urlscan.io logo urlscan.io
SecurityTrails logo

bitfly.io Open in urlscan Pro
2606:4700:3035::6815:159d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://l4s.cc/a/e/1f/aHR0cHM6Ly9maWxlY3J5cHQuY2MvQ29udGFpbmVyL0RCQjFBRTFEQzEuaHRtbA==
Effective URL: https://bitfly.io/CZX3QW
Submission: On June 01 via manual from PE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 31 IPs in 5 countries across 23 domains to perform 90 HTTP transactions. The main IP is 2606:4700:3035::6815:159d, located in United States and belongs to CLOUDFLARENET, US. The main domain is bitfly.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 27th 2020. Valid for: a year.
This is the only time bitfly.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 13 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 139.45.197.248 9002 (RETN-AS)
5 139.45.197.15 9002 (RETN-AS)
6 142.250.185.130 15169 (GOOGLE)
1 51.75.167.52 16276 (OVH)
1 172.255.6.45 7979 (SERVERS-COM)
2 2606:4700:303... 13335 (CLOUDFLAR...)
9 139.45.196.195 9002 (RETN-AS)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 139.45.195.8 9002 (RETN-AS)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 139.45.197.188 9002 (RETN-AS)
2 139.45.197.238 9002 (RETN-AS)
2 2a00:1450:400... 15169 (GOOGLE)
3 94.130.218.84 24940 (HETZNER-AS)
3 2600:9000:218... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
90 31
1    2606:4700:3031::ac43:96cc (United States)

ASN13335 (CLOUDFLARENET, US)
l4s.cc
13    2606:4700:3035::6815:159d (United States)

ASN13335 (CLOUDFLARENET, US)
bitfly.io
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    139.45.197.248 (United Kingdom)

ASN9002 (RETN-AS, GB)
zunsoach.com
5    139.45.197.15 (United Kingdom)

ASN9002 (RETN-AS, GB)
in-page-push.com
6    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
securepubads.g.doubleclick.net
1    51.75.167.52 (Asnieres-sur-Seine, France)

ASN16276 (OVH, FR)
PTR: ip52.ip-51-75-167.eu
snodlycaccias.com
1    172.255.6.45 (Netherlands)

ASN7979 (SERVERS-COM, US)
shockersheva.com
2    2606:4700:3035::6815:23c7 (United States)

ASN13335 (CLOUDFLARENET, US)
ads.adshort.media
9    139.45.196.195 (United Kingdom)

ASN9002 (RETN-AS, GB)
shaidolt.com
4    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.recaptcha.net
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.nl
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fce824c87fd89e93389d6ef1aaf112b0.safeframe.googlesyndication.com
3    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
4    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    139.45.197.188 (United Kingdom)

ASN9002 (RETN-AS, GB)
static.cdnativepush.com
2    139.45.197.238 (United Kingdom)

ASN9002 (RETN-AS, GB)
forzubatr.com
2    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    94.130.218.84 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.84.218.130.94.clients.your-server.de
app.playstream.media
3    2600:9000:218f:a00:8:3ed5:e880:93a1 (United States)

ASN16509 (AMAZON-02, US)
acdn.flickstree.com
1    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.nl
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
pubads.g.doubleclick.net
Domain Requested by
13 bitfly.io 1 redirects bitfly.io
9 shaidolt.com bitfly.io
shaidolt.com
6 www.gstatic.com www.recaptcha.net
www.gstatic.com
6 securepubads.g.doubleclick.net bitfly.io
securepubads.g.doubleclick.net
5 in-page-push.com bitfly.io
in-page-push.com
4 static.cdnativepush.com in-page-push.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
srcdoc
4 fonts.gstatic.com fonts.googleapis.com
www.recaptcha.net
4 www.recaptcha.net bitfly.io
www.gstatic.com
4 zunsoach.com bitfly.io
zunsoach.com
3 acdn.flickstree.com ads.adshort.media
3 app.playstream.media ads.adshort.media
imasdk.googleapis.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 imasdk.googleapis.com ads.adshort.media
imasdk.googleapis.com
2 forzubatr.com
2 my.rtmark.net zunsoach.com
in-page-push.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
2 adservice.google.nl securepubads.g.doubleclick.net
imasdk.googleapis.com
2 ads.adshort.media bitfly.io
ads.adshort.media
1 pubads.g.doubleclick.net imasdk.googleapis.com
1 s0.2mdn.net imasdk.googleapis.com
1 www.google.com tpc.googlesyndication.com
1 fce824c87fd89e93389d6ef1aaf112b0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 www.googletagmanager.com bitfly.io
1 shockersheva.com bitfly.io
1 snodlycaccias.com bitfly.io
1 fonts.googleapis.com bitfly.io
1 l4s.cc 1 redirects
90 29

This site contains links to these domains. Also see Links.

Domain
docs.google.com
www.facebook.com
twitter.com
myaccount.google.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-27 -
2021-08-27		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
zunsoach.com
R3		 2021-04-20 -
2021-07-19		 3 months crt.sh
in-page-push.com
R3		 2021-05-22 -
2021-08-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
snodlycaccias.com
R3		 2021-05-19 -
2021-08-17		 3 months crt.sh
shockersheva.com
R3		 2021-05-19 -
2021-08-17		 3 months crt.sh
shaidolt.com
R3		 2021-05-22 -
2021-08-20		 3 months crt.sh
misc.google.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA		 2020-10-27 -
2021-11-26		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
cdnativepush.com
R3		 2021-04-25 -
2021-07-24		 3 months crt.sh
forzubatr.com
R3		 2021-05-17 -
2021-08-15		 3 months crt.sh
*.playstream.media
AlphaSSL CA - SHA256 - G2		 2021-04-06 -
2022-05-08		 a year crt.sh
acdn.flickstree.com
Amazon		 2020-08-06 -
2021-09-06		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://bitfly.io/CZX3QW
Frame ID: D170DA07D9A39115BF763BAFF03D2591
Requests: 65 HTTP requests in this frame

Frame: https://zunsoach.com/fac.php
Frame ID: C506B8CC36AF8C9B38F8B42E7B59510A
Requests: 2 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Le9z8MZAAAAAIOiSMn0Im1pyPvw_Pn61NXVWfnK&co=aHR0cHM6Ly9iaXRmbHkuaW86NDQz&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=normal&cb=m417s1qv9kmv
Frame ID: 6C8CE155F270E798EA5E2B3E9A379A9E
Requests: 8 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&k=6Le9z8MZAAAAAIOiSMn0Im1pyPvw_Pn61NXVWfnK&cb=jz1qro7kekfe
Frame ID: 156BDA1C0459320C1521772EC62E5993
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: DE4C38FB1FD57863695966162FA0F967
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 63F8140AD28B14EE3C96B3CA2D2828A6
Requests: 1 HTTP requests in this frame

Frame: https://static.cdnativepush.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/0377052970676.png
Frame ID: 295C6DC21B7FE53D227639BFB339B4A2
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.462.0_en.html
Frame ID: 1534158A23664BFB767568E028A3322F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 6F3799AF7654D093E19BAAEC074D7250
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://l4s.cc/a/e/1f/aHR0cHM6Ly9maWxlY3J5cHQuY2MvQ29udGFpbmVyL0RCQjFBRTFEQzEuaHRtbA== HTTP 302
    https://bitfly.io/full?api=f6ef817392232a24378eac7674297509d5877e8a&url=aHR0cHM6Ly9maWxlY3J5cH... HTTP 301
    https://bitfly.io/CZX3QW Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

90
Requests

99 %
HTTPS

65 %
IPv6

23
Domains

29
Subdomains

31
IPs

5
Countries

2614 kB
Transfer

5114 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://l4s.cc/a/e/1f/aHR0cHM6Ly9maWxlY3J5cHQuY2MvQ29udGFpbmVyL0RCQjFBRTFEQzEuaHRtbA== HTTP 302
    https://bitfly.io/full?api=f6ef817392232a24378eac7674297509d5877e8a&url=aHR0cHM6Ly9maWxlY3J5cHQuY2MvQ29udGFpbmVyL0RCQjFBRTFEQzEuaHRtbA==&type=2 HTTP 301
    https://bitfly.io/CZX3QW Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

