urlscan.io logo urlscan.io
SecurityTrails logo

gestyy.com Open in urlscan Pro
2606:4700:20::681a:99b  Public Scan

Go To Rescan Add Verdict Report
URL: http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
Submission: On December 02 via manual from PH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 5 countries across 27 domains to perform 68 HTTP transactions. The main IP is 2606:4700:20::681a:99b, located in United States and belongs to CLOUDFLARENET, US. The main domain is gestyy.com.
This is the only time gestyy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2600:9000:215... 16509 (AMAZON-02)
10 139.45.197.250 9002 (RETN-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 13.32.121.11 16509 (AMAZON-02)
6 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a03:2880:f12... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:b4a:1:7:... 39572 (ADVANCEDH...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 139.45.195.8 9002 (RETN-AS)
1 151.101.66.137 54113 (FASTLY)
1 2 139.45.197.238 9002 (RETN-AS)
1 162.247.243.147 13335 (CLOUDFLAR...)
5 139.45.197.181 9002 (RETN-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 139.45.197.240 9002 (RETN-AS)
1 4 2a02:6b8::1:119 208722 (YNDX)
2 139.45.197.251 9002 (RETN-AS)
1 139.45.197.239 9002 (RETN-AS)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
68 28
4    2606:4700:20::681a:99b (United States)

ASN13335 (CLOUDFLARENET, US)
gestyy.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700:20::681a:7da (United States)

ASN13335 (CLOUDFLARENET, US)
static.sh.st
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2600:9000:2156:3000:12:fc33:3bc0:21 (United States)

ASN16509 (AMAZON-02, US)
d301cxwfymy227.cloudfront.net
10    139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)
ptauxofi.net
1    2606:4700:3033::6815:155b (United States)

ASN13335 (CLOUDFLARENET, US)
yqmxfz.com
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:4700:20::681a:56b (United States)

ASN13335 (CLOUDFLARENET, US)
analytics.shorte.st
ads.shorte.st
4    13.32.121.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-11.fra60.r.cloudfront.net
equiremuke.co
6    2606:4700:3037::ac43:ad61 (United States)

ASN13335 (CLOUDFLARENET, US)
connectedit.co
1    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:80f::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a02:b4a:1:7::9273:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
yfetyg.com
1    2606:4700:3030::ac43:dadd (United States)

ASN13335 (CLOUDFLARENET, US)
freychang.fun
3    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    139.45.197.238 (United Kingdom)

ASN9002 (RETN-AS, GB)
shorteh.com
1    162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)
bam-cell.nr-data.net
5    139.45.197.181 (United Kingdom)

ASN9002 (RETN-AS, GB)
ourcoolstories.com
1    2606:4700:10::6816:1974 (United States)

ASN13335 (CLOUDFLARENET, US)
littlecdn.com
3    139.45.197.240 (United Kingdom)

ASN9002 (RETN-AS, GB)
propeller-tracking.com
4    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
2    139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)
yonhelioliskor.com
1    139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)
incorphishor.com
1    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
google.com
2    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
10 ptauxofi.net gestyy.com
ptauxofi.net
6 connectedit.co gestyy.com
d301cxwfymy227.cloudfront.net
5 ourcoolstories.com ourcoolstories.com
4 equiremuke.co d301cxwfymy227.cloudfront.net
4 d301cxwfymy227.cloudfront.net gestyy.com
equiremuke.co
4 gestyy.com gestyy.com
3 mc.yandex.com 1 redirects ourcoolstories.com
3 propeller-tracking.com ourcoolstories.com
propeller-tracking.com
3 my.rtmark.net gestyy.com
shorteh.com
incorphishor.com
3 static.sh.st gestyy.com
2 www.google.com 1 redirects incorphishor.com
2 yonhelioliskor.com ourcoolstories.com
yonhelioliskor.com
2 shorteh.com 1 redirects static.sh.st
2 accounts.google.com gestyy.com
2 www.google-analytics.com gestyy.com
www.google-analytics.com
1 google.com 1 redirects
1 incorphishor.com ourcoolstories.com
1 mc.yandex.ru ourcoolstories.com
1 littlecdn.com ourcoolstories.com
1 bam-cell.nr-data.net js-agent.newrelic.com
1 ads.shorte.st 1 redirects
1 js-agent.newrelic.com gestyy.com
1 freychang.fun d301cxwfymy227.cloudfront.net
1 yfetyg.com yqmxfz.com
1 www.facebook.com gestyy.com
1 analytics.shorte.st static.sh.st
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com gestyy.com
1 yqmxfz.com gestyy.com
1 fonts.googleapis.com gestyy.com
68 30

This site contains links to these domains. Also see Links.

Domain
shorte.st
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
ptauxofi.net
R3		 2021-11-26 -
2022-02-24		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-03 -
2022-06-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
equiremuke.co
Amazon		 2021-12-01 -
2022-12-30		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-10 -
2021-12-09		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
yfetyg.com
R3		 2021-10-19 -
2022-01-17		 3 months crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA		 2021-11-20 -
2022-11-26		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-06 -
2022-11-07		 a year crt.sh
shorteh.com
R3		 2021-11-03 -
2022-02-01		 3 months crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh
ourcoolstories.com
R3		 2021-11-15 -
2022-02-13		 3 months crt.sh
propeller-tracking.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-22 -
2022-11-06		 a year crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
yonhelioliskor.com
R3		 2021-09-13 -
2021-12-12		 3 months crt.sh
incorphishor.com
R3		 2021-11-19 -
2022-02-17		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh

This page contains 6 frames:

Primary Page: http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
Frame ID: 1D2D25BBF533B57DCA8191626E28497B
Requests: 40 HTTP requests in this frame

Frame: http://equiremuke.co/TlZYb1YvNDsCaS9rOkkjPDplSmQIc2opMn1maQwuOTAhAi98ZG9BNSI5LQswPDk2G3ggMyxKZAg1CzpnCwQPPicHPzcFATRmMyYeJjI9XD43MB4tIAQsOx4VJDovLg4tFBMVIQcQIhhjAR4RPAckZmsmHiYDOhYTIh0vIWYvLx0dFH0EYDY/HxcTXBQ5DyAuYwc/YVsVJGI2IwIXARMWNTobMyZuAh4zABU0GzMkFSUQOiduDTUdH2MvHgJeAgpiMyQ/CxoIBWMmMmk+OAEBHlwABj5hDjgYFD0IbyYyaT5zfBQSLCY0Ax8Xc3wUGgIUGTMMOS8tA2kcMH17CQQQCj0wJgIHFBMWDzobDSlhDWUeXQN8Mn1dFC07GjgzGQMuIwQPPRE4EH0cahdzfBA8LD0AHzEHPipnCRodDTUtLGQMOTwBAwYfDFckBRceHDA5HGA6OypvOQEQHTBrAyctAB4cMH0Hai0FdiUWBi4MMy8bLio6FgEwIBwyKg4fcDIcOSAmZSpkKzQpIwQWJi1ZAQ
Frame ID: 7DE73C8061B1D2EEED76942FDC85FCC6
Requests: 2 HTTP requests in this frame

