flew.pw Open in urlscan Pro
2606:4700:30::681b:9f11  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response flew.pw/	193 KB 37 KB	72ms 52ms	Document text/html	2606:4700:30::681b:9f11 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://flew.pw/ Protocol HTTP/1.1 Server 2606:4700:30::681b:9f11 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/5.6.40 Resource Hash cc629f2ccf280f56164b6db7b312bd9635566f2c0ea3cc6c375d867406ac94f4 Request headers Host flew.pw Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 05 Aug 2019 20:15:28 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d152c44750d9070256d9493655e1a69811565036128; expires=Tue, 04-Aug-20 20:15:28 GMT; path=/; domain=.flew.pw; HttpOnly X-Powered-By PHP/5.6.40 Server cloudflare CF-RAY 501b717aeda963a1-FRA Content-Encoding gzip
GET H2	200	css fonts.googleapis.com/	4 KB 621 B	17ms 15ms	Stylesheet text/css	2a00:1450:4001:81c::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Asap:400,700,400italic,700italic Requested by Host: flew.pw URL: http://flew.pw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software ESF / Resource Hash 008ad0f80b2b29a7019547128e1da53f90ae5886a57ff4acad22f1b07e8d5479 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer http://flew.pw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding br last-modified Mon, 05 Aug 2019 20:15:28 GMT server ESF link <https://fonts.gstatic.com>; rel=preconnect; crossorigin status 200 date Mon, 05 Aug 2019 20:15:28 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43,39" x-xss-protection 0 expires Mon, 05 Aug 2019 20:15:28 GMT
GET H2	200	font-awesome.min.css maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/	23 KB 6 KB	71ms 24ms	Stylesheet text/css	209.197.3.15 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css Requested by Host: flew.pw URL: http://flew.pw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US), Reverse DNS vip0x00f.map2.ssl.hwcdn.net Software / Resource Hash 541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd Request headers Sec-Fetch-Mode no-cors Referer http://flew.pw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 05 Aug 2019 20:15:28 GMT content-encoding gzip last-modified Wed, 12 Dec 2018 18:35:19 GMT status 200 etag "1544639719" vary Accept-Encoding x-cache HIT content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 x-hello-human Say hello back! @getBootstrapCDN on Twitter accept-ranges bytes timing-allow-origin * content-length 5442
GET H2	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/	120 KB 19 KB	71ms 24ms	Stylesheet text/css	209.197.3.15 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css Requested by Host: flew.pw URL: http://flew.pw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US), Reverse DNS vip0x00f.map2.ssl.hwcdn.net Software / Resource Hash 31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87 Request headers Sec-Fetch-Mode no-cors Referer http://flew.pw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 05 Aug 2019 20:15:28 GMT content-encoding gzip last-modified Wed, 12 Dec 2018 18:34:07 GMT status 200 etag "1544639647" vary Accept-Encoding x-cache HIT content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 x-hello-human Say hello back! @getBootstrapCDN on Twitter accept-ranges bytes timing-allow-origin * content-length 19879
GET H/1.1	200 OK	mov.css flew.pw/lib/css/	7 KB 2 KB	34ms 28ms	Stylesheet text/css	2606:4700:30::681b:9f11 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://flew.pw/lib/css/mov.css Requested by Host: flew.pw URL: http://flew.pw/ Protocol HTTP/1.1 Security , , Server 2606:4700:30::681b:9f11 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 5ccd2d25a8449c3673f66b11e68c320174b338832d69a51bb2cf7f1e803eea58 Request headers Referer http://flew.pw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 05 Aug 2019 20:15:28 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Mon, 04 Dec 2017 04:47:58 GMT Server cloudflare Age 1865 ETag W/"5c00c6-1a87-55f7c6c1d5b80" Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 501b717b5da6bf19-FRA Expires Tue, 06 Aug 2019 00:15:28 GMT