90 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request CZX3QW
bitfly.io/
Redirect Chain
  • https://l4s.cc/a/e/1f/aHR0cHM6Ly9maWxlY3J5cHQuY2MvQ29udGFpbmVyL0RCQjFBRTFEQzEuaHRtbA==
  • https://bitfly.io/full?api=f6ef817392232a24378eac7674297509d5877e8a&url=aHR0cHM6Ly9maWxlY3J5cHQuY2MvQ29udGFpbmVyL0RCQjFBRTFEQzEuaHRtbA==&type=2
  • https://bitfly.io/CZX3QW
74 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bitfly.io/CZX3QW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:159d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.22RC1
Resource Hash
3ce2404bfb5852056fb9d5955708dd8205457612d094f0c0787293d14472ab3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
bitfly.io
:scheme
https
:path
/CZX3QW
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
AppSession=9ftv0b6kgotbv97g4vc2tlt4tr; csrfToken=2b7fd42b2482f29790111fb38657b6d5a39449c870031a585c7af301ad8e7ed69cd931d0f4c0b916acd98373e9bbc285d3faa96abc92b64d62be1a0982b31abc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:58:27 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN SAMEORIGIN
x-powered-by
PHP/7.3.22RC1
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-robots-tag
noindex, nofollow
vary
Accept-Encoding,User-Agent
x-xss-protection
1; mode=block
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
cf-request-id
0a6b65cdfe0000d6b5be9cc000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=umyO4EgJO9PGSsrTzhIyL47m6zs3Gmimbu%2F7ifvwK4n0PXTbrqNCicXv6FNOdnzoaje%2B2cXsQzsMKo9siOHz4i3UqSmz0V6zdQcvscLziUbl0fc8T25SKNTgx%2Fvk4994jiGa"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658c0bf66da8d6b5-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Tue, 01 Jun 2021 22:58:26 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.3.22RC1
set-cookie
AppSession=9ftv0b6kgotbv97g4vc2tlt4tr; path=/; HttpOnly csrfToken=2b7fd42b2482f29790111fb38657b6d5a39449c870031a585c7af301ad8e7ed69cd931d0f4c0b916acd98373e9bbc285d3faa96abc92b64d62be1a0982b31abc; path=/; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-robots-tag
noindex, nofollow
location
https://bitfly.io/CZX3QW
vary
Accept-Encoding,User-Agent
x-xss-protection
1; mode=block
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
cf-request-id
0a6b65cd3000004a85cc9e6000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=duL7R8DrYFnizTbLg8TbbdPpOwCWEOor9ji%2FqejDWd976bBLnR4XRham54qwcz2B23GH4ce1txQH02wkf7vB2BY05Vq1M9lFEUf4d%2FPU6xHwxZ%2BTabTiptxklH2wxqoP7%2F8p"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
658c0bf51ba74a85-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
css
fonts.googleapis.com/ 		6 KB
809 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Requested by
Host: bitfly.io
URL: https://bitfly.io/CZX3QW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4b13b091264448af149e519f01f3838360a69f04c20e42583b0a942ca912d4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 01 Jun 2021 21:12:47 GMT
server
ESF
date
Tue, 01 Jun 2021 22:58:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Jun 2021 22:58:27 GMT
styles.min.css
bitfly.io/modern_theme/build/css/ 		187 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bitfly.io/modern_theme/build/css/styles.min.css?ver=6.4.0
Requested by
Host: bitfly.io
URL: https://bitfly.io/CZX3QW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:159d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eaa9d6b2ef974d28c6a444faa1d4d5a4f734cb809cdae0ec4cdb3f10c9e9c8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/modern_theme/build/css/styles.min.css?ver=6.4.0
pragma
no-cache
cookie
AppSession=9ftv0b6kgotbv97g4vc2tlt4tr; csrfToken=2b7fd42b2482f29790111fb38657b6d5a39449c870031a585c7af301ad8e7ed69cd931d0f4c0b916acd98373e9bbc285d3faa96abc92b64d62be1a0982b31abc
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
bitfly.io
referer
https://bitfly.io/CZX3QW
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bitfly.io/CZX3QW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:58:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2191844
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a6b65cef80000d6b5d4307000000001
last-modified
Sat, 05 Sep 2020 14:06:49 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"ff408-2ed87-5ae917f14c62d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5QdspvXY5kP%2FxZdmOD%2BU2z%2Bcx8Whc%2FNL1xOTYrWZnfwHj1jmBqxVcXJHUSkiysYKIXdY%2FiQcCvWZt5rlDrppOuUhQmM0%2FPX8zIbq6AveDguwvW8AYCRWwwVU0JyRFcdoKvf9"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=2592000
cf-ray
658c0bf7ff9ed6b5-FRA
expires
Sun, 06 Jun 2021 14:07:24 GMT
logo.png
bitfly.io/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bitfly.io/images/logo.png
Requested by
Host: bitfly.io
URL: https://bitfly.io/CZX3QW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:159d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4756abd045e050f4ab3ead8aec9299b4cc4a15b08e6422642725372b9b2f03bb

Request headers

:path
/images/logo.png
pragma
no-cache
cookie
AppSession=9ftv0b6kgotbv97g4vc2tlt4tr; csrfToken=2b7fd42b2482f29790111fb38657b6d5a39449c870031a585c7af301ad8e7ed69cd931d0f4c0b916acd98373e9bbc285d3faa96abc92b64d62be1a0982b31abc
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bitfly.io
referer
https://bitfly.io/CZX3QW
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bitfly.io/CZX3QW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:58:27 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2191844
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
18964
cf-request-id
0a6b65cf370000d6b5ca145000000001
last-modified
Wed, 02 Sep 2020 01:06:11 GMT
server
cloudflare
etag
"5f4ef003-4a14"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mKLGcr2je8SPj6x44hAkGjbNp5n3YHelRmNccFQf4hT5EaLjdIGjkImnNdoLaYQYqjAd%2BgENGDPA2df54fuGzkWA7FFmJx3dmHYZJGazx3GdO07aRm%2FzHx%2BjiT5FgDgbmzai"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
658c0bf85801d6b5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
3782913
zunsoach.com/5/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zunsoach.com/5/3782913
Requested by
Host: bitfly.io
URL: https://bitfly.io/CZX3QW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e60fcce6d9b7d3773e5553d9c24094c555bddc5b0aef2f6e4d46dc6c326e53c

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id
17cfedba5371b4c96b214342387fbb3d
pragma
no-cache, no-cache
date
Tue, 01 Jun 2021 22:58:27 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
nt.js
bitfly.io/js/ 		22 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bitfly.io/js/nt.js
Requested by
Host: bitfly.io
URL: https://bitfly.io/CZX3QW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:159d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
387ae00105a57442349d7b83bd0ad289ebf1f1c661acd3bdb789feb5662a39f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/js/nt.js
pragma
no-cache
cookie
AppSession=9ftv0b6kgotbv97g4vc2tlt4tr; csrfToken=2b7fd42b2482f29790111fb38657b6d5a39449c870031a585c7af301ad8e7ed69cd931d0f4c0b916acd98373e9bbc285d3faa96abc92b64d62be1a0982b31abc
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bitfly.io
referer
https://bitfly.io/CZX3QW
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bitfly.io/CZX3QW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:58:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2191844
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a6b65cf150000d6b5d4308000000001
last-modified
Fri, 07 May 2021 14:05:44 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1009e6-59b9-5c1bdec7fc28f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Vd97mfDWaSE9iTKx4XrnCd1M2zymDyNuR60e7hSZ1DpEdGA32U8sJouWtGAmPhVpRYHfKdTpMJ5FQ7GYobJKd9%2B5%2FwRbrtU9YJRxYpb1PwWiAVta6xPeVc5yylMapwxFHbBY"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
x-xss-protection
1; mode=block
cache-control
max-age=2592000
cf-ray
658c0bf80fb8d6b5-FRA
expires
Sun, 06 Jun 2021 14:07:24 GMT
3588244
in-page-push.com/400/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://in-page-push.com/400/3588244
Requested by
Host: bitfly.io
URL: https://bitfly.io/CZX3QW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
fbca3164c2ab7bb24203a8a79278777279df50ce763ee96a69c2224a432368ed
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id
13c30f3a4843b47fe6dd51f2d9d280c7
pragma
no-cache
date
Tue, 01 Jun 2021 22:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security
max-age=1
timing-allow-origin
*
expires
Wed, 31 Dec 1969 19:00:00 EST
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: bitfly.io
URL: https://bitfly.io/CZX3QW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
3ec613c52b9415b50d37cf22a29f89882700d595fe447ce49404c2a30d360eba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"890 / 743 of 1000 / last-modified: 1622585871"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21253
x-xss-protection
0
expires
Tue, 01 Jun 2021 22:58:27 GMT
35918
snodlycaccias.com/tANIyTltcqf/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://snodlycaccias.com/tANIyTltcqf/35918
Requested by
Host: bitfly.io
URL: https://bitfly.io/CZX3QW
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
51.75.167.52 Asnieres-sur-Seine, France, ASN16276 (OVH, FR),
Reverse DNS
ip52.ip-51-75-167.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://bitfly.io
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, OPTIONS
32944
shockersheva.com/gtfP0IRHVsKWSbw/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://shockersheva.com/gtfP0IRHVsKWSbw/32944
Requested by
Host: bitfly.io
URL: https://bitfly.io/CZX3QW
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
172.255.6.45 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://bitfly.io
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, OPTIONS
float_1011.js
ads.adshort.media/video/ 		551 B
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adshort.media/video/float_1011.js
Requested by
Host: bitfly.io
URL: https://bitfly.io/CZX3QW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:23c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47a308905cc0408f5b2e3cbc5b54c3311e68fb692a0c3292d901bc81bfa64d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:58:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
841323
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a6b65cf5000004ee6329be000000001
last-modified
Fri, 05 Mar 2021 10:10:03 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9NNrDJHciSBVUGs8X4bQVhw%2F8fxX2YyOmyZFmuS4SoVDL9iHVGHwEMInA2cjAURtnZlu%2FhhTKroDoJZ2vrr4nJOMhv1WHMW4KhHtdaQ2nYl00EW%2F5%2BPeQBhPPMVYRBatFyfT6JwEDakIuyI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=2592000
cf-ray
658c0bf87d684ee6-FRA
expires
Tue, 22 Jun 2021 05:16:24 GMT
ntfc.php
shaidolt.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shaidolt.com/ntfc.php?p=3969452
Requested by
Host: bitfly.io
URL: https://bitfly.io/CZX3QW
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.195 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
44f150d3e34d3188792477a387c135ea33b6090aaa90aa6de073e6fb5041df70

