A0%2C%22postal_code%22%3A%2210178%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A670%2C%22response_time_orig%22%3A272%2C%22serverid%22%3A%2218.157.164.228%3A20798%22%2C%22state%22%3A%22BE%22%2C%22t_epoch%22%3A1638437928%2C%22template_id%22%3A120%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fitsguider.com%2F336_2.php%22%2C%22user_id%22%3A0%2C%22word_count%22%3A0%2C%22worst_bad_word_level%22%3A0%7D&ez_orig=1
Requested by
Host: itsguider.com
URL: https://itsguider.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1a-2y1f-3y51-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1fx51&abt=RecordTimeViewed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:859c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itsguider.com/336_2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:49 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cPoj5juWbedpzhlMWCLFydOWnUMtXawjOfFJeSyshx6JfvUh%2Ff6sSb8rSRRXj7T09tD5l4szuqH93K1OxGVrH55aULIwzdMS0Z7PoZ2E0sVUzKCRlOaI3g4h7DRggKwZlP3llj92TTZEI8d9"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
6b7395a168f37037-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43
expires
Wed, 01 Dec 2021 09:38:51 GMT
quant.js
secure.quantserve.com/ Frame DC9A 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: itsguider.com
URL: https://itsguider.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1a-2y1f-3y51-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1fx51&abt=RecordTimeViewed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itsguider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:49 GMT
content-encoding
gzip
etag
"FMCWFRCBdbNj8Eh2c0G78Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Thu, 09 Dec 2021 09:38:49 GMT
cmbdv2.js
itsguider.com/detroitchicago/ Frame DC9A 		44 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://itsguider.com/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-5y0c-5y18-4&cmbcb=20&sj=x03x0cx18&abt=RecordTimeViewed
Requested by
Host: itsguider.com
URL: https://itsguider.com/336_2.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:859c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1004554b6b3a087597d7509799d558a668a451419fc6aacaf87a365de5caab49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itsguider.com/336_2.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3851657
cf-polished
origSize=44604
cf-ray
6b7395a169037037-FRA
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 18 Oct 2021 19:44:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNgGafTrAV8UQCF5VVFoCjWKXTmMgh37Qtc%2BCb2mK8hYxtrgN8pmjQFswcOGtool3E7lMMDQc82x6RWS1jgMBrNyjB7EovDcasu3VSqlKLHUTseyxDZVPDnWy1Tus6KHDx4dNDEYHfKQiHP2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-bgj
minify
integrator.js
adservice.google.de/adsid/ Frame DC9A 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=itsguider.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063842
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itsguider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 02 Dec 2021 09:38:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame DC9A 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=itsguider.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063842
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itsguider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 02 Dec 2021 09:38:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame DC9A 		46 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1082666052048796&correlator=4403740832745921&output=ldjh&impl=fifs&eid=31063842%2C31063246&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211202&iu_parts=360613911%2Citsguider.com_RedMas2021&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&cdm=itsguider.com&bc=31&abxe=1&lmt=1638437929&dt=1638437929228&dlt=1638437929070&idt=137&ea=0&frm=8&biw=-12245933&bih=-12245933&isw=336&ish=280&oid=2&adxs=0&adys=0&adks=1993164460&ucis=kfp77po9x747&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fitsguider.com%2F336_2.php&ref=https%3A%2F%2Faccount.adstripe.net%2F&top=https%3A%2F%2Faccount.adstripe.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=336x280&msz=336x280&ga_vid=1918898040.1638437929&ga_sid=1638437929&ga_hid=1348095256&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063842
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ae2ab6d3c5ae7ddc773d968a0732a431d82320b835a4bcc2c8d0c4250ac86416
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itsguider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11158
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://itsguider.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9c3a52f51bee96c61a5154d00338302f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AA67 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9c3a52f51bee96c61a5154d00338302f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063842
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://itsguider.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 02 Dec 2021 09:38:49 GMT
expires
Fri, 02 Dec 2022 09:38:49 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rules-p-31iz6hfFutd16.js
rules.quantcount.com/ Frame DC9A 		3 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itsguider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 04:37:58 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
age
18051
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 19:50:24 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
DnH2VkiviRSY4QpwfQcYYNti05rherNXRI_ZwHVOelfMklW6wcTqUw==
pixel;r=2116884473;labels=Domain.itsguider_com%2CDomainId.297268;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fitsguider.com%2F336_2.php;ref=https%3A%2F%2Faccount.adstripe.net%2F;uht=2;fpan=1;fpa=P0-192...