GET H/1.1	200 OK	style.css flew.pw/lib/css/	2 KB 1 KB	27ms 21ms	Stylesheet text/css	2606:4700:30::681b:9f11 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://flew.pw/lib/css/style.css Requested by Host: flew.pw URL: http://flew.pw/ Protocol HTTP/1.1 Security , , Server 2606:4700:30::681b:9f11 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash a0ea22e17c67c28bbdfd7edcc59edd97ff98c10a95d7c78bf8836d2672526bf9 Request headers Referer http://flew.pw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 05 Aug 2019 20:15:28 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Tue, 18 Dec 2018 05:53:42 GMT Server cloudflare Age 1865 ETag W/"5c00c9-75f-57d45850d2580" Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 501b717b5d04637d-FRA Expires Tue, 06 Aug 2019 00:15:28 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.11.3/	94 KB 33 KB	19ms 6ms	Script text/javascript	2a00:1450:4001:81b::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js Requested by Host: flew.pw URL: http://flew.pw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer http://flew.pw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 11 Jul 2019 13:15:45 GMT content-encoding gzip x-content-type-options nosniff age 2185183 status 200 alt-svc quic=":443"; ma=2592000; v="46,43,39" content-length 33507 x-xss-protection 0 last-modified Tue, 20 Dec 2016 18:17:03 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 10 Jul 2020 13:15:45 GMT
GET H2	200	bootstrap.min.js Show response maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/	36 KB 10 KB	72ms 25ms	Script text/javascript	209.197.3.15 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js Requested by Host: flew.pw URL: http://flew.pw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US), Reverse DNS vip0x00f.map2.ssl.hwcdn.net Software / Resource Hash 4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327 Request headers Sec-Fetch-Mode no-cors Referer http://flew.pw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 05 Aug 2019 20:15:28 GMT content-encoding gzip last-modified Wed, 12 Dec 2018 18:33:51 GMT status 200 etag "1544639631" vary Accept-Encoding x-cache HIT content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 x-hello-human Say hello back! @getBootstrapCDN on Twitter accept-ranges bytes timing-allow-origin * content-length 9743
GET H2	200	modernizr.min.js Show response cdnjs.cloudflare.com/ajax/libs/modernizr/2.7.1/	14 KB 6 KB	17ms 16ms	Script application/javascript	2606:4700::6813:c397 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.7.1/modernizr.min.js Requested by Host: flew.pw URL: http://flew.pw/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 0b2a741489fb323cd96e2b546693ca1fc7151cfa0f2111eee4dd512e6b359941 Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Sec-Fetch-Mode no-cors Referer http://flew.pw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 05 Aug 2019 20:15:28 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 9670067 status 200 served-in-seconds 0.039 timing-allow-origin * last-modified Thu, 17 May 2018 09:23:06 GMT server cloudflare etag W/"5afd49fa-38fa" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000; includeSubDomains content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 cf-ray 501b717b5be297a2-FRA expires Sat, 25 Jul 2020 20:15:28 GMT
GET H/1.1	404 Not Found	css3-mediaqueries.js flew.pw/js/	0 0	56ms 50ms	Script text/html	2606:4700:30::681b:9f11 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://flew.pw/js/css3-mediaqueries.js Requested by Host: flew.pw URL: http://flew.pw/ Protocol HTTP/1.1 Security , , Server 2606:4700:30::681b:9f11 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://flew.pw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 05 Aug 2019 20:15:28 GMT Content-Encoding gzip CF-Cache-Status EXPIRED Server cloudflare Vary Accept-Encoding Content-Type text/html; charset=iso-8859-1 Cache-Control public, max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 501b717b6b6cc29f-FRA Expires Tue, 06 Aug 2019 00:15:28 GMT
GET		ntfc.php nativepu.sh/	0 0
GET		invoke.js 4bb6jls06l.com/0b738a72e003d97f515717a9a8992cdd/	0 0
GET H/1.1	404 Not Found	css3-mediaqueries.js flew.pw/js/	0 0	10ms 9ms	Script text/html	2606:4700:30::681b:9f11 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://flew.pw/js/css3-mediaqueries.js Requested by Host: flew.pw URL: http://flew.pw/ Protocol HTTP/1.1 Security , , Server 2606:4700:30::681b:9f11 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://flew.pw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 05 Aug 2019 20:15:28 GMT Content-Encoding gzip CF-Cache-Status HIT Server cloudflare Age 0 Vary Accept-Encoding Content-Type text/html; charset=iso-8859-1 Cache-Control public, max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 501b717bfd6cc29f-FRA Expires Tue, 06 Aug 2019 00:15:28 GMT