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Jun 2021 22:58:25 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 May 2021 12:38:49 GMT
Server
nginx
ETag
W/"609291d9-380b"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
ads.js
bitfly.io/js/ 		191 B
756 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bitfly.io/js/ads.js
Requested by
Host: bitfly.io
URL: https://bitfly.io/CZX3QW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:159d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/js/ads.js
pragma
no-cache
cookie
AppSession=9ftv0b6kgotbv97g4vc2tlt4tr; csrfToken=2b7fd42b2482f29790111fb38657b6d5a39449c870031a585c7af301ad8e7ed69cd931d0f4c0b916acd98373e9bbc285d3faa96abc92b64d62be1a0982b31abc
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bitfly.io
referer
https://bitfly.io/CZX3QW
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bitfly.io/CZX3QW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:58:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2191844
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a6b65cf360000d6b51a10e000000001
last-modified
Wed, 26 Aug 2020 22:35:09 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"ff36b-bf-5adcf6ea579e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XKfUhS04l5iezR8588ilEyj0Ny4IeOGUrerxudm9meoV28iZWCVASUAyCZq1nANFs6fCJAUZSoILY3pC8%2FFDVABIMgL3etm3fhS6p9zyUvmTvCCmg%2F3fFFw3orR96jHdmeC9"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
x-xss-protection
1; mode=block
cache-control
max-age=2592000
cf-ray
658c0bf85ffed6b5-FRA
expires
Sun, 06 Jun 2021 14:07:25 GMT
script.min.js
bitfly.io/modern_theme/build/js/ 		202 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bitfly.io/modern_theme/build/js/script.min.js?ver=6.4.0
Requested by
Host: bitfly.io
URL: https://bitfly.io/CZX3QW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:159d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/modern_theme/build/js/script.min.js?ver=6.4.0
pragma
no-cache
cookie
AppSession=9ftv0b6kgotbv97g4vc2tlt4tr; csrfToken=2b7fd42b2482f29790111fb38657b6d5a39449c870031a585c7af301ad8e7ed69cd931d0f4c0b916acd98373e9bbc285d3faa96abc92b64d62be1a0982b31abc
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bitfly.io
referer
https://bitfly.io/CZX3QW
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bitfly.io/CZX3QW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:58:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2191844
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a6b65cf370000d6b5069c3000000001
last-modified
Wed, 26 Aug 2020 22:37:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"ff42f-32956-5adcf7627d2fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VKTBKWGLeFczynzcAZl7rWbl0uwMvAnpd1PCgadI%2BvNRSfxZizeQtZgxHy1aRcF6W8bArOp0MKQHQ98odb5Y6t3LBOsw4dfbuUnzhoEsnKY6n2skhZCDYb%2BWF6AlE5IEyYqA"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
x-xss-protection
1; mode=block
cache-control
max-age=2592000
cf-ray
658c0bf85fffd6b5-FRA
expires
Sun, 06 Jun 2021 14:07:25 GMT
api.js
www.recaptcha.net/recaptcha/ 		921 B
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
Requested by
Host: bitfly.io
URL: https://bitfly.io/CZX3QW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4590e346e3a642255d0d9bec80ed8f9adf89f9f6e9a2fc514d8df9a6ec7090f1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
585
x-xss-protection
1; mode=block
expires
Tue, 01 Jun 2021 22:58:27 GMT
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-178495285-1
Requested by
Host: bitfly.io
URL: https://bitfly.io/CZX3QW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8d450ef5575c1266542dc9c9831d3d338ee4fe3d5db95a93b64fcc4b9d665ba8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:58:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35939
x-xss-protection
0
last-modified
Tue, 01 Jun 2021 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 01 Jun 2021 22:58:27 GMT
header.jpg
bitfly.io/modern_theme/build/img/ 		370 KB
371 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bitfly.io/modern_theme/build/img/header.jpg
Requested by
Host: bitfly.io
URL: https://bitfly.io/modern_theme/build/css/styles.min.css?ver=6.4.0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:159d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
482186b8a6ac0b84f41dac5f2f82376cda86b09132665824f76cd32d4dc65495
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/modern_theme/build/img/header.jpg
pragma
no-cache
cookie
AppSession=9ftv0b6kgotbv97g4vc2tlt4tr; csrfToken=2b7fd42b2482f29790111fb38657b6d5a39449c870031a585c7af301ad8e7ed69cd931d0f4c0b916acd98373e9bbc285d3faa96abc92b64d62be1a0982b31abc
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bitfly.io
referer
https://bitfly.io/modern_theme/build/css/styles.min.css?ver=6.4.0
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bitfly.io/modern_theme/build/css/styles.min.css?ver=6.4.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:58:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2191844
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
379294
cf-request-id
0a6b65cf380000d6b5e6047000000001
last-modified
Fri, 04 Sep 2020 15:33:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"10098f-5c99e-5ae7e9898a1fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WlkVZiD%2FBIDe1PLHkfHdpB6nQZnEJkyB3Zwozz4HlmKjSU2CnCTSf1lj%2FuqmqgDcC%2FyH59HbMLd6Tqipk46fpaNgP7AjCX9Uazazyjvy0%2FJm%2FeFS5sgO8keMYgOIXfO8A7h2"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
658c0bf85803d6b5-FRA
expires
Sat, 07 May 2022 14:07:26 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://bitfly.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:33:26 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:52 GMT
server
sffe
age
15901
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19172
x-xss-protection
0
expires
Wed, 01 Jun 2022 18:33:26 GMT
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v22/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://bitfly.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 07:07:55 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 Jul 2020 20:50:02 GMT
server
sffe
age
57032
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31120
x-xss-protection
0
expires
Wed, 01 Jun 2022 07:07:55 GMT
pubads_impl_2021052601.js
securepubads.g.doubleclick.net/gpt/ 		311 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 26 May 2021 08:37:30 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111649
x-xss-protection
0
expires
Tue, 01 Jun 2021 22:58:27 GMT
integrator.js
adservice.google.nl/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=bitfly.io
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 01 Jun 2021 22:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=bitfly.io
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 01 Jun 2021 22:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		444 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3262533518892404&correlator=1719406501091998&output=ldjh&impl=fifs&eid=31061142%2C21065724&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210601&iu_parts=360613911%2Cbtflyresphor&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x100%7C728x90%7C300x50%7C970x90&cookie_enabled=1&bc=31&abxe=1&lmt=1622588307&dt=1622588307376&dlt=1622588307190&idt=171&frm=20&biw=1600&bih=1200&oid=3&adxs=313&adys=173&adks=78075499&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbitfly.io%2FCZX3QW&vis=1&dmc=8&scr_x=0&scr_y=0&psz=975x34&msz=975x0&ga_vid=1960804604.1622588307&ga_sid=1622588307&ga_hid=1399321321&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
54fe6b487193b650bfbd58c2353a27f947d7308be30f652205ac7c7f92c7e19c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:58:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
230
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bitfly.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fce824c87fd89e93389d6ef1aaf112b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://fce824c87fd89e93389d6ef1aaf112b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		439 B
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3262533518892404&correlator=1719406501091998&output=ldjh&impl=fifs&eid=31061142%2C21065724&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210601&iu_parts=360613911%2Cbitfly&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&cookie_enabled=1&bc=31&abxe=1&lmt=1622588307&dt=1622588307382&dlt=1622588307190&idt=171&frm=20&biw=1600&bih=1200&oid=3&adxs=632&adys=207&adks=3155211297&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbitfly.io%2FCZX3QW&vis=1&dmc=8&scr_x=0&scr_y=0&psz=945x280&msz=336x-1&ga_vid=1960804604.1622588307&ga_sid=1622588307&ga_hid=1399321321&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
a9deecd3d687dde6711ba915d5f9f3a8434dabf48223c59753e5616580b71bd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:58:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
223
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bitfly.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		445 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3262533518892404&correlator=1719406501091998&output=ldjh&impl=fifs&eid=31061142%2C21065724&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210601&iu_parts=360613911%2Cbitflyrespsq&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C200x200%7C300x250%7C336x280&cookie_enabled=1&bc=31&abxe=1&lmt=1622588307&dt=1622588307388&dlt=1622588307190&idt=171&frm=20&biw=1600&bih=1200&oid=3&adxs=328&adys=522&adks=3003422380&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbitfly.io%2FCZX3QW&vis=1&dmc=8&scr_x=0&scr_y=0&psz=945x334&msz=945x0&ga_vid=1960804604.1622588307&ga_sid=1622588307&ga_hid=1399321321&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
3e2f16072b81a8a803fedb546306f30535627be74b9868d22c3c03cda2378a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:58:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
230
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bitfly.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		445 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3262533518892404&correlator=1719406501091998&output=ldjh&impl=fifs&eid=31061142%2C21065724&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210601&iu_parts=360613911%2Cbitflyrespsq&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C200x200%7C300x250%7C336x280&cookie_enabled=1&bc=31&abxe=1&lmt=1622588307&dt=1622588307390&dlt=1622588307190&idt=171&frm=20&biw=1600&bih=1200&oid=3&adxs=328&adys=576&adks=3003422383&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbitfly.io%2FCZX3QW&vis=1&dmc=8&scr_x=0&scr_y=0&psz=945x516&msz=945x0&ga_vid=1960804604.1622588307&ga_sid=1622588307&ga_hid=1399321321&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
2b8e1701d64be0e5636bbf8c64a051cbb0e566ddfeb764e09e6ff41c3019b24b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:58:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
230
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bitfly.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
floatern.js
ads.adshort.media/video/ 		259 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adshort.media/video/floatern.js
Requested by
Host: ads.adshort.media
URL: https://ads.adshort.media/video/float_1011.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:23c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f560daca1101514999b3b7fd3c5f87507e52d301abd49925f0208e21a2e43964
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:58:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
956034
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a6b65cfc800004dd006834000000001
last-modified
Wed, 20 Jan 2021 16:29:30 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=m9XkyJPWbv%2BIARyA40gM8M5JrVH5PTgRii3NMbs6%2FfmjpR9QiZov1OQtelM8XFlyN%2B6liTqFxAr6T6nTyppEFYieTSMSvJ0dK1j%2Fdxcb32q%2FJQZt6i9qXbpkGvpri8bbv959l8WdGDYPcpQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=2592000
cf-ray
658c0bf93da94dd0-FRA
expires
Sun, 20 Jun 2021 21:24:33 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://bitfly.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:36:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
15739
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19480
x-xss-protection
0
expires
Wed, 01 Jun 2022 18:36:08 GMT
footer.jpg
bitfly.io/modern_theme/build/img/ 		281 KB
281 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bitfly.io/modern_theme/build/img/footer.jpg
Requested by
Host: bitfly.io
URL: https://bitfly.io/modern_theme/build/css/styles.min.css?ver=6.4.0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:159d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
517ea8293ed64288ce39c63c19b9d3bc425e119b860b2c2637193360cb62c997
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/modern_theme/build/img/footer.jpg
pragma
no-cache
cookie
AppSession=9ftv0b6kgotbv97g4vc2tlt4tr; csrfToken=2b7fd42b2482f29790111fb38657b6d5a39449c870031a585c7af301ad8e7ed69cd931d0f4c0b916acd98373e9bbc285d3faa96abc92b64d62be1a0982b31abc
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bitfly.io
referer
https://bitfly.io/modern_theme/build/css/styles.min.css?ver=6.4.0
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bitfly.io/modern_theme/build/css/styles.min.css?ver=6.4.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:58:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2191844
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
287464
cf-request-id
0a6b65cfda0000d6b5a0833000000001
last-modified
Fri, 04 Sep 2020 16:30:43 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"100974-462e8-5ae7f63e68414"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lrztx5iPNjl9FU0eJbS4RZJszSCMMyZ0fZ8D3YR12Qrk6m2pg4KrTuHDaCS9NZq6eFnSfVfcx7NfBgd4nRDG9M3PO7vnoF9KEIvraWNBJpWfqs5Sc9fWf27PlP4NOkvf1oP7"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-xss-protection
1; mode=block
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
658c0bf9590ed6b5-FRA
expires
Sat, 07 May 2022 14:07:28 GMT
fontawesome-webfont.woff2
bitfly.io/modern_theme/build/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bitfly.io/modern_theme/build/fonts/fontawesome-webfont.woff2
Requested by
Host: bitfly.io
URL: https://bitfly.io/modern_theme/build/css/styles.min.css?ver=6.4.0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:159d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://bitfly.io
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
AppSession=9ftv0b6kgotbv97g4vc2tlt4tr; csrfToken=2b7fd42b2482f29790111fb38657b6d5a39449c870031a585c7af301ad8e7ed69cd931d0f4c0b916acd98373e9bbc285d3faa96abc92b64d62be1a0982b31abc
:path
/modern_theme/build/fonts/fontawesome-webfont.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
bitfly.io
referer
https://bitfly.io/modern_theme/build/css/styles.min.css?ver=6.4.0
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://bitfly.io
Referer
https://bitfly.io/modern_theme/build/css/styles.min.css?ver=6.4.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:58:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4126
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a6b65cfda0000d6b5ac9d0000000001
last-modified
Wed, 26 Aug 2020 22:36:57 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"ff40d-12d68-5adcf7515a77d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CGSIldPGdFDr2dIVFg3EN7MxLh6dalMw0bK%2BQ28JETJ%2BwSy2RuJtf6WXBOc38Un%2Bgb%2BzTsiuXoQvYmGc9fvkywlgt1bgSDcCEKS0wsjF%2BgOANmDJ8tKDG4sAyNFvZAzI03JE"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
x-xss-protection
1; mode=block
cache-control
max-age=14400
cf-ray
658c0bf95911d6b5-FRA
zone
shaidolt.com/ 		732 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shaidolt.com/zone?pub=0&zone_id=3969452&is_mobile=false&domain=bitfly.io&var=&ymid=&var_3=
Requested by
Host: shaidolt.com
URL: https://shaidolt.com/ntfc.php?p=3969452
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.195 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
f4807ed83c91f686e0676acd644e72feb809a57993aa6b4fc1e12dc6906e0576
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Trace-Id
2568cdcc3b69802df1dbf7538916b993
Date
Tue, 01 Jun 2021 22:58:26 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://bitfly.io
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
732
universal.min.js
shaidolt.com/pfe/current/ 		107 KB
38 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shaidolt.com/pfe/current/universal.min.js?v=3.1.293
Requested by
Host: shaidolt.com
URL: https://shaidolt.com/ntfc.php?p=3969452
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.195 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
308c11f11c4190742d17016b1f498aaccb8807540eab270142a382d4787064c8