Frame: http://equiremuke.co/T2hGV0kuCiU6di5VJHE8PQR7cnsJTXQRLXxYdzQxOA4/OjB9WnF5KiMHMzMvPQcoI2chDTJyewlQFzp4FgkCHiEOAh8YDRsxAwcPGiQlASU9MDEzIg0RNR8RCyIXGTE7XQsgBD0tLQ55BwZyNBoMMhc2DHoNDyAEaloAARseBgctPRkpdAYEHykpBy0kGzUQD38YExMQKT8FJCwEDzYOAjcYY2ULBz4IcnsJKQI0GhgRchUGGlgHFQ8nWhEVLTgwHhYvGBExHQc3UQQNeHYHBDwTITB0PxMOBT4zLxkcMQ14dgcOZjo8P3QvBw45BB4oIwANMw8jEBIGCzYsBXouFjAvNCgfOTYNAjcEfwAnHVseOnAIKR4FAC4EITYCHj01FR96Bh4vPQEpDh4LAjkIDxN+USkTeCwABD0tDS51FS0AHwQWBR4pfwMYDi0QEHwIKSsvEy0EchArCQQyAxgNEQ49IgA9PBYMKT42Zy1+XTAFLglYFS54GU4sJCYhGHs4OgQZKCQzOx41
Frame ID: B1CC637E382CC89A85DB4C0B4A864A1C
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: EC7BE471FA6E6A7A17A4E7D1FCF2C519
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/?gws_rd=ssl
Frame ID: 83349DB1DAF2499E62A8282611B1ABDA
Requests: 18 HTTP requests in this frame

Frame: https://ourcoolstories.com/templates/_assets/push-skin/skin.html
Frame ID: F030DB1C41730FC060E9F1F5D56471D2
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Earn money on short links. Make short links and earn the biggest money - shorte.stsawssad-ninja-vector-full-export-v2

Page Statistics

68
Requests

71 %
HTTPS

64 %
IPv6

27
Domains

30
Subdomains

28
IPs

5
Countries

644 kB
Transfer

1497 kB
Size

21
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 43
  • http://ads.shorte.st/ads.php?key=2ea5b261f06ca771033a5fa9e22493f1&width=1024&height=768&ch=539723&cp.dest_domain=download.wowdl.net&cp.oid=539723&cp.referrer=&cp.locked=0&cp.proxy=0&cp.quarantine_status=1&cp.vno=1&cp.enc_url=m8JLaqM4p99T02kDaV++c7I1qHq2qsNNyhexrw2WC4WjjnoEHYZYjAsCNOJLhZtBkMBH7qH44SwTQZ3vb0q+mg==&cp.asid=6f22d3815702bb8bd8eb8ea252a58cf149c4c941&title=&description=&keywords=&captcha_verified=0 HTTP 302
  • https://shorteh.com/afu.php?zoneid=1241630
Request Chain 50
  • https://shorteh.com/?z=1241630&syncedCookie=true HTTP 302
  • https://ourcoolstories.com/?s=490182923086222258&ssk=09571c4850c0a53eb055e32fc75f0b23&svar=1638432235&z=1241630&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Request Chain 63
  • https://mc.yandex.com/watch/67238875?wmode=7&page-url=https%3A%2F%2Fourcoolstories.com%2F%3Fs%3D490182923086222258%26ssk%3D09571c4850c0a53eb055e32fc75f0b23%26svar%3D1638432235%26z%3D1241630%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aha6h9sd7uqizm2nl9b%3Afp%3A142%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A715%3Acn%3A1%3Adp%3A0%3Als%3A1244011827523%3Ahid%3A804324124%3Az%3A0%3Ai%3A20211202080356%3Aet%3A1638432236%3Ac%3A1%3Arn%3A711714282%3Arqn%3A1%3Au%3A163843223623045770%3Aw%3A1600x1107%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1638432235860%3Ads%3A6%2C42%2C41%2C1%2C17%2C0%2C%2C28%2C1%2C%2C%2C%2C139%3Adsn%3A6%2C42%2C41%2C1%2C18%2C0%2C%2C32%2C0%2C%2C%2C%2C140%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1638432236%3At%3AZulassen%20dr%C3%BCcken&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/67238875/1?wmode=7&page-url=https%3A%2F%2Fourcoolstories.com%2F%3Fs%3D490182923086222258%26ssk%3D09571c4850c0a53eb055e32fc75f0b23%26svar%3D1638432235%26z%3D1241630%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aha6h9sd7uqizm2nl9b%3Afp%3A142%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A715%3Acn%3A1%3Adp%3A0%3Als%3A1244011827523%3Ahid%3A804324124%3Az%3A0%3Ai%3A20211202080356%3Aet%3A1638432236%3Ac%3A1%3Arn%3A711714282%3Arqn%3A1%3Au%3A163843223623045770%3Aw%3A1600x1107%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1638432235860%3Ads%3A6%2C42%2C41%2C1%2C17%2C0%2C%2C28%2C1%2C%2C%2C%2C139%3Adsn%3A6%2C42%2C41%2C1%2C18%2C0%2C%2C32%2C0%2C%2C%2C%2C140%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1638432236%3At%3AZulassen%20dr%C3%BCcken&t=gdpr%2814%29aw%281%29ti%282%29
Request Chain 68
  • http://google.com/ HTTP 301
  • http://www.google.com/ HTTP 302
  • https://www.google.com/?gws_rd=ssl