GET H/1.1	200 OK	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	91 KB 34 KB	27ms 21ms	Script text/javascript	2a00:1450:4001:809::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: flew.pw URL: http://flew.pw/ Protocol HTTP/1.1 Security , , Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash a2aa7c04a3f28e7ee260a3e311ccd9820872ad050de203c928f4936379592d75 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://flew.pw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Timing-Allow-Origin * Date Mon, 05 Aug 2019 20:15:28 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cafe ETag 10948677265176206110 Vary Accept-Encoding P3P policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cache-Control private, max-age=3600 Content-Disposition attachment; filename="f.txt" Content-Type text/javascript; charset=UTF-8 Content-Length 34254 X-XSS-Protection 0 Expires Mon, 05 Aug 2019 20:15:28 GMT
GET		display.php www.predictivdisplay.com/a/	0 0
GET H/1.1	200 OK	scripts.js Show response flew.pw/lib/js/	4 KB 2 KB	11ms 11ms	Script text/javascript	2606:4700:30::681b:9f11 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://flew.pw/lib/js/scripts.js Requested by Host: flew.pw URL: http://flew.pw/ Protocol HTTP/1.1 Security , , Server 2606:4700:30::681b:9f11 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash fd6eba3639e2c313fec3cb461021cbec781b6e64312c9ed05b8121f94319f8ca Request headers Referer http://flew.pw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 05 Aug 2019 20:15:28 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Wed, 08 Nov 2017 17:56:08 GMT Server cloudflare Age 1864 ETag W/"5c00d4-fb0-55d7c66f1be00" Vary Accept-Encoding Content-Type text/javascript Cache-Control public, max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 501b717c5f3363a1-FRA Expires Tue, 06 Aug 2019 00:15:28 GMT
GET H/1.1	200 OK	screenfull.min.js Show response flew.pw/lib/js/	2 KB 1 KB	9ms 8ms	Script text/javascript	2606:4700:30::681b:9f11 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://flew.pw/lib/js/screenfull.min.js Requested by Host: flew.pw URL: http://flew.pw/ Protocol HTTP/1.1 Security , , Server 2606:4700:30::681b:9f11 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash f5c5a938421bb895386687a7c1a82dbe33ad3319d1d633ca673296b93db4f0e8 Request headers Referer http://flew.pw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 05 Aug 2019 20:15:28 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Wed, 08 Nov 2017 17:56:08 GMT Server cloudflare Age 1864 ETag W/"5c00d3-729-55d7c66f1be00" Vary Accept-Encoding Content-Type text/javascript Cache-Control public, max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 501b717c5eafc29f-FRA Expires Tue, 06 Aug 2019 00:15:28 GMT
GET H2	200	integrator.js Show response adservice.google.de/adsid/	109 B 476 B	31ms 18ms	Script application/javascript	2a00:1450:4001:806::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=flew.pw Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer http://flew.pw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Mon, 05 Aug 2019 20:15:28 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39" content-length 104 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	109 B 476 B	27ms 16ms	Script application/javascript	2a00:1450:4001:809::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=flew.pw Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer http://flew.pw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Mon, 05 Aug 2019 20:15:28 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39" content-length 104 x-xss-protection 0
GET H/1.1	200 OK	native_render.js Show response superonclick.com/script/	4 KB 3 KB	39ms 27ms	Script application/javascript	2606:4700:30::681c:188d Cloudflare
General Check archive.org Show headers Download Go to Full URL http://superonclick.com/script/native_render.js Requested by Host: flew.pw URL: http://flew.pw/ Protocol HTTP/1.1 Security , , Server 2606:4700:30::681c:188d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51 Request headers Referer http://flew.pw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 05 Aug 2019 20:15:28 GMT Content-Encoding gzip CF-Cache-Status HIT Age 2426 X-GUploader-UploadID AEnB2UoVbvZRBgkV3fMEzsf1TfsumZLCMODyPaiwpiv2oyaRiQZOmjupd16rtw6N_YKn8l5MSZZ-Hk7tcxn5yuevVl2lWVauuw x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity Connection keep-alive Content-Type application/javascript Last-Modified Wed, 13 Feb 2019 10:15:50 GMT Server cloudflare ETag W/"8b801d68c6f63f9ef8a9a7aa484b9c75" Vary Accept-Encoding x-goog-hash crc32c=rXethw==, md5=i4AdaMb2P574qaeqSEucdQ== x-goog-generation 1550052950916101 Cache-Control public, max-age=14400 Transfer-Encoding chunked x-goog-stored-content-length 4285 CF-RAY 501b717cadacd6d5-FRA Expires Tue, 06 Aug 2019 00:15:28 GMT
GET H/1.1	200 OK	native_server.js Show response superonclick.com/script/	9 KB 4 KB	25ms 13ms	Script application/javascript	2606:4700:30::681c:188d Cloudflare