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Jun 2021 22:58:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 May 2021 12:38:49 GMT
Server
nginx
ETag
W/"609291d9-1ab55"
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
https://bitfly.io
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
recaptcha__en.js
www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/ 		342 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33df66ca469e2de5ae4723c4944b20fd37d65daa2f095b6ec2ff0d70ed6c3d57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://bitfly.io
Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 15:44:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26017
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136431
x-xss-protection
0
last-modified
Tue, 25 May 2021 16:32:01 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Jun 2022 15:44:50 GMT
fac.php
zunsoach.com/ Frame C506 		203 B
647 B 		Document
General
Check archive.org
Download Go to
Full URL
https://zunsoach.com/fac.php
Requested by
Host: zunsoach.com
URL: https://zunsoach.com/5/3782913
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
495aea9781ff09d6ed537dd8eb1bc2fcdc191503ab3df67bed3258f238d78542
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
zunsoach.com
:scheme
https
:path
/fac.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bitfly.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
OAID=d1d0156fd3c84787b2076e239fa34735; oaidts=1622588307
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bitfly.io/

Response headers

server
nginx
date
Tue, 01 Jun 2021 22:58:27 GMT
content-type
text/html; charset=utf8
content-length
203
x-trace-id
cce79d21284d87bd6f532cd46d9c3217
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
pragma
no-cache
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
expires
Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin
* *
strict-transport-security
max-age=1
x-content-type-options
nosniff
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-178495285-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
6424
date
Tue, 01 Jun 2021 21:11:23 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Tue, 01 Jun 2021 23:11:23 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1399321321&t=pageview&_s=1&dl=https%3A%2F%2Fbitfly.io%2FCZX3QW&ul=en-us&de=UTF-8&dt=Bitfly.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=859888891&gjid=664976433&cid=1960804604.1622588307&tid=UA-178495285-1&_gid=117018614.1622588308&_r=1&gtm=2ou5q1&z=1272357920
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 22:58:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bitfly.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.recaptcha.net/recaptcha/api2/ Frame 6C8C 		39 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Le9z8MZAAAAAIOiSMn0Im1pyPvw_Pn61NXVWfnK&co=aHR0cHM6Ly9iaXRmbHkuaW86NDQz&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=normal&cb=m417s1qv9kmv
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a3321e8c72b74df4b388a8e90b5c6cbb6ccf2de74de6d2122d2e89543003ac3f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NoH4cPH/stcVL0c+zuuA2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.recaptcha.net
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Le9z8MZAAAAAIOiSMn0Im1pyPvw_Pn61NXVWfnK&co=aHR0cHM6Ly9iaXRmbHkuaW86NDQz&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=normal&cb=m417s1qv9kmv
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bitfly.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bitfly.io/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 01 Jun 2021 22:58:27 GMT
content-security-policy
script-src 'report-sample' 'nonce-NoH4cPH/stcVL0c+zuuA2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20243
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
img.gif
my.rtmark.net/ Frame C506 		43 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=d1d0156fd3c84787b2076e239fa34735
Requested by
Host: zunsoach.com
URL: https://zunsoach.com/fac.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://zunsoach.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:58:27 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
custom
shaidolt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://shaidolt.com/custom
Protocol
HTTP/1.1
Server
139.45.196.195 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://bitfly.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Tue, 01 Jun 2021 22:58:26 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://bitfly.io
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age
86400
custom
shaidolt.com/ 		39 B
484 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shaidolt.com/custom
Requested by
Host: bitfly.io
URL: https://bitfly.io/CZX3QW
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.195 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
b68acdd52c996a342bd95934d97b5e5a
Date
Tue, 01 Jun 2021 22:58:26 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://bitfly.io
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
sw_3969454.js
bitfly.io/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bitfly.io/sw_3969454.js
Requested by
Host: bitfly.io
URL: https://bitfly.io/CZX3QW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:159d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1246dbb130064584d246652a90f7fae8832c41e1d476b8bf158dbac44bf12b90