68 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request eopsRV
gestyy.com/ 		120 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
Protocol
HTTP/1.1
Server
2606:4700:20::681a:99b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40-0+deb8u13
Resource Hash
dd9445c957df98bf934db24def85c911957ce1adb3f3e3cc6e14fa3f7f63c50d
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Thu, 02 Dec 2021 08:03:54 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/5.6.40-0+deb8u13
Cache-Control
no-cache
X-Frame-Options
DENY
X-Server-ID
shn12
X-UA-Compatible
IE=Edge
Access-Control-Allow-Origin
*
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6pfoIHRL45S3toEa6NCWcYGtnfZBpb6WEtRjQNFzxedyEXp07XpdfxwWeW%2B8CR3a7CJ1yjZc345LhSzxP9xc%2B5Lnam7Oo2unXGfIw%2FEYY%2Bw094lse1RGDr5qaRBvkez5sD9Bv6e33RQ%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6b730a9989374a80-FRA
Content-Encoding
gzip
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:400,700
Requested by
Host: gestyy.com
URL: http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
87eb4c9fa2bd3a95f29b584d8c1154e5d2c137ccbbc8572dedc6218beefa656f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 02 Dec 2021 06:13:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 02 Dec 2021 08:03:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 02 Dec 2021 08:03:54 GMT
tracking.gif
gestyy.com/bundles/advertisement/img/ 		0
755 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://gestyy.com/bundles/advertisement/img/tracking.gif?test=6f22d3815702bb8bd8eb8ea252a58cf149c4c941
Requested by
Host: gestyy.com
URL: http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
Protocol
HTTP/1.1
Server
2606:4700:20::681a:99b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 08:03:54 GMT
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
0
X-UA-Compatible
IE=Edge
Last-Modified
Tue, 02 Nov 2021 10:46:11 GMT
Server
cloudflare
ETag
"618116f3-0"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5EszI3YIX9HSlwaWoR5%2BQFSORTe%2F4XIhYroz9Up3O8cXJXehtFV0ifhHu7vLhzVtcjL%2BlAqDlpEyDCcpaUdNsr%2B%2FgyM0rwTikhWRrAJZJ0fUE5nQRgJMAh0uIiUu4fQ2uidkYK%2F7bSE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-Server-ID
shn12
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
6b730a9a8b034a80-FRA
advertisement-tracking-539723.gif
gestyy.com/bundles/smeweb/img/ 		43 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://gestyy.com/bundles/smeweb/img/advertisement-tracking-539723.gif?t=1638432234
Requested by
Host: gestyy.com
URL: http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
Protocol
HTTP/1.1
Server
2606:4700:20::681a:99b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 08:03:54 GMT
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
43
X-UA-Compatible
IE=Edge
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MOl7NzBoNDC9aWuyfsC8MHytHAmV3pAIrs1PnqJMukxTbCzAgp5VtqWkZhoi3lxzOjvY42kCnKnbmF5cE5PClhnu48b6sEyneYUVdsBDjXh8%2Bdk2PSZ4f3xRzybOSO31Qj2SW6FtObE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-Server-ID
shn11
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
6b730a9adb7b4a80-FRA
tracking-539723.gif
gestyy.com/bundles/smeweb/img/ 		43 B
779 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://gestyy.com/bundles/smeweb/img/tracking-539723.gif?t=1638432234
Requested by
Host: gestyy.com
URL: http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
Protocol
HTTP/1.1
Server
2606:4700:20::681a:99b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 08:03:54 GMT
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
43
X-UA-Compatible
IE=Edge
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XfDvT5r9UQYNC6zr019mU89KdXkBK7FpmtAlsUrvPDapc3HoiWx2jXSk3TGW26NkYd%2FbFB5crv2OnWnSmMJGUDvif78wKrdp%2F5sZuOg%2FIUYSBWNGgsSnb8ZzVKjN3i7y%2B%2BK%2FFK3oW18%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-Server-ID
shn03
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
6b730a9ad9b46922-FRA
logo1707.png
static.sh.st/b5/4c/45/48/be/0d/ca/35/64/1c/e2/75/9d/8f/9e/2c/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.sh.st/b5/4c/45/48/be/0d/ca/35/64/1c/e2/75/9d/8f/9e/2c/logo1707.png?2021-11-02.0
Requested by
Host: gestyy.com
URL: http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
Protocol
HTTP/1.1
Server
2606:4700:20::681a:7da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd7607ab554a8c5af9aed32593ae99aaf0682198dbbd277372e8b663bd98b001

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 08:03:54 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
75097
Connection
keep-alive
Content-Length
6226
X-UA-Compatible
IE=Edge
Last-Modified
Fri, 17 Jul 2015 13:29:04 GMT
Server
cloudflare
ETag
"55a90320-1852"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vFADTu85czv4DIGMiRCvWFWitslUvPTWH8TL4oVZzBxAlJy86ycWYC55xoITXg6UAfseKcdtm%2Ftqlwd%2B5nwVRln%2FAxT01AwUrd38t5xq%2B0nFvjuc3wdnA8DP23Pj84NVLNQRPlXBJN1wSw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
X-Server-ID
shn11
Cache-Control
max-age=86400
Accept-Ranges
bytes
CF-RAY
6b730a9aeae84e6d-FRA
Expires
Thu, 02 Dec 2021 11:12:17 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: gestyy.com
URL: http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
Protocol
H2
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1732
date
Thu, 02 Dec 2021 07:35:03 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 02 Dec 2021 09:35:03 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
interstitial-page.js
static.sh.st/js/packed/ 		79 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.sh.st/js/packed/interstitial-page.js?2021-11-02.0
Requested by
Host: gestyy.com
URL: http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
Protocol
HTTP/1.1
Server
2606:4700:20::681a:7da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39c54f0919d2baea1c89172b3f0bbe2706744643826f319e933b9eb0223e78ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 08:03:54 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
75099
Cf-Polished
origSize=101982
Transfer-Encoding
chunked
Connection
keep-alive
X-UA-Compatible
IE=Edge
Expires
Thu, 02 Dec 2021 11:12:15 GMT
Last-Modified
Tue, 02 Nov 2021 10:47:13 GMT
Server
cloudflare
ETag
W/"61811731-18e5e"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C3ASNHX8XpakCFjV%2BALf6I3ooDE%2FE36TbLq1Jv5xFmm7NRT7kQ2QCYH9lsntkH0iaE5lkZYgbCPzOldvbBTCJDsiD%2B%2F37qtLl8vUv73a%2BsbPgiKXJslbcly0Rr2zY9MYMOeQZdpwYzTMMg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
X-Server-ID
shn05
Cache-Control
max-age=86400
CF-RAY
6b730a9aefc242e1-FRA
Cf-Bgj
minify
/
d301cxwfymy227.cloudfront.net/ 		304 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d301cxwfymy227.cloudfront.net/?fwxcd=925694
Requested by
Host: gestyy.com
URL: http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
Protocol
HTTP/1.1
Server
2600:9000:2156:3000:12:fc33:3bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
eea3222b97ee716a699e47886b2f4471a1257a3362007a874f6c53c87dd1200f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Dec 2021 07:23:42 GMT
Content-Encoding
gzip
Connection
keep-alive
Age
2412
X-Cache
Hit from cloudfront
access-control-allow-origin
*
Cache-Control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
X-Amz-Cf-Pop
FRA50-C1
Content-Length
99188
Via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
X-Amz-Cf-Id
xpH3gTYMVKnG42iDBhcaLmmWZNJ3tcBFqjbjNi-AnOamgTSY_WeKXA==
tag.min.js
ptauxofi.net/pfe/current/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ptauxofi.net/pfe/current/tag.min.js?z=4157053
Requested by
Host: gestyy.com
URL: http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
57a9c6cd97e6b79a42cbcf962f90500d2a0e1ea9c1a56845ee402964b2af5e6d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 08:03:55 GMT
content-encoding
gzip
last-modified
Fri, 19 Nov 2021 12:53:28 GMT
server
nginx
etag
W/"61979e48-3c1d"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
waWQiOjExMDIzNjAsInNpZCI6MTExOTM0NSwid2lkIjoyODEzMjcsInNyYyI6Mn0=eyJ.js
yqmxfz.com/pw/ 		119 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yqmxfz.com/pw/waWQiOjExMDIzNjAsInNpZCI6MTExOTM0NSwid2lkIjoyODEzMjcsInNyYyI6Mn0=eyJ.js
Requested by
Host: gestyy.com
URL: http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:155b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c96e5c31caef7a69880681bfc5a73b423b39610767c463e3fbe444488b5dc38