General Check archive.org Show headers Download Go to Full URL http://superonclick.com/script/native_server.js Requested by Host: flew.pw URL: http://flew.pw/ Protocol HTTP/1.1 Security , , Server 2606:4700:30::681c:188d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd Request headers Referer http://flew.pw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 05 Aug 2019 20:15:28 GMT Content-Encoding gzip CF-Cache-Status HIT Age 1351 X-GUploader-UploadID AEnB2Uq4LPxnupOG504jVMpIq0RPhQUM-JUcAVORyhaYfXgyHnFlkXXOl4WlhPGVpb4yQXUSoouYMi2P8CQcKzsRr7l8ZAcNSA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity Connection keep-alive Content-Type application/javascript Last-Modified Wed, 13 Feb 2019 10:15:52 GMT Server cloudflare ETag W/"51d87e9ebd831fccab6a016079a60793" Vary Accept-Encoding x-goog-hash crc32c=RAjq/g==, md5=Udh+nr2DH8yragFgeaYHkw== x-goog-generation 1550052952705094 Cache-Control public, max-age=14400 Transfer-Encoding chunked x-goog-stored-content-length 9260 CF-RAY 501b717cab0b275a-FRA Expires Tue, 06 Aug 2019 00:15:28 GMT
GET H/1.1	200 OK	Cookie set identify.html ufpcdn.com/script/ Frame 3230	0 0	130ms 123ms	Document text/html	2606:4700:30::6812:3647 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://ufpcdn.com/script/identify.html?frmt=0 Requested by Host: superonclick.com URL: http://superonclick.com/script/native_server.js Protocol HTTP/1.1 Server 2606:4700:30::6812:3647 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Request headers Host ufpcdn.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Referer http://flew.pw/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://flew.pw/ Response headers Date Mon, 05 Aug 2019 20:15:29 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=ddd28b8fa22dd2d966915478a14c892f21565036129; expires=Tue, 04-Aug-20 20:15:29 GMT; path=/; domain=.ufpcdn.com; HttpOnly Last-Modified Tue, 15 May 2018 06:39:25 GMT Server cloudflare CF-RAY 501b717e4c39c2ae-FRA Content-Encoding gzip
GET H/1.1	204 No Content	native.php Show response discovernative.com/script/	0 130 B	164ms 141ms	Script text/plain	130.211.31.231 Google LLC
General Check archive.org Show headers Download Go to Full URL http://discovernative.com/script/native.php?nwpsv=1&r=2386011&cbrandom=0.4972922377770026&cbWidth=1600&cbHeight=1200&cbtitle=Construction%20Home%20Design%20and%20Decoration%20Ideas%20-%20Best%20Home%20Improvement%20and%20Build&cbref=&cbdescription=Construction%20Home%20Design%20and%20Decoration%20Ideas%20-%20Best%20Home%20Improvement%20and%20Build%20-%20Best%20Home%20Design%20Ideas%20%20%7C%20home%20renovations%20%7C%20house%20remodeling%20%7C%20house%20renovation%20%7C%20kitchen%20remodeling%20%7C%20home%20improvement%20contractor%20%7C%20home%20improvement%20contractors%20%7C%20home%20improvement&cbkeywords=Construction%20Home%20Design%20and%20Decoration%20Ideas%20-%20Best%20Home%20Improvement%20and%20Build%20-%20Best%20Home%20Design%20Ideas%20%20%7C%20home%20renovations%20%7C%20house%20remodeling%20%7C%20house%20renovation%20%7C%20kitchen%20remodeling%20%7C%20home%20improvement%20contractor%20%7C%20home%20improvement%20contractors%20%7C%20home%20improvement&cbiframe=0&&ufp=692710099940020007797083973&callback=jsonp241359 Requested by Host: flew.pw URL: http://flew.pw/ Protocol HTTP/1.1 Security , , Server 130.211.31.231 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 231.31.211.130.bc.googleusercontent.com Software openresty / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://flew.pw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 05 Aug 2019 20:15:29 GMT Via 1.1 google Referrer-Policy no-referrer Server openresty
GET H/1.1	200 OK	three.min.js Show response chersoat.com/modules/three/7.26.52/	79 KB 25 KB	367ms 55ms	Script application/javascript	5.11.81.58 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://chersoat.com/modules/three/7.26.52/three.min.js Requested by Host: flew.pw URL: http://flew.pw/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 5.11.81.58 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash f337973b95408ddafe081b3a3cc0e92066be5621ac4ad23d12298ad94be0a7d3 Request headers Sec-Fetch-Mode no-cors Referer http://flew.pw/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Mon, 05 Aug 2019 20:15:39 GMT Content-Encoding gzip Server nginx Timing-Allow-Origin * Transfer-Encoding chunked Access-Control-Allow-Methods GET, POST, OPTIONS P3P CP="CUR ADM OUR NOR STA NID" Cache-Control private, max-age=0, no-cache Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/javascript Expires Mon, 26 Jul 1997 05:00:00 GMT
POST		custom chersoat.com/	0 0
GET		gid.js my.rtmark.net/	0 0
GET		open-color.min.css chersoat.com/modules/open-color/7.26.52/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