pixel.quantserve.com/ Frame DC9A 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=2116884473;labels=Domain.itsguider_com%2CDomainId.297268;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fitsguider.com%2F336_2.php;ref=https%3A%2F%2Faccount.adstripe.net%2F;uht=2;fpan=1;fpa=P0-1921246143-1638437929273;pbc=;ns=1;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;d=itsguider.com;je=0;sr=1600x1200x24;dst=0;et=1638437929273;tzo=0;ogl=
Requested by
Host: itsguider.com
URL: https://itsguider.com/336_2.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itsguider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 09:38:49 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame DC9A 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063842
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9b35d3bad95b58eeb08067674cfabce6a112de754e06c25ae4cd06d10d95ae7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itsguider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 02 Dec 2021 09:38:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8681
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DC9A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063842
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itsguider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 02 Dec 2021 09:38:49 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame F954 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://itsguider.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Wed, 01 Dec 2021 18:00:34 GMT
expires
Thu, 01 Dec 2022 18:00:34 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
56295
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 2935 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9080fb2f9070168362908cb0d9fe8719eb75abff23c180d8a65fb0f00a9655f3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9KRBjiAr6BbAlaB/UWEidw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://itsguider.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 02 Dec 2021 09:38:49 GMT
date
Thu, 02 Dec 2021 09:38:49 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-9KRBjiAr6BbAlaB/UWEidw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
lpsW2_ffPYTZ8rZJjb0UUxqN4MuIngUyqdH9Px88Rrc.js
pagead2.googlesyndication.com/bg/ Frame F954 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lpsW2_ffPYTZ8rZJjb0UUxqN4MuIngUyqdH9Px88Rrc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
969b16dbf7df3d84d9f2b6498dbd14531a8de0cb889e0532a9d1fd3f1f3c46b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:06:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
1950
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13349
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Dec 2022 09:06:19 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2935 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111701&jk=1082666052048796&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame F954 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?3igLTQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 09:38:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame DC9A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111701&jk=1082666052048796&bg=!