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 08:03:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
e-tag
7ca5b4639974a42756b4a9a7be5f0fca
age
1734
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 02 Dec 2021 07:35:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtpUlj0m9uKJnt7W2VgZqAxfhC6gHZ8mwvYUrBZj8yTK90gY%2BuC40%2FDxpav75C7ROdtHMZmPR41wXDUoL%2BrG7HXuS%2FZXmGmLnqUez%2Bfpe8CjLxANCGBXcmi2lg3xTYUFBqEz2NWgexhF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://gestyy.com
cache-control
max-age=14400
cf-ray
6b730a9cdc25d6f5-FRA
gtm.js
www.googletagmanager.com/ 		74 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5SFMWPJ
Requested by
Host: gestyy.com
URL: http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6c2f5586dc8758e29d2994722ab3238d2e076441f44bd76cb082309067503238
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 08:03:55 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29866
x-xss-protection
0
last-modified
Thu, 02 Dec 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Dec 2021 08:03:55 GMT
widget-sprite.png
static.sh.st/bundles/smeweb/img/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.sh.st/bundles/smeweb/img/widget-sprite.png?2021-11-02.0
Requested by
Host: gestyy.com
URL: http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
Protocol
HTTP/1.1
Server
2606:4700:20::681a:7da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8146dfca511f063c33c05e13e151ed3d3456441590a4b1358bbc99b320a02b8d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 08:03:54 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
75080
Connection
keep-alive
Content-Length
84545
X-UA-Compatible
IE=Edge
Last-Modified
Tue, 02 Nov 2021 10:46:11 GMT
Server
cloudflare
ETag
"618116f3-14a41"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SqwG9n%2FT29dUQk0IcOWC2EJ3k4Hi7VBDTr2Y3%2FOXl7GBJHzAJKquIZzhnyo3VfJuYcIk5Fn%2FKEr4ed3B8ZRaqz3c15CB6fUicIoiqo22ZJUw1dkhpQCE2g5Ie5pHGn5CXb%2Bzi5odXokxew%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
X-Server-ID
shn13
Cache-Control
max-age=86400
Accept-Ranges
bytes
CF-RAY
6b730a9aea2f5cb6-FRA
Expires
Thu, 02 Dec 2021 11:12:34 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://gestyy.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 17:19:18 GMT
x-content-type-options
nosniff
age
139477
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 19:40:30 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 17:19:18 GMT
displayed
analytics.shorte.st/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
http://analytics.shorte.st/displayed
Protocol
HTTP/1.1
Server
2606:4700:20::681a:56b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-requested-with
Origin
http://gestyy.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Thu, 02 Dec 2021 08:03:55 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Frame-Options
SAMEORIGIN
Referrer-Policy
same-origin
Cache-Control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BXv5nNcHkn53iIHQMKHGEZurOhByjNJ2MchFBGnZ3PInWy44jtfaEyzXEYYLNcL1OOcH65m5qfbWYk3tPWlXpKJ8exgAjRE1Mbf6gbQV4LcumrtaXCm1kWStRPacb0nfTKTDR0hGtr5pl1EJQCeGU5k%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6b730a9cfa992bdd-FRA
Content-Encoding
gzip
displayed
analytics.shorte.st/ 		0
0
/
d301cxwfymy227.cloudfront.net/ 		47 B
453 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d301cxwfymy227.cloudfront.net/
Requested by
Host: gestyy.com
URL: http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3000:12:fc33:3bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0f13250dac3eba96683a13d9c0c14c812448cc2f499a6ad6637a17adf094884d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 07:23:45 GMT
content-encoding
gzip
age
2410
x-cache
Hit from cloudfront
access-control-allow-origin
http://gestyy.com
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-length
73
via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
x-amz-cf-id
-xWFGrgpXVbmQ8V2msmExzvRiymJ0Sk4UamXO9ky96UzytgKmvgP2A==
utx
equiremuke.co/ 		0
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://equiremuke.co/utx?cb=xUei2gNyLric&top=gestyy.com&tid=925694
Requested by
Host: d301cxwfymy227.cloudfront.net
URL: http://d301cxwfymy227.cloudfront.net/?fwxcd=925694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-11.fra60.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 08:03:55 GMT
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
http://gestyy.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
Zg_pjDxUokGbb3szXvbmgQsoJBpqTnasykj7vTXxDOEG7ypCIi2kcg==
CxoIBWMmMmk+OAEBHlwABj5hDjgYFD0IbyYyaT5zfBQSLCY0Ax8Xc3wUGgIUGTMMOS8tA2kcMH17CQQQCj0wJgIHFBMWDzobDSlhDWUeXQN8Mn1dFC07GjgzGQMuIwQPPRE4EH0cahdzfBA8LD0AHzEHPipnCRodDTUtLGQMOTwBAwYfDFckBRceHDA5HGA6OypvO...
equiremuke.co/TlZYb1YvNDsCaS9rOkkjPDplSmQIc2opMn1maQwuOTAhAi98ZG9BNSI5LQswPDk2G3ggMyxKZAg1CzpnCwQPPicHPzcFATRmMyYeJjI9XD43MB4tIAQsOx4VJDovLg4tFBMVIQcQIhhjAR4RPAckZmsmHiYDOhYTIh0vIWYvLx0dFH0EYDY/Hxc... Frame 7DE7 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://equiremuke.co/TlZYb1YvNDsCaS9rOkkjPDplSmQIc2opMn1maQwuOTAhAi98ZG9BNSI5LQswPDk2G3ggMyxKZAg1CzpnCwQPPicHPzcFATRmMyYeJjI9XD43MB4tIAQsOx4VJDovLg4tFBMVIQcQIhhjAR4RPAckZmsmHiYDOhYTIh0vIWYvLx0dFH0EYDY/HxcTXBQ5DyAuYwc/YVsVJGI2IwIXARMWNTobMyZuAh4zABU0GzMkFSUQOiduDTUdH2MvHgJeAgpiMyQ/CxoIBWMmMmk+OAEBHlwABj5hDjgYFD0IbyYyaT5zfBQSLCY0Ax8Xc3wUGgIUGTMMOS8tA2kcMH17CQQQCj0wJgIHFBMWDzobDSlhDWUeXQN8Mn1dFC07GjgzGQMuIwQPPRE4EH0cahdzfBA8LD0AHzEHPipnCRodDTUtLGQMOTwBAwYfDFckBRceHDA5HGA6OypvOQEQHTBrAyctAB4cMH0Hai0FdiUWBi4MMy8bLio6FgEwIBwyKg4fcDIcOSAmZSpkKzQpIwQWJi1ZAQ
Requested by
Host: d301cxwfymy227.cloudfront.net
URL: http://d301cxwfymy227.cloudfront.net/?fwxcd=925694
Protocol
HTTP/1.1
Server
13.32.121.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-11.fra60.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
7feaaccec6c1dd4a6130d53515de689229ba0485c90278bacfc9d5a699cc4d12