nativepu.sh

URL

http://nativepu.sh/ntfc.php?p=2562737

Domain

4bb6jls06l.com

URL

http://4bb6jls06l.com/0b738a72e003d97f515717a9a8992cdd/invoke.js

Domain

www.predictivdisplay.com

URL

http://www.predictivdisplay.com/a/display.php?r=2386007

Domain

chersoat.com

URL

https://chersoat.com/custom

Domain

my.rtmark.net

URL

https://my.rtmark.net/gid.js?pub=undefined&userId=bcdb7ba7b717d04246e0b7f27d1e37a9&zoneId=2562738&checkDuplicate=true

Domain

chersoat.com

URL

https://chersoat.com/modules/open-color/7.26.52/open-color.min.css

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| open_win function| $ function| jQuery object| jQuery1113046985552426061306 object| html5 object| Modernizr function| yepnope object| zfgformats function| setImmediate function| clearImmediate function| _trgylocc function| _vamlih object| zoneNativeSett object| urls function| acPrefetch object| nativeInit object| nativeForPublishers object| google_js_reporting_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| adsbygoogle object| _0x32b6 function| _0xda00 object| CTAHKA function| ufpAttach boolean| wait function| native_request object| _0x50db function| _0x48ba function| setupAd object| CTABPuNative string| zone object| adcashUfp function| jsonp241359 object| ntfcSDK boolean| zfgloadedpush boolean| zfgloadedpushopt boolean| zfgloadedpushcode object| onClickExcludes

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://chersoat.com/modules/three/7.26.52/three.min.js(Line 2) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://chersoat.com/modules/three/7.26.52/three.min.js(Line 2) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://chersoat.com/modules/three/7.26.52/three.min.js(Line 2) Message: Error: TIMEOUT_ERROR

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4bb6jls06l.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
cdnjs.cloudflare.com
chersoat.com
discovernative.com
flew.pw
fonts.googleapis.com
maxcdn.bootstrapcdn.com
my.rtmark.net
nativepu.sh
pagead2.googlesyndication.com
superonclick.com
ufpcdn.com
www.predictivdisplay.com
4bb6jls06l.com
chersoat.com
my.rtmark.net
nativepu.sh
www.predictivdisplay.com
130.211.31.231
209.197.3.15
2606:4700:30::6812:3647
2606:4700:30::681b:9f11
2606:4700:30::681c:188d
2606:4700::6813:c397
2a00:1450:4001:806::2002
2a00:1450:4001:809::2002
2a00:1450:4001:81b::200a
2a00:1450:4001:81c::200a
5.11.81.58
008ad0f80b2b29a7019547128e1da53f90ae5886a57ff4acad22f1b07e8d5479
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0b2a741489fb323cd96e2b546693ca1fc7151cfa0f2111eee4dd512e6b359941
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5ccd2d25a8449c3673f66b11e68c320174b338832d69a51bb2cf7f1e803eea58
7965b4334f08b3c398843d721ab3b5535461f4183ec6bb0923d1ae092b9cfd51
a0ea22e17c67c28bbdfd7edcc59edd97ff98c10a95d7c78bf8836d2672526bf9
a2aa7c04a3f28e7ee260a3e311ccd9820872ad050de203c928f4936379592d75
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
cc629f2ccf280f56164b6db7b312bd9635566f2c0ea3cc6c375d867406ac94f4
e282545f9f7c4117db91f8a2c33e5a1dad31f3c6edbe74b9776c1f8b85c166bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f337973b95408ddafe081b3a3cc0e92066be5621ac4ad23d12298ad94be0a7d3
f5c5a938421bb895386687a7c1a82dbe33ad3319d1d633ca673296b93db4f0e8
fd6eba3639e2c313fec3cb461021cbec781b6e64312c9ed05b8121f94319f8ca