-Pul-7_NAAaQHwIOkB87ACkAdvg8WmQIiXwGnwpydek3Uv3AI6OnX4dFaGXKjxhDwVuIJC8QfTSKaQIAAABcUgAAAAVoAQcKAHNzAaZYqIxqA3DNTB6XwADkpEt4jFSUGZXTSFKu9IhB7toqerrXaprYCznNJtuh9h_fLgjAHqVtfy234jM3uC1u2yafKOfhNyUykg72uvgFFaJlKj-mgOt5yACROh7GyQF83FNgxZU1yZk7I6rlftaO_WBSmQLX7G-ERAYBE4Vf6eDYGTNd9nrhfnqNDGlKJES_sSrbZUylcNNNbTb_F0OSlucIg4WwzTYhFQgLIWH03cPsoL2XuqRn6PGMkj1OK4C0_S7T6zPKOCg1pEuhSVSVJWwbyXfiH__9UzzZS9tnvd19ddveuOtKooBZVGHBd_vfkMDNJ2g4Jw7EScNT6i5KSR-BS2Fs8vRGgBECTjZnu_POL5NjtNlHBORLNo0ycGPjfv9ypMBzJygL_NkK8FG4gKo972tu5epqwWgB5-o0jMqKqnLr9CMtYE4eUSsw6gunjR9pPzXt0eZdUJC8-hELI4NKBcOQvLUSEK3m0Avo_9nOovzHdr97XjXThIfnbDx-dk5sCpOd5bf7U4k8qtSUgZHgrceL_zlEeCD_MDuB2FMyvkLCL0ldVj7QJojYczPgsnHL_IhY9bIxFZXp4JABzC6fZUPDps-mV89faAclicu2d1YbW8JvsECsyodMENQ-jcGWk3xQVaOR2CMhms3pBihFDeCfz4z_hsJXAnW5Jmx-FbrZkN8ZHob0gyYR95xy4Nta7spgmrDiOHzl78-CYCsqjEke2oy1cYDwdDSpkPjkeUdfuHiR4GcCLOOw2FsATWOnclYETHeoPlN9cco8zUfuhJlZSFsEiekEyR2SwvkhD2takAXESD2YKhuE5cX_cy7-mOF7gAGUVItTmcQ0Nr6D8DpUV_Lc_fBB_dMi9idmYM40NYoGFZog2-ec5OXKIgJvv2iXXPcFnuEEw4OPfgtA8T7VofuGLtkfSz_laMru9X8gwwh3it7kNoJj34cM1i1WlKT1dotMIWj1vhzOVMBvMCTOPKFZGxv8HLSMTt-9HOrcsp1lK-EQiWINUBLyJud7jpyol37l5SmP8KF6IGFNRFapI1EL-YOJjDFOq2lfpBY_v5qUeupsixwu5c5m2TvwIs98V4ylwD1a_pmBBlHzbCY1WySna6druw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itsguider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 09:38:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012111011823000/ Frame 41EB 		189 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063842
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itsguider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
141740
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55592
x-xss-protection
0
server
sffe
date
Tue, 30 Nov 2021 18:16:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11dee2040f5fc1d7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 30 Nov 2022 18:16:29 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 41EB 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063842
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itsguider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
141740
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4992
x-xss-protection
0
server
sffe
date
Tue, 30 Nov 2021 18:16:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"858600ba27ef7413"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 30 Nov 2022 18:16:29 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 41EB 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063842
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itsguider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
141738
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28555
x-xss-protection
0
server
sffe
date
Tue, 30 Nov 2021 18:16:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a64e482645fd262b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 30 Nov 2022 18:16:31 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 41EB 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063842
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itsguider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
141738
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1731
x-xss-protection
0
server
sffe
date
Tue, 30 Nov 2021 18:16:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cb4f0e89d7d37d9b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 30 Nov 2022 18:16:31 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 41EB 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063842
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itsguider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
141736
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12826
x-xss-protection
0
server
sffe
date
Tue, 30 Nov 2021 18:16:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f02165e023e70703"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 30 Nov 2022 18:16:33 GMT
css
fonts.googleapis.com/ Frame 41EB 		3 KB
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js?31063842