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/

Response headers

Content-Type
text/html
Content-Length
1232
Connection
keep-alive
Date
Thu, 02 Dec 2021 08:03:55 GMT
Server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
content-encoding
gzip
X-Cache
Miss from cloudfront
Via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P1
X-Amz-Cf-Id
0eyvoAJaPB0VWzsN3RePiMaRgUv_IsDmXcn2zn-0-8DKuWa23fwT6Q==
utx
equiremuke.co/ 		0
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://equiremuke.co/utx?cb=gGdwOjOpJi8j&top=gestyy.com&tid=934375
Requested by
Host: d301cxwfymy227.cloudfront.net
URL: http://d301cxwfymy227.cloudfront.net/?fwxcd=925694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-11.fra60.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 08:03:55 GMT
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
http://gestyy.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
pi-D69t74knSlvA8_9-5aBQ13k6ad-wX9Sq_3oZQX3xjb-2WP7z2bw==
OjB9WnF5KiMHMzMvPQcoI2chDTJyewlQFzp4FgkCHiEOAh8YDRsxAwcPGiQlASU9MDEzIg0RNR8RCyIXGTE7XQsgBD0tLQ55BwZyNBoMMhc2DHoNDyAEaloAARseBgctPRkpdAYEHykpBy0kGzUQD38YExMQKT8FJCwEDzYOAjcYY2ULBz4IcnsJKQI0GhgRchUGG...
equiremuke.co/T2hGV0kuCiU6di5VJHE8PQR7cnsJTXQRLXxYdzQxOA4/ Frame B1CC 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://equiremuke.co/T2hGV0kuCiU6di5VJHE8PQR7cnsJTXQRLXxYdzQxOA4/OjB9WnF5KiMHMzMvPQcoI2chDTJyewlQFzp4FgkCHiEOAh8YDRsxAwcPGiQlASU9MDEzIg0RNR8RCyIXGTE7XQsgBD0tLQ55BwZyNBoMMhc2DHoNDyAEaloAARseBgctPRkpdAYEHykpBy0kGzUQD38YExMQKT8FJCwEDzYOAjcYY2ULBz4IcnsJKQI0GhgRchUGGlgHFQ8nWhEVLTgwHhYvGBExHQc3UQQNeHYHBDwTITB0PxMOBT4zLxkcMQ14dgcOZjo8P3QvBw45BB4oIwANMw8jEBIGCzYsBXouFjAvNCgfOTYNAjcEfwAnHVseOnAIKR4FAC4EITYCHj01FR96Bh4vPQEpDh4LAjkIDxN+USkTeCwABD0tDS51FS0AHwQWBR4pfwMYDi0QEHwIKSsvEy0EchArCQQyAxgNEQ49IgA9PBYMKT42Zy1+XTAFLglYFS54GU4sJCYhGHs4OgQZKCQzOx41
Requested by
Host: d301cxwfymy227.cloudfront.net
URL: http://d301cxwfymy227.cloudfront.net/?fwxcd=925694
Protocol
HTTP/1.1
Server
13.32.121.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-11.fra60.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
b636e7f8d2c6a9fc553d5b48af17c9d6a7f77b088ca722600badb6a5762345e8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/

Response headers

Content-Type
text/html
Content-Length
1228
Connection
keep-alive
Date
Thu, 02 Dec 2021 08:03:55 GMT
Server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
content-encoding
gzip
X-Cache
Miss from cloudfront
Via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P1
X-Amz-Cf-Id
1TPHwVx0tIwWRhtorwfnJk8z76ipzWEb_wMBSYwfAhjXJpjczaDdjQ==
ejFFWmZVDiYpWytlFCA3AHd1HjcoSwYCNzRwDTUjGVYMGQIdUmMuDx4MfGhTTAhxfBYTVXhrQAlFJC4TCQx0fA8UVypnQAwMdHRVTh93aUhNFzBnV1xFNTsBRwBjKhIOXXhrUEkJcWlUSAJwalVM
connectedit.co/ 		0
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://connectedit.co/ejFFWmZVDiYpWytlFCA3AHd1HjcoSwYCNzRwDTUjGVYMGQIdUmMuDx4MfGhTTAhxfBYTVXhrQAlFJC4TCQx0fA8UVypnQAwMdHRVTh93aUhNFzBnV1xFNTsBRwBjKhIOXXhrUEkJcWlUSAJwalVM
Requested by
Host: gestyy.com
URL: http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:ad61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 08:03:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3TdBx5%2BtGtlrDvef5zXsBIfWT9tzbHZ7BdQ89COgQHaxW5zqTYEno7TB0kLvWQiqmISRBWP4AhWGcXKqyuRIxBONjxcaO5oznlJ7PeZ1C5XEq%2FfUlmV2J3sVBSAXqHSHgaiKz6ym2TGAXiW4Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
6b730a9d7f576922-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: gestyy.com
URL: http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
ServiceLogin
accounts.google.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by
Host: gestyy.com
URL: http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
ServiceLogin
accounts.google.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by
Host: gestyy.com
URL: http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
djBWU3RZDzUgSSADFBo5IwExADwBdTIEIjVWMTtAL2UcdkYwcSF1AB9Ua2pHQgNhZlIGWTJuRVBDIjIAA0NrYlIfXjA8SVBGa2JaRQR4YUdYB3AmSUcWIiMVEQ1ndQQCRDpuRUADbmdHRAJlZkRAAA
connectedit.co/ 		0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://connectedit.co/djBWU3RZDzUgSSADFBo5IwExADwBdTIEIjVWMTtAL2UcdkYwcSF1AB9Ua2pHQgNhZlIGWTJuRVBDIjIAA0NrYlIfXjA8SVBGa2JaRQR4YUdYB3AmSUcWIiMVEQ1ndQQCRDpuRUADbmdHRAJlZkRAAA
Requested by
Host: gestyy.com
URL: http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:ad61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 08:03:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2LiGfPadyuMJE0lfd0L9zpnSzTRl0Xg1D2EorxGLEqovehIRJ8KKUcDHmfk2d59tREQewIMDBQixH1S5zpe3CupKKW5IwKqYpnbqa9NPGtemyraa5qny2tw%2FBvjMk3wLR%2FAv1zlqcePR6SboQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
6b730a9d7f5b6922-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
zone
ptauxofi.net/ 		735 B
1018 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ptauxofi.net/zone?pub=0&zone_id=4157053&is_mobile=false&domain=gestyy.com&var=&ymid=&var_3=
Requested by
Host: ptauxofi.net
URL: https://ptauxofi.net/pfe/current/tag.min.js?z=4157053
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
a957910dfed84ef772accf0a0ceb2e7a55a0de9faf7aa254079760973fbc5932
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-trace-id
c60e13d15bfb623a4e69b96f691feb5f
date
Thu, 02 Dec 2021 08:03:55 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
http://gestyy.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
735
universal.min.js
ptauxofi.net/pfe/current/ 		105 KB
38 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ptauxofi.net/pfe/current/universal.min.js?v=3.1.343
Requested by
Host: ptauxofi.net
URL: https://ptauxofi.net/pfe/current/tag.min.js?z=4157053
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ce751c1a36f19a34d9116b17e472f75bd51357e4f835a5c8a1b36689f56c9099