Request headers

:path
/sw_3969454.js
pragma
no-cache
cookie
AppSession=9ftv0b6kgotbv97g4vc2tlt4tr; csrfToken=2b7fd42b2482f29790111fb38657b6d5a39449c870031a585c7af301ad8e7ed69cd931d0f4c0b916acd98373e9bbc285d3faa96abc92b64d62be1a0982b31abc; ab=2; __PPU_CHECK=1; __PPU_BACKCLCK_3782913=true; _ga=GA1.2.1960804604.1622588307; _gid=GA1.2.117018614.1622588308; _gat_gtag_UA_178495285_1=1; __gads=ID=9575d4075fc8b942-22cc3c7050c8007f:T=1622588307:S=ALNI_MYP_q42vuHE55i12KVZxoi_3Ul-sQ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
bitfly.io
referer
https://bitfly.io/CZX3QW
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bitfly.io/CZX3QW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:58:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2191836
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a6b65d08d0000d6b5ae269000000001
last-modified
Wed, 24 Feb 2021 16:13:55 GMT
server
cloudflare
etag
W/"60367b43-aaf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2F4c7Gz6r5zVGlWYVmDqIwotN%2FasRdoeFNY%2B08TiRF2csa3mxsMYDzm8JSm1XTaBLQH8JqUkWIBUr639oCLgfBCf3LNcrLtfmAGai4u3hSzebeB9Z79c6BqYV3gVj%2FewLnQt9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
658c0bfa7a59d6b5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
custom
shaidolt.com/ 		39 B
484 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shaidolt.com/custom
Requested by
Host: bitfly.io
URL: https://bitfly.io/CZX3QW
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.195 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
07caf3f5471dd8bc2bbc0ab1ce577de6
Date
Tue, 01 Jun 2021 22:58:26 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://bitfly.io
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
custom
shaidolt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://shaidolt.com/custom
Protocol
HTTP/1.1
Server
139.45.196.195 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://bitfly.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Tue, 01 Jun 2021 22:58:26 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://bitfly.io
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age
86400
styles__ltr.css
www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/ Frame 6C8C 		52 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Le9z8MZAAAAAIOiSMn0Im1pyPvw_Pn61NXVWfnK&co=aHR0cHM6Ly9iaXRmbHkuaW86NDQz&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=normal&cb=m417s1qv9kmv
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 17:28:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 25 May 2021 16:32:01 GMT
server
sffe
age
19804
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
expires
Wed, 01 Jun 2022 17:28:23 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/ Frame 6C8C 		342 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Le9z8MZAAAAAIOiSMn0Im1pyPvw_Pn61NXVWfnK&co=aHR0cHM6Ly9iaXRmbHkuaW86NDQz&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=normal&cb=m417s1qv9kmv
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33df66ca469e2de5ae4723c4944b20fd37d65daa2f095b6ec2ff0d70ed6c3d57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 15:44:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26017
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136431
x-xss-protection
0
last-modified
Tue, 25 May 2021 16:32:01 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Jun 2022 15:44:50 GMT
truncated
/ Frame 6C8C 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6C8C 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 6C8C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/styles__ltr.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 15:46:15 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
25932
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
expires
Tue, 08 Jun 2021 15:46:15 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6C8C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Le9z8MZAAAAAIOiSMn0Im1pyPvw_Pn61NXVWfnK&co=aHR0cHM6Ly9iaXRmbHkuaW86NDQz&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=normal&cb=m417s1qv9kmv
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.recaptcha.net
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:38:42 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
1185
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Wed, 01 Jun 2022 22:38:42 GMT
webworker.js
www.recaptcha.net/recaptcha/api2/ Frame 6C8C 		102 B
132 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S
Requested by
Host: bitfly.io
URL: https://bitfly.io/CZX3QW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6eff65f2a8eb488e25dbca7a506949b599a8f05b522ee54edab296459f8efbcf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Le9z8MZAAAAAIOiSMn0Im1pyPvw_Pn61NXVWfnK&co=aHR0cHM6Ly9iaXRmbHkuaW86NDQz&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=normal&cb=m417s1qv9kmv
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 01 Jun 2021 22:58:27 GMT
gid.js
my.rtmark.net/ 		65 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: in-page-push.com
URL: https://in-page-push.com/400/3588244
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
eedc9ababed50cc5dd5b24fed33dd3f996f8a687c39b5d7468622e67d059de70
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:58:27 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bitfly.io
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
options
zunsoach.com/ 		0
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zunsoach.com/options?option_args=CIHy5gESIGQxZDAxNTZmZDNjODQ3ODdiMjA3NmUyMzlmYTM0NzM1GipodHRwOi8venVuc29hY2guY29tL2FwdS5waHA_em9uZWlkPTM3ODI5MTMiEmh0dHBzOi8vYml0Zmx5LmlvLzIkNjcyYWVmYjYtODQ2Zi00ZDU2LWIyNGItMTMxY2QwZGM0ZDUx
Requested by
Host: zunsoach.com
URL: https://zunsoach.com/5/3782913
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/json

Response headers

x-trace-id
adfb69192344bb442f6fbae4c43e4a78
pragma
no-cache
date
Tue, 01 Jun 2021 22:58:27 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=utf8
access-control-allow-origin
https://bitfly.io
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
content-length
0
expires
Tue, 11 Jan 1994 10:00:00 GMT
options
zunsoach.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://zunsoach.com/options?option_args=CIHy5gESIGQxZDAxNTZmZDNjODQ3ODdiMjA3NmUyMzlmYTM0NzM1GipodHRwOi8venVuc29hY2guY29tL2FwdS5waHA_em9uZWlkPTM3ODI5MTMiEmh0dHBzOi8vYml0Zmx5LmlvLzIkNjcyYWVmYjYtODQ2Zi00ZDU2LWIyNGItMTMxY2QwZGM0ZDUx
Protocol
H2
Server
139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://bitfly.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 01 Jun 2021 22:58:27 GMT
access-control-allow-origin
https://bitfly.io
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
pragma
no-cache
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
expires
Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin
* *
strict-transport-security
max-age=1
x-content-type-options
nosniff
custom
shaidolt.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://shaidolt.com/custom
Protocol
HTTP/1.1
Server
139.45.196.195 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://bitfly.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Tue, 01 Jun 2021 22:58:26 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://bitfly.io
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age
86400
sodar
pagead2.googlesyndication.com/getconfig/ 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04b3d68d47e72bbb22e605a02a392a02feb7ca314e1d8914a257f68caf421259
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 01 Jun 2021 22:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7726
x-xss-protection
0
custom
shaidolt.com/ 		39 B
484 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shaidolt.com/custom
Requested by
Host: bitfly.io
URL: https://bitfly.io/CZX3QW
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.195 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
0404acbe8e5acddb59b4e67840f504ef
Date
Tue, 01 Jun 2021 22:58:26 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://bitfly.io
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Tue, 01 Jun 2021 22:58:27 GMT
3588244
in-page-push.com/500/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://in-page-push.com/500/3588244?excludes=&oaid=d1d0156fd3c84787b2076e239fa34735&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&pl=https%3A%2F%2Fbitfly.io%2FCZX3QW&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Requested by
Host: in-page-push.com
URL: https://in-page-push.com/400/3588244
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
5211fb2ecf9406fc2fb2211edff7cd907c7b93119b819f98adeabea60498f1cc
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
0a8f06f389329e5d4d46fab36bad7d34
pragma
no-cache
date
Tue, 01 Jun 2021 22:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://bitfly.io
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*
expires
Wed, 31 Dec 1969 19:00:00 EST
3588244
in-page-push.com/500/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://in-page-push.com/500/3588244?excludes=&oaid=d1d0156fd3c84787b2076e239fa34735&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&pl=https%3A%2F%2Fbitfly.io%2FCZX3QW&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
H2
Server
139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://bitfly.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 01 Jun 2021 22:58:20 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET
access-control-allow-origin
https://bitfly.io
access-control-max-age
300
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security
max-age=1
x-content-type-options
nosniff
timing-allow-origin
*
bframe
www.recaptcha.net/recaptcha/api2/ Frame 156B 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&k=6Le9z8MZAAAAAIOiSMn0Im1pyPvw_Pn61NXVWfnK&cb=jz1qro7kekfe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8e6780931b0022c8ca4fb9acde07f6f29df1750683213c47f03827c07afe7223
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2D043hOSKoLZ2yHDjJ4pRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.recaptcha.net
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&k=6Le9z8MZAAAAAIOiSMn0Im1pyPvw_Pn61NXVWfnK&cb=jz1qro7kekfe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bitfly.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bitfly.io/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 01 Jun 2021 22:58:27 GMT
content-security-policy
script-src 'report-sample' 'nonce-2D043hOSKoLZ2yHDjJ4pRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1115
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame DE4C 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bitfly.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bitfly.io/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Tue, 01 Jun 2021 21:32:14 GMT
expires
Wed, 01 Jun 2022 21:32:14 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
5173
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 63F8 		783 B
780 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6212ac317089e04c16dff348a910633e01008c0502c1860a22e6c557fd3fc9e4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VLydrOOQHtvmZWXVOviD/w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bitfly.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bitfly.io/

Response headers

expires
Tue, 01 Jun 2021 22:58:27 GMT
date
Tue, 01 Jun 2021 22:58:27 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-VLydrOOQHtvmZWXVOviD/w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/ Frame 156B 		52 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&k=6Le9z8MZAAAAAIOiSMn0Im1pyPvw_Pn61NXVWfnK&cb=jz1qro7kekfe
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 17:28:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 25 May 2021 16:32:01 GMT
server
sffe
age
19804
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
expires
Wed, 01 Jun 2022 17:28:23 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/ Frame 156B 		342 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&k=6Le9z8MZAAAAAIOiSMn0Im1pyPvw_Pn61NXVWfnK&cb=jz1qro7kekfe
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33df66ca469e2de5ae4723c4944b20fd37d65daa2f095b6ec2ff0d70ed6c3d57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 15:44:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26017
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136431
x-xss-protection
0
last-modified
Tue, 25 May 2021 16:32:01 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Jun 2022 15:44:50 GMT
HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js
pagead2.googlesyndication.com/bg/ Frame DE4C 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d9bf0f10749ac9257b89e3c217955f1517e1fc4479f178f0ad6a44ba00105e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 10:36:27 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
age
44520
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5755
x-xss-protection
0
expires
Wed, 01 Jun 2022 10:36:27 GMT
0377052970676.png
static.cdnativepush.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cdnativepush.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/0377052970676.png
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
dfc621aca09ed0c1488b5131d842363a53b81589c81e60fd0de8d639f927acc6