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itsguider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 02 Dec 2021 08:09:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 02 Dec 2021 09:38:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 02 Dec 2021 09:38:49 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 41EB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: itsguider.com
URL: https://itsguider.com/336_2.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itsguider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 01 Dec 2021 20:15:16 GMT
x-content-type-options
nosniff
server
cafe
age
48213
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 02 Dec 2021 20:15:16 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 41EB 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: itsguider.com
URL: https://itsguider.com/336_2.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itsguider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 02 Dec 2021 05:43:34 GMT
x-content-type-options
nosniff
server
cafe
age
14115
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 03 Dec 2021 05:43:34 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 41EB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CVCpnKZSoYZKYEKy6lQeKlav4DNDLivFmqK_BnO8Lz9briI8aEAEgiLGRH2CV-vCBjAegAavVtLsCyAEB4AIAqAMByAMKqgTeAU_Q1OXzm5ioYh2Kn692kfb0PBh0U6DkgnHnHUxKSO21e7aCnarm88n3uM3yCSO7ghUvVdTQVtTYRmY7K9S1JDwUnZZ1z9XJWzqCwl6Krux4i-EreZogrPnvA3Dhfrp2XIxQASv3bMPaR0wQePS5GhdSm5YnmRpfQP3sEl766-kys5aW3nfNtJfgajE7hdUjQefidEltjYEFsOV8X8aq0yh3IOlXpb-WO2m-m55La8MVHehTXM4NbWF2GAkXWKrl-amJrAw56tJfL3HtrQ-sdMyT7DKc_TmCWpcSWEIz8sAEpYXZ7fEC4AQBkgUECAQYAZIFBAgFGASAB8W0k8kBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQtbQ_0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi02MDUyMjQ4NTE4ODQ3NDQwgAoDyAsB2BMMiBQD0BUBgBcBshceChwIABIUcHViLTczNjM4MDkyMTkyNDQxMjIYv-If&sigh=AcF3x65B3wg&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: itsguider.com
URL: https://itsguider.com/336_2.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itsguider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
truncated
/ Frame 41EB 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ef85a6d57bf9dd9b23d0384147e22aea86a35c3aa43b59aa013aa7b86737a39

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 41EB 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://itsguider.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 10:56:24 GMT
x-content-type-options
nosniff
age
168145
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 10:56:24 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 41EB 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://itsguider.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 20:07:29 GMT
x-content-type-options
nosniff
age
135080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 20:07:29 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 41EB
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: itsguider.com
URL: https://itsguider.com/336_2.php
Protocol
H2
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

date
Thu, 02 Dec 2021 09:38:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 41EB 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvT5ZZmpcY2c1YLPLhuY6vFcFIsCBve3zZYJx6AmYCQMN7izmwKNeROgtPvukGTnybunS_EWilYr10bqpRh6pb7hpFvc6j6XuUtWjVyztQ2KXq5xC3IsA&sai=AMfl-YSrJ4zIqbf-2sFJG8renZkKfmGM11HRbwvup-n-iuMvhcCOW7mv_aRGx-P8zb2q44oXUyU2cRBaOaDy&sig=Cg0ArKJSzIwvHN81IcfaEAE&id=ampim&o=0,281&d=336,280&ss=1600,1200&bs=336,280&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=64&tls=1065&g=100&h=100&tt=1065&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1993164460