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 08:03:55 GMT
content-encoding
gzip
last-modified
Fri, 19 Nov 2021 12:53:28 GMT
server
nginx
etag
W/"61979e48-1a3b9"
content-type
application/javascript
access-control-allow-origin
http://gestyy.com
cache-control
no-cache
access-control-allow-credentials
true
collect
www.google-analytics.com/j/ 		2 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1771549704&t=pageview&_s=1&dl=http%3A%2F%2Fgestyy.com%2FeopsRV%3Futm_source%3D%26utm_medium%3DQL%26utm_name%3D1&ul=en-us&de=UTF-8&dt=Earn%20money%20on%20short%20links.%20Make%20short%20links%20and%20earn%20the%20biggest%20money%20-%20shorte.st&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=914333773&gjid=194767017&cid=474181581.1638432235&uid=539723&tid=UA-42296749-1&_gid=1900101580.1638432235&_r=1&_slc=1&cd2=2021-11-02.0&cd7=539723&cd5=0&z=11252076
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://gestyy.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 08:03:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://gestyy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
wnload
yfetyg.com/ 		0
128 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yfetyg.com/wnload?a=1&e=aeyJwaWQiOjExMDIzNjAsInNpZCI6MTExOTM0NSwid2lkIjoyODEzMjcsImQiOiJnZXN0eXkuY29tIiwibGkiOjJ9&tz=0&if=0
Requested by
Host: yqmxfz.com
URL: https://yqmxfz.com/pw/waWQiOjExMDIzNjAsInNpZCI6MTExOTM0NSwid2lkIjoyODEzMjcsInNyYyI6Mn0=eyJ.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:b4a:1:7::9273:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 02 Dec 2021 08:03:55 GMT
access-control-allow-credentials
true
server
nginx/1.18.0
content-length
0
content-type
application/javascript; charset=utf-8
f87c831d-6523-476d-ab4d-853bb883e7bc
http://gestyy.com/ 		91 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:http://gestyy.com/f87c831d-6523-476d-ab4d-853bb883e7bc
Requested by
Host: gestyy.com
URL: http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length
91
Content-Type
application/javascript
ZFBWU1lLbzUgZCsWMWcLIzcGChgcKAMSKRUUOGI9ID05Az0DdiI6PVlpZWdqU2VwIzAAbWd1KhAxIiYqWWNmY2hCOTg1NllgZmNoQiZrYndXZHhhakpncCZkVXYiIzgDbWd1KRAkOm5oUmNuZ2pWYmVmbVBo
connectedit.co/ 		0
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://connectedit.co/ZFBWU1lLbzUgZCsWMWcLIzcGChgcKAMSKRUUOGI9ID05Az0DdiI6PVlpZWdqU2VwIzAAbWd1KhAxIiYqWWNmY2hCOTg1NllgZmNoQiZrYndXZHhhakpncCZkVXYiIzgDbWd1KRAkOm5oUmNuZ2pWYmVmbVBo
Requested by
Host: gestyy.com
URL: http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:ad61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 08:03:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ekhCtHhFNFHBx1fZxAOlN8cosgBmZR57PBfYCYqhJg1yR9TDU8s0olqwLCU5RBM4OUTIUsFeAkXiodYGHf8PqTcguTzbcXZ6Rz9%2Fe%2FLETozqZsJ7JEzsYuRnXw5%2BRn7L1ofpV023IuExy9gWXg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
6b730a9faa8f6910-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
AAA2Z1whICF0DnMcGlVQbFpGB1RhTgNYCWhZVUIZNBwGQlBmWEMASzwGFV5QZVhDAEsjVUIfXmFGQQJDYk4GDFxzHANQCmhZVUEZIQROAFtmUEcCX2dbRgVZbQ
connectedit.co/MW1VaHMeUjYbTmsqZFoQaSsHPjZ3LwY+NWQ/ 		0
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://connectedit.co/MW1VaHMeUjYbTmsqZFoQaSsHPjZ3LwY+NWQ/AAA2Z1whICF0DnMcGlVQbFpGB1RhTgNYCWhZVUIZNBwGQlBmWEMASzwGFV5QZVhDAEsjVUIfXmFGQQJDYk4GDFxzHANQCmhZVUEZIQROAFtmUEcCX2dbRgVZbQ
Requested by
Host: gestyy.com
URL: http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:ad61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 08:03:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5TtnRarM5SVMlCbzQOPlzu7LSoWvzWCMrnlpFe4LFG73ZGyHcjTBG%2Ftc6%2BgsBiC%2Btj4wx%2BllMCU7PwsCy4eoUkJXUYjger73trJTvKFdFq3tBEunNHXEnPHX5cole2iMst9QaXyvioc2e3Xduw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
6b730a9faa8c6910-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
freychang.fun/ 		15 B
721 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://freychang.fun/?f=d56b345256d487a765c8e19bc3389dc2
Requested by
Host: d301cxwfymy227.cloudfront.net
URL: http://d301cxwfymy227.cloudfront.net/?fwxcd=925694
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7c1b2700d7b5eaa2ff7fa0cbce701f1c23b65e45e880411a9940e8e9e32c92a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 08:03:55 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
http://gestyy.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJEqkQsdzdqx344b%2FXgO5UaY8Mk4k5I2YcTYwcXPq1JWaSrgIDEg9ECBtlMG96mzzVE0g3tESRfYsqsKKEETJ71igfF8Kcj1%2FtmPCKCWnzuAoZ0HvB78%2FhJCK2dncAcA77kHRLI9Dzqxtwl6"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
6b730a9fcb744e0d-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
dCkNIihhd1QuKCcuC2BodnUHIT8rKAFsfwJ8Umd9anFSf3lqcVFsf3Q2BS8sNixBewtxdlNnfnJjEXQ
d301cxwfymy227.cloudfront.net/cSU1ERWQqIiojWz0kIHhde3hyfFBvJzcqCjlwAXcBKzwIFzw5OHISQj03IHhUbyElKwN0ayErB3R8YiQAK3BwYxA5Ii94Cj4nLTYWKyctMkI8LHkoCzMkKCkFbH8CcEp5aHZ1TD4kKiELPj5hd1QnOWF3VHh9anVBeg9hd1... Frame 7DE7 		688 B
894 B 		Script
General
Check archive.org
Download Go to
Full URL
http://d301cxwfymy227.cloudfront.net/cSU1ERWQqIiojWz0kIHhde3hyfFBvJzcqCjlwAXcBKzwIFzw5OHISQj03IHhUbyElKwN0ayErB3R8YiQAK3BwYxA5Ii94Cj4nLTYWKyctMkI8LHkoCzMkKCkFbH8CcEp5aHZ1TD4kKiELPj5hd1QnOWF3VHh9anVBeg9hd1Q+JCpzUGx+BmBWeTVycU1sf3-QkFDkhITIBKyYtMUF7C3F2U2d+cmBWeWUvLRAkIWF3J2x/dCkNIihhd1QuKCcuC2BodnUHIT8rKAFsfwJ8Umd9anFSf3lqcVFsf3Q2BS8sNixBewtxdlNnfnJjEXQ
Requested by
Host: equiremuke.co
URL: http://equiremuke.co/TlZYb1YvNDsCaS9rOkkjPDplSmQIc2opMn1maQwuOTAhAi98ZG9BNSI5LQswPDk2G3ggMyxKZAg1CzpnCwQPPicHPzcFATRmMyYeJjI9XD43MB4tIAQsOx4VJDovLg4tFBMVIQcQIhhjAR4RPAckZmsmHiYDOhYTIh0vIWYvLx0dFH0EYDY/HxcTXBQ5DyAuYwc/YVsVJGI2IwIXARMWNTobMyZuAh4zABU0GzMkFSUQOiduDTUdH2MvHgJeAgpiMyQ/CxoIBWMmMmk+OAEBHlwABj5hDjgYFD0IbyYyaT5zfBQSLCY0Ax8Xc3wUGgIUGTMMOS8tA2kcMH17CQQQCj0wJgIHFBMWDzobDSlhDWUeXQN8Mn1dFC07GjgzGQMuIwQPPRE4EH0cahdzfBA8LD0AHzEHPipnCRodDTUtLGQMOTwBAwYfDFckBRceHDA5HGA6OypvOQEQHTBrAyctAB4cMH0Hai0FdiUWBi4MMy8bLio6FgEwIBwyKg4fcDIcOSAmZSpkKzQpIwQWJi1ZAQ
Protocol
HTTP/1.1
Server
2600:9000:2156:3000:12:fc33:3bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
80015d6f0abcc16f1dc20b62befd496a2d649447d498885a6dea4cf3ad30d751