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 22:58:28 GMT
Last-Modified
Thu, 08 Apr 2021 14:22:06 GMT
Server
nginx
ETag
"606f118e-932"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
2354
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052601&jk=3262533518892404&bg=!uLulu__NAAaMan2LjGo7ACkAdvg8Whpex9_Zh8-NkDwAVR7m5jtMfsI9JAihh1J8L8SnzmqDp27NyAIAAAB7UgAAAAtoAQcKAIZyzVFY7LNwwkM1EJqn46x889f4yF8uIpVlBGWxvRnpXfqVQRdBuKY1GRwHC2PfRF-bBQg1MhGoA6U625MK-YUoGRCMD5XOTXg1v9pbqe6dypNNxL_2kW6Tn-kGmd-V3fcu9WVGvmSwaqRI5oA1oJJLgbGtCxWZfJJoZV-nhjuNBqVO4iTUiJkCTG34Rs4VDiNyIx2uHpy4Ij_jtJmhaX0G9-fvoX4f_rda9JW1AYgeWI_4dVPgaqeGEXezVhecxkhnflUDXdpG9ADQ0gdUgiw_T_HOFHTroF1deP2qCTJ6R-u4n795v83PXvfICXRpD4XTZrw_FtDOqpLwPodtmYH9a8ntg4A1oI-BaTfuwYaviGQrSmAptt9IQDS0AmYPQf3rSUXaueSFmEkcR9RfnLTeyJAYVd6lv8sAJ3eErEY2LIKxBqt_6R6jSqlK6_1W4lC9Ym4vtZo1WFX-tAu8eCaWYVWTzRahDwBplbBngcutkeieuLqmNO232VNd4QITFGeggEF5yRGPZm3di-16lfZpysVTGpEuN_o_pAHAgYgrdyT-wpfbaUuUTEWh6KcvRe_G8duEJkEaIxaz0cQDrlqlTxUG5OBWO_VcA76T2RrZJ--awYXktnI9dUm45xztycsNqDTeBnYTUR3h6MBLS_ye7EfAbQwsmlPu_0_AT30RaUoXb_z6WvMMNcfjOBcOvwKFMHjf76RrfdLLrVSsLuHxbeFAkXWDICSDbndsbhbBgAj73TPgoEJ2jNn3mcVdaVh4FBw7KWn9UYB3JbgV6gBXhvilhxa1F4UHQ-ayPbOfcVj_XiDClgYH_zp81byB9Mx6nmyVnHF7NbhQx7G2lE4Sv8yzFUhIwTn3C4u_yC2eQloNu1VidHmvcHh1G20wa_QC5renxVbouvkH3I3fFFuO2Z7LBsEQHS9R5LcV_jwx9TMxqUcUR1MojybtzJmF74WCLeeFNw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Jun 2021 22:58:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
7QBRXuWkD1TpFWr-QZUsjaJN3V-t_EcizT9OPskjPBpgZenSatlIGk1TT0MPuzLMvY4yxH339-nmhejJ_Hi7zVqzMvms8fmbuN_1uP928F4leL3oY3I6sSTO7ft9SzvU_M52w9ohe0hWJbYBGawq8XIZNAP9BbFnJjiTRLw-9T-SJVJnFjfzBxxkVIws5xajcncH2...
forzubatr.com/impression/ 		43 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forzubatr.com/impression/7QBRXuWkD1TpFWr-QZUsjaJN3V-t_EcizT9OPskjPBpgZenSatlIGk1TT0MPuzLMvY4yxH339-nmhejJ_Hi7zVqzMvms8fmbuN_1uP928F4leL3oY3I6sSTO7ft9SzvU_M52w9ohe0hWJbYBGawq8XIZNAP9BbFnJjiTRLw-9T-SJVJnFjfzBxxkVIws5xajcncH2zvaN_shx3yQTOizasAU-VOqKk6EaV1yPopBEtl0FDKdIitKZkN33--qWoQdtlK6IsrimJKy0sSGMH9TmQDr7rTTumKULKtvfaHirlyJ7I91phZb1v3bj1pXLu6-moECsjHAnq9ft_V7V27XZVmrvnhhsWvKcFnLUegwiFxsG_RrHb4ICM2USlhtNK0t-vCNAoYatYjmFyfIK1mleiZxb5EtmEbaiZ1fMNs-vq5nkMKZCEptA0My5g-aLImCZKDz5ULHp41BM9Mu4WvK1-bAc3pln2u4LAOO__EiFEDai2eoE3D4YzVh6RlqPi9y-m-mk0vGkojzZ-hwYI3RX8kyVN8phLuEPkrd4z5-Ey8Ijsv9U5mORcp4HQKl2ny9I4tG4ZcYcPfkhptI8pjXEFtF0i9QHUkTLMLNkdukMXFXjlB6daQTvatGQk8pbTwEfrbvMnqqFaAGqWDNLCHFNXB_co3Xeoe_6XjtZWF0he7XP6VaWCu_Pk6tW0m7ltxwrRx6fqUN4aE=?z=3588244&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=6&pl=https%3A%2F%2Fbitfly.io%2FCZX3QW&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id
7e543e051bb6a5ef0c26d08320e09f26
pragma
no-cache
date
Tue, 01 Jun 2021 22:58:21 GMT
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security
max-age=1
timing-allow-origin
*
content-length
43
expires
Wed, 31 Dec 1969 19:00:00 EST
3588244
in-page-push.com/500/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://in-page-push.com/500/3588244?excludes=9174733&oaid=d1d0156fd3c84787b2076e239fa34735&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=7&pl=https%3A%2F%2Fbitfly.io%2FCZX3QW&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Requested by
Host: in-page-push.com
URL: https://in-page-push.com/400/3588244
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
7315c794c41cb083be2f77c2eaeaf45c21843e229af4591ae2aac3e78777d292
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
e0231a539df016a807f198810b63d281
pragma
no-cache
date
Tue, 01 Jun 2021 22:58:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://bitfly.io
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*
expires
Wed, 31 Dec 1969 19:00:00 EST
3588244
in-page-push.com/500/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://in-page-push.com/500/3588244?excludes=9174733&oaid=d1d0156fd3c84787b2076e239fa34735&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=7&pl=https%3A%2F%2Fbitfly.io%2FCZX3QW&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
H2
Server
139.45.197.15 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://bitfly.io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 01 Jun 2021 22:58:21 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET
access-control-allow-origin
https://bitfly.io
access-control-max-age
300
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security
max-age=1
x-content-type-options
nosniff
timing-allow-origin
*
0377052970676.png
static.cdnativepush.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/ Frame 295C 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cdnativepush.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/0377052970676.png
Requested by
Host: in-page-push.com
URL: https://in-page-push.com/400/3588244
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
dfc621aca09ed0c1488b5131d842363a53b81589c81e60fd0de8d639f927acc6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 22:58:28 GMT
Last-Modified
Thu, 08 Apr 2021 14:22:06 GMT
Server
nginx
ETag
"606f118e-932"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
2354
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		337 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ads.adshort.media
URL: https://ads.adshort.media/video/floatern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be3b48dbe04f652fba8973decb94e84bf9e06fd3b0d0beddfe8859d11ccd7576
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:58:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117995
x-xss-protection
0
expires
Tue, 01 Jun 2021 22:58:28 GMT
urlChecker
app.playstream.media/api/ 		15 B
199 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.playstream.media/api/urlChecker?url=https://bitfly.io/CZX3QW
Requested by
Host: ads.adshort.media
URL: https://ads.adshort.media/video/floatern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.130.218.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.84.218.130.94.clients.your-server.de
Software
nginx/1.17.10 / PHP/7.4.6
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:58:28 GMT
content-encoding
br
server
nginx/1.17.10
x-powered-by
PHP/7.4.6
vary
Origin
content-type
application/json
access-control-allow-origin
https://bitfly.io
cache-control
no-cache, private
0165196649576.png
static.cdnativepush.com/contents/s/61/cb/1e/ce98fb282238519e9996f6ce4c/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cdnativepush.com/contents/s/61/cb/1e/ce98fb282238519e9996f6ce4c/0165196649576.png
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b6283228541f0e36e3c03382a2b73a4cca03df530032a278b8c0c08abfc9cea1

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 22:58:28 GMT
Last-Modified
Mon, 09 Nov 2020 08:52:32 GMT
Server
nginx
ETag
"5fa90350-2fec"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
12268
5476eb37-277e-4487-ac99-9b2f27efe40e
app.playstream.media/api/getVideos/ 		385 B
403 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.playstream.media/api/getVideos/5476eb37-277e-4487-ac99-9b2f27efe40e
Requested by
Host: ads.adshort.media
URL: https://ads.adshort.media/video/floatern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.130.218.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.84.218.130.94.clients.your-server.de
Software
nginx/1.17.10 / PHP/7.4.6
Resource Hash
f6f667e3e7d34f7866b0f85caf579b62a7b7d611111f8071647556f8e974cf95

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 01 Jun 2021 22:58:28 GMT
cache-control
no-cache, private
server
nginx/1.17.10
content-encoding
br
x-powered-by
PHP/7.4.6
content-type
application/json
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
875a318ebf906866ab16eb2e848924b12c38f7d33ae1c6e72244aba92faa9b7b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
270p.m3u8
acdn.flickstree.com/video_teaser_videotone_full/ 		833 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://acdn.flickstree.com/video_teaser_videotone_full/270p.m3u8
Requested by
Host: ads.adshort.media
URL: https://ads.adshort.media/video/floatern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:a00:8:3ed5:e880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c31c1ec5e746a2f0226d4672b0c0817f46abefcb655948ef51fa841334ca158

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:43:52 GMT
via
1.1 69b4ccb4caed8bb6a3a45a0df08d1447.cloudfront.net (CloudFront)
vary
Origin
age
2699
x-cache
Hit from cloudfront
content-length
833
last-modified
Wed, 09 Dec 2020 14:04:14 GMT
server
AmazonS3
etag
"3ed32b4b44d1158338ff9dfd7908787c"
access-control-max-age
0
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
ETag
x-amz-cf-pop
CDG52-P2
accept-ranges
bytes
x-amz-cf-id
KndXXHFDrKHlWo-9huGwt7aLEoDoh6XRKCwgBrKSFzn3O_ay_7NnsQ==
bridge3.462.0_en.html
imasdk.googleapis.com/js/core/ Frame 1534 		574 KB
188 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.462.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36dc1de888fff353fb240c16a48f64b8efbb7a5b56be468972045a6ac782afec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.462.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bitfly.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bitfly.io/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
192530
date
Sun, 30 May 2021 04:30:58 GMT
expires
Mon, 30 May 2022 04:30:58 GMT
last-modified
Thu, 27 May 2021 22:00:58 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
239250
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:58:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Tue, 01 Jun 2021 22:58:28 GMT
integrator.js
adservice.google.nl/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=bitfly.io
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 01 Jun 2021 22:58:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=bitfly.io
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 01 Jun 2021 22:58:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6F37 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:11:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
2789
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Tue, 01 Jun 2021 23:11:59 GMT
270p_000.ts
acdn.flickstree.com/video_teaser_videotone_full/ 		207 KB
208 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://acdn.flickstree.com/video_teaser_videotone_full/270p_000.ts
Requested by
Host: ads.adshort.media
URL: https://ads.adshort.media/video/floatern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:a00:8:3ed5:e880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e0be643e1b79d5d538320b552b5eb2cc806b1e176d0f8ca69b0f663285a4339