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itsguider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 09:38:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| __cf_worker_run_after_load function| __cf_run_after_load object| __CF$cv$params object| __cfQR object| doz7yepna3j object| zfgformats function| onClickTrigger boolean| zfgloadedpopup boolean| zfgloadednative boolean| _retranberw number| adcode_count function| post_sticky_handler function| post_noads_handler function| post_trackdata_handler function| post_skin_handler function| post_expandable_handler function| post_pop_handler function| post_interstitial_handler function| post_native_handler function| native_resize_handler function| post_iframe_handler object| ItemDataScript_parameter string| ItemDataScript_parameter_new object| ItemDataScript_parameter_seperate string| aduid string| pid string| width string| height string| displaytype number| responsive number| block_id number| adSectionWidth object| page_meta_data string| page_title string| page_referrer string| meta_description string| meta_keywords string| search_keywords number| currently_rendered number| currently_rendered_flag string| currently_rendered_adunit string| cpc_impression object| cpm_impression string| cpa_impression string| cpd_impression string| cpv_impression object| html_impression string| ret string| iframe_src object| regeneratorRuntime function| _retranber string| dt5i3wv4zpc object| webpushlogs string| urlorigin object| responsedata string| cookie_content_value object| cookie_content_data number| ryq8olab9xp object| Modernizr boolean| __cfRLUnblockHandlers

21 Cookies

Domain/Path Name / Value
url.baixarseriesmp4.com/redirecionador Name: api_405534
Value: 2
toglooman.com/42 Name: OAID
Value: 8fa751b0867a4e909d38190c76acbd10
toglooman.com/42 Name: oaidts
Value: 1638437928
shrtfly.com/ Name: AppSession
Value: 3pmclp1emf02mjdmfu0lih8cnr
shrtfly.com/ Name: csrfToken
Value: eda61a1eceafd8a87947e149c303e88f8ac53afa62a9071e89057e5a239a95e0df09a22af752ee5aa874ff7399c44295d04e4b3b0c132fc0de281774fe58e503
omchanseyr.com/ Name: OAID
Value: bfe0628f714c43eeb5b452523c1a5f6a
omchanseyr.com/ Name: oaidts
Value: 1638437928
toglooman.com/ Name: scm
Value: 1
toglooman.com/ Name: OAID
Value: 8fa751b0867a4e909d38190c76acbd10
toglooman.com/ Name: oaidts
Value: 1638437928
my.rtmark.net/ Name: ID
Value: bfe0628f714c43eeb5b452523c1a5f6a
stfly.me/ Name: prefetchAd_3381289
Value: true
omchanseyr.com/ Name: syncedCookie
Value: true
sanggilregard.com/ Name: GL_UI4
Value: eJw9jUtugzAYhHnTKAV1JA6QIzgRUFhWPUSXyGCbuAH%2FkXGDevtaldrVfJqHJgiCqCoRPrIY8RdvcBpr1nWK1e2oet68MnXp21qpqWvFpemUwkFvg%2BPjIl2C51kaafU0TCRkgRcf%2FTk3Q7tJkI6WG1EgXX1jKZCPlvZN2ipGYvgqkb1fLXlNV%2F5JFlHfetTGY8gQ0VbF5QH5hzbC78ojojMriyzA8b5wp8iugxZZiHS2XEiEb3iauJMz2W%2FkQm43R3eAFjH8939v4%2F3MkAn50JP%2FJneV9gd3Ukq3
sanggilregard.com/ Name: GL_GI10
Value: eJxNy9sKgkAUhWEbyxQ7sKEH6AWSrOhwW0o39QyD6FYGcvYwTpE9fZoR3a31w2dZFptNgAkF4%2FCwCdbbIFzug1UIdoEELIphlNJdGl1zmZQIwzPqMpE1OBoLQRLYMQa%2F2zylDGEQxYu%2F9lH%2BJZHZ%2FIj6JiT0U2Ea%2F31e%2BzrptbKrtqgUuNfVZje%2FmAw8iYZXCrGZJ9KKdGIQJr%2F68Y4Nrqi40vSsnR5MjSjxRRI55XmFpkm9h8PertFGlQ%3D%3D
dozubatan.com/ Name: OAID
Value: bfe0628f714c43eeb5b452523c1a5f6a
stfly.me/ Name: _data_html
Value: 2-1
.itsguider.com/ Name: ezosuigeneris-0
Value: 5cc02ec7a1c289a94850269df197ad64
.quantserve.com/ Name: mc
Value: 61a89429-44b44-1a28b-6bae1
.doubleclick.net/ Name: IDE
Value: AHWqTUm9J2hExd0YvcE7xGe6CRF6ZrpmGfaDbqrcCUDb9rwzUUNvUeohvoBAdNL1UK8
.doubleclick.net/ Name: DSID
Value: NO_DATA

2 Console Messages

Source Level URL
Text
deprecation warning URL: https://tagcachestaticx.com/tag.js
Message:
RTP data channels are no longer supported. The "RtpDataChannels" constraint is currently ignored, and may cause an error at a later date.