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://equiremuke.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 08:03:55 GMT
Content-Encoding
gzip
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Miss from cloudfront
access-control-allow-origin
*
Cache-Control
max-age=31556926
Connection
keep-alive
Content-Length
507
Via
1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
X-Amz-Cf-Id
8QTojNkNgLXEOUgTfpqX6KHJyJ-b6NyyK4todiK_rWJbyFIhqsSZ1Q==
ADcSWy4BOU0ABFh2WBdwXXAfWywJNx9BZ19oBkZnX2hZAmxdfVtwZ19oH1ssW2xNAQBIalhKdFlxTQByDC-gYXicaPQpZKxl9WnR3Xm9GAXRIalgaKQUsBV5nXxtNAHIBMQNXZ19oD1chBjdBF3BdOwBALQA9TQAEVG5GAmxZbl4GbFltTQByHjkOUzAEfVp0d15v...
d301cxwfymy227.cloudfront.net/8Qm1YaDIhAjYODTYEPFULcVlrXwdkBysHXDJQNxt5MwMrEkY0Hn4cSCZQaE5eIwM/VRQnAztVA2QMPAoPdkssGF0pUDYfWCseKgpYKxp+HVN/ Frame B1CC 		646 B
859 B 		Script
General
Check archive.org
Download Go to
Full URL
http://d301cxwfymy227.cloudfront.net/8Qm1YaDIhAjYODTYEPFULcVlrXwdkBysHXDJQNxt5MwMrEkY0Hn4cSCZQaE5eIwM/VRQnAztVA2QMPAoPdkssGF0pUDYfWCseKgpYKxp+HVN/ADcSWy4BOU0ABFh2WBdwXXAfWywJNx9BZ19oBkZnX2hZAmxdfVtwZ19oH1ssW2xNAQBIalhKdFlxTQByDC-gYXicaPQpZKxl9WnR3Xm9GAXRIalgaKQUsBV5nXxtNAHIBMQNXZ19oD1chBjdBF3BdOwBALQA9TQAEVG5GAmxZbl4GbFltTQByHjkOUzAEfVp0d15vRgF0Sy1V
Requested by
Host: equiremuke.co
URL: http://equiremuke.co/T2hGV0kuCiU6di5VJHE8PQR7cnsJTXQRLXxYdzQxOA4/OjB9WnF5KiMHMzMvPQcoI2chDTJyewlQFzp4FgkCHiEOAh8YDRsxAwcPGiQlASU9MDEzIg0RNR8RCyIXGTE7XQsgBD0tLQ55BwZyNBoMMhc2DHoNDyAEaloAARseBgctPRkpdAYEHykpBy0kGzUQD38YExMQKT8FJCwEDzYOAjcYY2ULBz4IcnsJKQI0GhgRchUGGlgHFQ8nWhEVLTgwHhYvGBExHQc3UQQNeHYHBDwTITB0PxMOBT4zLxkcMQ14dgcOZjo8P3QvBw45BB4oIwANMw8jEBIGCzYsBXouFjAvNCgfOTYNAjcEfwAnHVseOnAIKR4FAC4EITYCHj01FR96Bh4vPQEpDh4LAjkIDxN+USkTeCwABD0tDS51FS0AHwQWBR4pfwMYDi0QEHwIKSsvEy0EchArCQQyAxgNEQ49IgA9PBYMKT42Zy1+XTAFLglYFS54GU4sJCYhGHs4OgQZKCQzOx41
Protocol
HTTP/1.1
Server
2600:9000:2156:3000:12:fc33:3bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ba2754aff6e8a94e3eaaa03f0f30502982c5fe263dca8d7fceeef63284cb75ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://equiremuke.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 08:03:55 GMT
Content-Encoding
gzip
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Miss from cloudfront
access-control-allow-origin
*
Cache-Control
max-age=31556926
Connection
keep-alive
Content-Length
472
Via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
X-Amz-Cf-Id
0vz4HWv92c4HpSAKDKCdeecyYbCyHwaHNojUgzZzXlNL-ShQXEb7dg==
custom
ptauxofi.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ptauxofi.net/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://gestyy.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 02 Dec 2021 08:03:55 GMT
content-type
text/plain; charset=utf-8
content-length
0
access-control-allow-origin
http://gestyy.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age
86400
custom
ptauxofi.net/ 		39 B
320 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ptauxofi.net/custom
Requested by
Host: gestyy.com
URL: http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://gestyy.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
321ec3f3c0ddadc9b21fcc2a1cbe5fd6
date
Thu, 02 Dec 2021 08:03:55 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
http://gestyy.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39
gid.js
my.rtmark.net/ 		65 B
540 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=999c6673a83f4c3089e5271263d378ab&zoneId=4157053&checkDuplicate=true&ymid=&var=
Requested by
Host: gestyy.com
URL: http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b0886a203b4a8452136091091a4555fd6421c05c3e2fe74ccc9afed5b1637055
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 08:03:55 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://gestyy.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
defaultSkin.min.js
ptauxofi.net/pfe/current/ 		56 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ptauxofi.net/pfe/current/defaultSkin.min.js
Requested by
Host: gestyy.com
URL: http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 08:03:55 GMT
content-encoding
gzip
last-modified
Fri, 19 Nov 2021 12:53:28 GMT
server
nginx
etag
W/"61979e48-df63"
content-type
application/javascript
access-control-allow-origin
http://gestyy.com
cache-control
no-cache
access-control-allow-credentials
true
truncated
/ Frame EC7B 		255 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
custom
ptauxofi.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ptauxofi.net/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://gestyy.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 02 Dec 2021 08:03:55 GMT
content-type
text/plain; charset=utf-8
content-length
0
access-control-allow-origin
http://gestyy.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age
86400
custom
ptauxofi.net/ 		39 B
321 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ptauxofi.net/custom
Requested by
Host: gestyy.com
URL: http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://gestyy.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
2aaa4d0ebfeb224c07be7f5bd067bce4
date
Thu, 02 Dec 2021 08:03:55 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
http://gestyy.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39
nr-1212.min.js
js-agent.newrelic.com/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1212.min.js
Requested by
Host: gestyy.com
URL: http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e8fd6832e13fca9622a46af5fddb394c358ef083d84002896aca34613d77780e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
S6r4yaeB6jo_ZylmZ_5cM21n7ZH1t6gc
content-encoding
gzip
etag
"9dfe540eb31e6fc0e0dddd91e3511f68"
x-amz-request-id
YXKSRKQXSAVQSE4H
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
12828
x-amz-id-2
O4JKwZC9VFoJXBRd/NFCO0gPTS39j/XLNaWXaKgHazkl5CgZvT66crlfLN37ZUtrHbYn5R9QuA4=
x-served-by
cache-fra19161-FRA
last-modified
Thu, 04 Nov 2021 21:16:16 GMT
server
AmazonS3
x-timer
S1638432236.676488,VS0,VE0
date
Thu, 02 Dec 2021 08:03:55 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
6141
afu.php
shorteh.com/ Frame 8334
Redirect Chain
  • http://ads.shorte.st/ads.php?key=2ea5b261f06ca771033a5fa9e22493f1&width=1024&height=768&ch=539723&cp.dest_domain=download.wowdl.net&cp.oid=539723&cp.referrer=&cp.locked=0&cp.proxy=0&cp.quarantine_s...
  • https://shorteh.com/afu.php?zoneid=1241630
6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shorteh.com/afu.php?zoneid=1241630
Requested by
Host: static.sh.st
URL: http://static.sh.st/js/packed/interstitial-page.js?2021-11-02.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
463d2194d71e637aeb688557de6e915540b6c10177c57b7eba183996ef6a0a13
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/