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:43:52 GMT
via
1.1 69b4ccb4caed8bb6a3a45a0df08d1447.cloudfront.net (CloudFront)
vary
Origin
age
2697
x-cache
Hit from cloudfront
content-length
212252
last-modified
Wed, 09 Dec 2020 14:04:14 GMT
server
AmazonS3
etag
"5a9c22a7ebea46a9cd1f36bcb17a5ef9"
access-control-max-age
0
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
ETag
x-amz-cf-pop
CDG52-P2
accept-ranges
bytes
x-amz-cf-id
W2eOMVWfRDFWEhMwFPbRruq99BfN4UAdn0JiU8KkkyWY_Qf2f8SnVA==
ad64fab0-17bd-43aa-9231-4923aaa6c454
https://bitfly.io/ 		61 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://bitfly.io/ad64fab0-17bd-43aa-9231-4923aaa6c454
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
98397cb87b3c3358a579b4e61db88aa8817e44d7de204f3e8708d4040295a6ac

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
62383
Content-Type
text/javascript
5476eb37-277e-4487-ac99-9b2f27efe40e
app.playstream.media/api/vmap/ Frame 1534 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.playstream.media/api/vmap/5476eb37-277e-4487-ac99-9b2f27efe40e?height=256&width=455&url=https%3A%2F%2Fbitfly.io%2FCZX3QW
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.462.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.130.218.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.84.218.130.94.clients.your-server.de
Software
nginx/1.17.10 / PHP/7.4.6
Resource Hash
f50b7bd827b091ea32a4e8ba93b44cd7d624aea3cc1878ffddd55117fbd86285

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Tue, 01 Jun 2021 22:58:28 GMT
cache-control
no-cache, private
access-control-allow-credentials
true
server
nginx/1.17.10
x-powered-by
PHP/7.4.6
content-type
text/xml; charset=UTF-8
270p_001.ts
acdn.flickstree.com/video_teaser_videotone_full/ 		178 KB
179 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://acdn.flickstree.com/video_teaser_videotone_full/270p_001.ts
Requested by
Host: ads.adshort.media
URL: https://ads.adshort.media/video/floatern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218f:a00:8:3ed5:e880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e9ef860564ea7ea1d5aecdc1e6236f51641c529dd0b5b6a317af1f8e7cfc672e

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 10:51:02 GMT
via
1.1 69b4ccb4caed8bb6a3a45a0df08d1447.cloudfront.net (CloudFront)
vary
Origin
age
43647
x-cache
Hit from cloudfront
content-length
182172
last-modified
Wed, 09 Dec 2020 14:04:14 GMT
server
AmazonS3
etag
"cc72aeeeb599c8aaed42a33ab2c39d9d"
access-control-max-age
0
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
ETag
x-amz-cf-pop
CDG52-P2
accept-ranges
bytes
x-amz-cf-id
NwaY5Sugbi7chNfUNjDld00T6OcEx8yQnKvmVlG2uPbDvjukxr2c1Q==
ads
pubads.g.doubleclick.net/gampad/ Frame 1534 		156 B
979 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F157165500%2FSPM_Adsolut_Bitfly%2FSPM_Adsolut_Bitfly_Floater_PreRoll&description_url=http%3A%2F%2Fbitfly.io%2F&tfcd=0&npa=0&sz=400x300%7C640x360%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2700359377156853&sdkv=h.3.462.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=3197081657&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fbitfly.io%2Fd2600791-a150-490e-bf11-a3d8802e0348&sid=71285B6B-4116-446F-8693-E32ECB54ABF2&eid=420706109%2C44731965&url=https%3A%2F%2Fbitfly.io%2FCZX3QW&dt=1622588309009&cookie=ID%3D678cf513bb57cd1b-2249274850c8000d%3AT%3D1622588307%3AS%3DALNI_MZXW3FoAu77cvdH372pM_FgvQAANg&scor=3118419572217305&ged=ve4_td2_tt0_pd2_la2000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.462.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:58:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo.png
bitfly.io/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bitfly.io/images/logo.png
Requested by
Host: bitfly.io
URL: https://bitfly.io/CZX3QW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:159d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4756abd045e050f4ab3ead8aec9299b4cc4a15b08e6422642725372b9b2f03bb

Request headers

:path
/images/logo.png
pragma
no-cache
cookie
AppSession=9ftv0b6kgotbv97g4vc2tlt4tr; csrfToken=2b7fd42b2482f29790111fb38657b6d5a39449c870031a585c7af301ad8e7ed69cd931d0f4c0b916acd98373e9bbc285d3faa96abc92b64d62be1a0982b31abc; ab=2; __PPU_CHECK=1; __PPU_BACKCLCK_3782913=true; _ga=GA1.2.1960804604.1622588307; _gid=GA1.2.117018614.1622588308; _gat_gtag_UA_178495285_1=1; __gads=ID=678cf513bb57cd1b-2249274850c8000d:T=1622588307:S=ALNI_MZXW3FoAu77cvdH372pM_FgvQAANg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bitfly.io
referer
https://bitfly.io/CZX3QW
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bitfly.io/CZX3QW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:58:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2191846
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
18964
cf-request-id
0a6b65d8ed0000d6b5e8a06000000001
last-modified
Wed, 02 Sep 2020 01:06:11 GMT
server
cloudflare
etag
"5f4ef003-4a14"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=na7nyyirjMtnybXwrcwN%2FWCj2aS4KEUjOZUi8gnlr75sWVZn1Gmnt9VDsA5XwFvdYyhNJBVctZKGV9SWwF5Kd3wWL9xj%2BfLg3seQohuciqzj6bNegou%2F2b0P9VsOaRz7IwV%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
658c0c07e981d6b5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.png
bitfly.io/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bitfly.io/images/logo.png
Requested by
Host: bitfly.io
URL: https://bitfly.io/CZX3QW
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:159d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4756abd045e050f4ab3ead8aec9299b4cc4a15b08e6422642725372b9b2f03bb

Request headers

:path
/images/logo.png
pragma
no-cache
cookie
AppSession=9ftv0b6kgotbv97g4vc2tlt4tr; csrfToken=2b7fd42b2482f29790111fb38657b6d5a39449c870031a585c7af301ad8e7ed69cd931d0f4c0b916acd98373e9bbc285d3faa96abc92b64d62be1a0982b31abc; ab=2; __PPU_CHECK=1; __PPU_BACKCLCK_3782913=true; _ga=GA1.2.1960804604.1622588307; _gid=GA1.2.117018614.1622588308; _gat_gtag_UA_178495285_1=1; __gads=ID=678cf513bb57cd1b-2249274850c8000d:T=1622588307:S=ALNI_MZXW3FoAu77cvdH372pM_FgvQAANg
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bitfly.io
referer
https://bitfly.io/CZX3QW
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bitfly.io/CZX3QW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:58:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2191846
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
18964
cf-request-id
0a6b65d8fa0000d6b5cd162000000001
last-modified
Wed, 02 Sep 2020 01:06:11 GMT
server
cloudflare
etag
"5f4ef003-4a14"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WHKzadkdHku2Zultl7bcgzUaRP6GlmHPp7hR7dUxhsEHc6NgVv81zFCLh86%2BBxIfKJ9F3hHsPmtsjmB1gAqKlGEVxk1b68hx%2FRuBIZsfLJD86klgDEdQ3UvkXkGI3rNCybjT"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
658c0c07f98dd6b5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
eyWTWn8XqYF9RYDyCXi0gM6vG-yZXUThj5cHxF-BJmLwbmx394d50O0UFUoC1xQO0Sq_WiGLLj-f27Ad-KJkWX90UiXvDysvCEjLFIK_8aDxRTN78GyMoT8oW4uHmiIlElBKuaRHEPR7ErOcAOlhOSTaF-5dulmOfcb6CrntspEa7d3S_Kj1peAyFcmJUdFpUvAjJ...
forzubatr.com/impression/ 		43 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forzubatr.com/impression/eyWTWn8XqYF9RYDyCXi0gM6vG-yZXUThj5cHxF-BJmLwbmx394d50O0UFUoC1xQO0Sq_WiGLLj-f27Ad-KJkWX90UiXvDysvCEjLFIK_8aDxRTN78GyMoT8oW4uHmiIlElBKuaRHEPR7ErOcAOlhOSTaF-5dulmOfcb6CrntspEa7d3S_Kj1peAyFcmJUdFpUvAjJdbJwGaqltKKiNNIJ6ghaP3F7Qm0O7TX9UqAaPHrY0TZDjGBD4jrwXz4-mj3qKtdhS2kZa_X4Cg925Fx759cff5kgN6xtzSz6A7LlQvvDh_VDB63x_wSFUMJd0iwJDJzfdyA_N6ksW40gddsoIvRKkoV02X3KsALSflm84wCB33GrEROTMdv2GqHXVIx83M3osZj2yKNpeESuVL5j0GBpWsCiTEi4Jafmq5VAY7cVlpgYlOu05r0V9NjLiotTP5W3J1p9teFRH2kBL6gkQwiLI4BpMbNtbg_T4mlZGYeHquO01pMCSmpAs9bXKJZTaKdDavbxjrIrYzQTkRrsGxsoEstWjz-qDy8U03es9qkc7rWweSCkp5Q3ZKpDoQLpKTt5FeVz-eg-aPU0_ZP6OvWu7GMlJ0TFDeblf5lFVIpE-7CBv8Dj1GT_nQV6BCJt5MoEekd2i20B3naHJLwvzbhgw834LbjWADepzfqPeSarjUgZpXC1OiCix_KNNFuJ9Cr5bRdiMY=?z=3588244&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=7&pl=https%3A%2F%2Fbitfly.io%2FCZX3QW&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://bitfly.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id
2e0ecc93361daff4891b508c7b9c5d72
pragma
no-cache
date
Tue, 01 Jun 2021 22:58:26 GMT
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security
max-age=1
timing-allow-origin
*
content-length
43
expires
Wed, 31 Dec 1969 19:00:00 EST
0165196649576.png
static.cdnativepush.com/contents/s/61/cb/1e/ce98fb282238519e9996f6ce4c/ Frame 295C 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cdnativepush.com/contents/s/61/cb/1e/ce98fb282238519e9996f6ce4c/0165196649576.png
Requested by
Host: in-page-push.com
URL: https://in-page-push.com/400/3588244
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b6283228541f0e36e3c03382a2b73a4cca03df530032a278b8c0c08abfc9cea1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 01 Jun 2021 22:58:33 GMT
Last-Modified
Mon, 09 Nov 2020 08:52:32 GMT
Server
nginx
ETag
"5fa90350-2fec"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
12268