other warning URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9c3a52f51bee96c61a5154d00338302f.safeframe.googlesyndication.com
account.adstripe.net
adservice.google.com
adservice.google.de
cdn.ampproject.org
dozubatan.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
itsguider.com
my.rtmark.net
omchanseyr.com
pagead2.googlesyndication.com
perf.cdnads.com
pixel.quantserve.com
rules.quantcount.com
sanggilregard.com
secure.quantserve.com
securepubads.g.doubleclick.net
shrtfly.com
stfly.me
tagcachedataxrt.com
tagcachestaticx.com
toglooman.com
tpc.googlesyndication.com
url.baixarseriesmp4.com
www.google.com
139.45.195.254
139.45.195.8
139.45.197.237
139.45.197.238
139.45.197.239
142.250.184.226
178.162.156.37
23.109.248.173
2600:9000:2156:600:6:44e3:f8c0:93a1
2606:4700:3033::ac43:b4cb
2606:4700:3033::ac43:c369
2606:4700:3035::ac43:aaee
2606:4700:3036::ac43:859c
2606:4700:3037::6815:309a
2606:4700:e0::ac40:6709
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:801::2001
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2002
2a00:1450:4001:827::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2
0ef85a6d57bf9dd9b23d0384147e22aea86a35c3aa43b59aa013aa7b86737a39
1004554b6b3a087597d7509799d558a668a451419fc6aacaf87a365de5caab49
147b08aa6afaa0b704ebedb56d0b146a7e33600a971e5d20773b3371db70be11
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
2fda5ca885a30ce33aeb41a38c0ea1a2f36a2d95a0383714372eb7e94f80fcc8
307eefdc0600ba0495c999ff6fd97baa6e33a1d780414a4970cc5b760d523b01
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
4dcfc4e6b6c114d5b8974da86cc713ef6083f9c58a6b34f7aeb61b279b18f1f6
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
66219bc99ac30a346552ced8a3a2739c915b441219cfd9cf3dbef943cf7ca7bf
7111587ad6ef6489c8cab851f67da4cf52cab046badcb65c727e90b990ce7fe7
7fd1ae04d324a0fa8b9b01a6564bb6c6a36f5c3c5dad0c70a23b2572890ca209
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8312a200c1f6370b480df9b8f548b65ea5f05cef0ae2b45ec591896ee76ff799
83521aad7c96625246ef4168f1d84d12b0652e8eb61ad0875066fee1fa797daf
85821da273b7d5dc51f8c9ff01bb46fa3461f36aef2977a6c74aa66cc2bd503e
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
894a363fb19275ab5c0fb16de199a2094a703f97d189ac6d00ec70cd9e357f06
89e38ae45e4ab6870530ad77bc793c32dcb03a600156b9930ffe3104f6702b25
8d8aa9c2c3798099cba43890c7808bfb34b70dbc853177ef287b50bc28161911
9080fb2f9070168362908cb0d9fe8719eb75abff23c180d8a65fb0f00a9655f3
9554e80e9205a72958e651c671af8454206f962a3b73a8d1d1da08436020fc48
969b16dbf7df3d84d9f2b6498dbd14531a8de0cb889e0532a9d1fd3f1f3c46b7
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9bf0fba8fef236800f22c422836fc23037c0b4370d2a28405cbab1f69314be04
9e4ada2036c22124a2a1c05992805a0b49a414fe2ea46332063e640a38b7cf13
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
ae2ab6d3c5ae7ddc773d968a0732a431d82320b835a4bcc2c8d0c4250ac86416
b62d3ff7ec9f5543b6d6a2429170ed375b550d869b90d9886464143cd89b83ef
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c9b35d3bad95b58eeb08067674cfabce6a112de754e06c25ae4cd06d10d95ae7
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df13b2bb492cfe24e54a5fbdda0b434e5071be93b12683ab32ddc4318bc44a63
df4189cc678d09a03ea6b51e819b3a1724f6ae508d6e2105c8689294a6e1741f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec1bbcc430dc17f7ac3352cce9d392e6e7b64b28fda70ce63a0ae9c6ad9a27ea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00bd5605abf09d06d847cc7f88dc99a887b6f6aa6c294d035e22b8f2b5543bc
f65dd0ed5ab0097e2cb276b346ccfaddb2a9134c9278af39c6a24cd821fce06f
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7