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| googletag object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal object| ps_floater string| k object| _6k8ep10uqkj object| 8v7564jruot object| zfgformats function| setImmediate function| clearImmediate function| _ivnts function| _zpxam object| s65c object| app_vars object| e object| wow function| fixHeight undefined| captchaShort undefined| captchaContact undefined| captchaSignin undefined| captchaSignup undefined| captchaForgotpassword number| captchaShortlink undefined| invisibleCaptchaShort undefined| invisibleCaptchaContact undefined| invisibleCaptchaSignin undefined| invisibleCaptchaSignup undefined| invisibleCaptchaForgotpassword undefined| invisibleCaptchaShortlink function| onloadRecaptchaCallback function| setCookie function| getCookie object| go_popup function| checkAdblockUser function| checkAdsbypasserUser function| checkPrivateMode object| body string| ad_type object| counter_start_object undefined| selectedTab undefined| clipboard function| setTooltip function| cookie_accept function| $ function| jQuery function| WOW function| ClipboardJS function| gtag object| dataLayer number| cStart number| cEnd function| aPPUReinitialization object| webpushlogs object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager function| onClickTrigger boolean| zfgloadedpopup object| google_tag_data string| GoogleAnalyticsObject function| ga object| regeneratorRuntime object| PlayStream object| gaplugins object| gaData object| sdk object| recaptcha object| closure_lm_510844 boolean| installOnFly object| GoogleGcLKhOms object| google_image_requests object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_162447 object| closure_lm_949451

11 Cookies

Domain/Path Name / Value
zunsoach.com/ Name: OAID
Value: d1d0156fd3c84787b2076e239fa34735
.bitfly.io/ Name: _gat_gtag_UA_178495285_1
Value: 1
.bitfly.io/ Name: _gid
Value: GA1.2.117018614.1622588308
.bitfly.io/ Name: __gads
Value: ID=678cf513bb57cd1b-2249274850c8000d:T=1622588307:S=ALNI_MZXW3FoAu77cvdH372pM_FgvQAANg
.bitfly.io/ Name: _ga
Value: GA1.2.1960804604.1622588307
.bitfly.io/ Name: __PPU_BACKCLCK_3782913
Value: true
bitfly.io/ Name: ab
Value: 2
bitfly.io/ Name: csrfToken
Value: 2b7fd42b2482f29790111fb38657b6d5a39449c870031a585c7af301ad8e7ed69cd931d0f4c0b916acd98373e9bbc285d3faa96abc92b64d62be1a0982b31abc
zunsoach.com/ Name: oaidts
Value: 1622588307
bitfly.io/ Name: __PPU_CHECK
Value: 1
bitfly.io/ Name: AppSession
Value: 9ftv0b6kgotbv97g4vc2tlt4tr

2 Console Messages

Source Level URL
Text
console-api log (Line 1)
Message:
service worker path (u): /sw_3969454.js event domain: https://shaidolt.com
console-api log URL: https://ads.adshort.media/video/floatern.js(Line 2)
Message:
%cPlayStream - %cThe response does not contain any valid ads. color:red; color:red

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.flickstree.com
ads.adshort.media
adservice.google.com
adservice.google.nl
app.playstream.media
bitfly.io
fce824c87fd89e93389d6ef1aaf112b0.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
forzubatr.com
imasdk.googleapis.com
in-page-push.com
l4s.cc
my.rtmark.net
pagead2.googlesyndication.com
pubads.g.doubleclick.net
s0.2mdn.net
securepubads.g.doubleclick.net
shaidolt.com
shockersheva.com
snodlycaccias.com
static.cdnativepush.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
zunsoach.com
139.45.195.8
139.45.196.195
139.45.197.15
139.45.197.188
139.45.197.238
139.45.197.248
142.250.181.226
142.250.185.130
172.255.6.45
2600:9000:218f:a00:8:3ed5:e880:93a1
2606:4700:3031::ac43:96cc
2606:4700:3035::6815:159d
2606:4700:3035::6815:23c7
2a00:1450:4001:800::2001
2a00:1450:4001:800::2003
2a00:1450:4001:803::200a
2a00:1450:4001:809::2004
2a00:1450:4001:810::2008
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2006
2a00:1450:4001:827::200e
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200e
51.75.167.52
94.130.218.84
04b3d68d47e72bbb22e605a02a392a02feb7ca314e1d8914a257f68caf421259
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
1246dbb130064584d246652a90f7fae8832c41e1d476b8bf158dbac44bf12b90
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c31c1ec5e746a2f0226d4672b0c0817f46abefcb655948ef51fa841334ca158
1d9bf0f10749ac9257b89e3c217955f1517e1fc4479f178f0ad6a44ba00105e0
2b8e1701d64be0e5636bbf8c64a051cbb0e566ddfeb764e09e6ff41c3019b24b
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
308c11f11c4190742d17016b1f498aaccb8807540eab270142a382d4787064c8
33df66ca469e2de5ae4723c4944b20fd37d65daa2f095b6ec2ff0d70ed6c3d57
347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca
36dc1de888fff353fb240c16a48f64b8efbb7a5b56be468972045a6ac782afec
387ae00105a57442349d7b83bd0ad289ebf1f1c661acd3bdb789feb5662a39f9
3ce2404bfb5852056fb9d5955708dd8205457612d094f0c0787293d14472ab3d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e2f16072b81a8a803fedb546306f30535627be74b9868d22c3c03cda2378a35
3ec613c52b9415b50d37cf22a29f89882700d595fe447ce49404c2a30d360eba
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
44f150d3e34d3188792477a387c135ea33b6090aaa90aa6de073e6fb5041df70
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
4590e346e3a642255d0d9bec80ed8f9adf89f9f6e9a2fc514d8df9a6ec7090f1
4756abd045e050f4ab3ead8aec9299b4cc4a15b08e6422642725372b9b2f03bb
47a308905cc0408f5b2e3cbc5b54c3311e68fb692a0c3292d901bc81bfa64d14
482186b8a6ac0b84f41dac5f2f82376cda86b09132665824f76cd32d4dc65495
495aea9781ff09d6ed537dd8eb1bc2fcdc191503ab3df67bed3258f238d78542
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e60fcce6d9b7d3773e5553d9c24094c555bddc5b0aef2f6e4d46dc6c326e53c
517ea8293ed64288ce39c63c19b9d3bc425e119b860b2c2637193360cb62c997
5211fb2ecf9406fc2fb2211edff7cd907c7b93119b819f98adeabea60498f1cc
54fe6b487193b650bfbd58c2353a27f947d7308be30f652205ac7c7f92c7e19c
5eaa9d6b2ef974d28c6a444faa1d4d5a4f734cb809cdae0ec4cdb3f10c9e9c8c
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
6212ac317089e04c16dff348a910633e01008c0502c1860a22e6c557fd3fc9e4
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e0be643e1b79d5d538320b552b5eb2cc806b1e176d0f8ca69b0f663285a4339
6eff65f2a8eb488e25dbca7a506949b599a8f05b522ee54edab296459f8efbcf
7315c794c41cb083be2f77c2eaeaf45c21843e229af4591ae2aac3e78777d292
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
875a318ebf906866ab16eb2e848924b12c38f7d33ae1c6e72244aba92faa9b7b
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d450ef5575c1266542dc9c9831d3d338ee4fe3d5db95a93b64fcc4b9d665ba8
8e6780931b0022c8ca4fb9acde07f6f29df1750683213c47f03827c07afe7223
8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d
98397cb87b3c3358a579b4e61db88aa8817e44d7de204f3e8708d4040295a6ac
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a3321e8c72b74df4b388a8e90b5c6cbb6ccf2de74de6d2122d2e89543003ac3f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9deecd3d687dde6711ba915d5f9f3a8434dabf48223c59753e5616580b71bd4
b4b13b091264448af149e519f01f3838360a69f04c20e42583b0a942ca912d4b
b6283228541f0e36e3c03382a2b73a4cca03df530032a278b8c0c08abfc9cea1
be3b48dbe04f652fba8973decb94e84bf9e06fd3b0d0beddfe8859d11ccd7576
bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
dfc621aca09ed0c1488b5131d842363a53b81589c81e60fd0de8d639f927acc6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9ef860564ea7ea1d5aecdc1e6236f51641c529dd0b5b6a317af1f8e7cfc672e
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
eedc9ababed50cc5dd5b24fed33dd3f996f8a687c39b5d7468622e67d059de70
f4807ed83c91f686e0676acd644e72feb809a57993aa6b4fc1e12dc6906e0576
f50b7bd827b091ea32a4e8ba93b44cd7d624aea3cc1878ffddd55117fbd86285
f560daca1101514999b3b7fd3c5f87507e52d301abd49925f0208e21a2e43964
f6f667e3e7d34f7866b0f85caf579b62a7b7d611111f8071647556f8e974cf95
fbca3164c2ab7bb24203a8a79278777279df50ce763ee96a69c2224a432368ed
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881