Response headers

server
nginx
date
Thu, 02 Dec 2021 08:03:55 GMT
content-type
text/html; charset=utf8
x-trace-id
c78bd213399aea05e46213dbcc28e4e9
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age
86400
pragma
no-cache
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
expires
Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin
* *
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip

Redirect headers

Date
Thu, 02 Dec 2021 08:03:55 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.6.40-0+deb8u13
Cache-Control
max-age=0, must-revalidate, no-store, private, s-maxage=0
Location
https://shorteh.com/afu.php?zoneid=1241630
X-Server-ID
shn06
X-UA-Compatible
IE=Edge
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQ5gqPTQJuWsU23wnbUddStlv6%2FU7qRY4L8LXO8sAKZhAnTWWZfMC7tQnaLY15SVjvE4HPI2tDE48VYXDI8R8XTlGWudQmN0j2hYVpETiC0dN3tPCzjZhzLMlJbt2bK70MsEd4l15jxmOEM%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6b730aa0ff0c2488-FRA
custom
ptauxofi.net/ 		39 B
321 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ptauxofi.net/custom
Requested by
Host: gestyy.com
URL: http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://gestyy.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
a4b87605db68a10a6a5834231f0d0fd7
date
Thu, 02 Dec 2021 08:03:55 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
http://gestyy.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39
custom
ptauxofi.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ptauxofi.net/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://gestyy.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 02 Dec 2021 08:03:55 GMT
content-type
text/plain; charset=utf-8
content-length
0
access-control-allow-origin
http://gestyy.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age
86400
28e0508023
bam-cell.nr-data.net/1/ 		49 B
715 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/28e0508023?a=9451001&v=1212.e95d35c&to=NFRQZUVRChECVxINXA0ec1JDWQsMTEcOC0EXVEFFGVEAFAZGEg1ABlxXX0MeFwoMRhIBQBduR0NbHg0MF1EUF0cKRVtQW28UAwRR&rst=1224&ck=1&ref=http://gestyy.com/eopsRV&ap=99&be=186&fe=1190&dc=613&perf=%7B%22timing%22:%7B%22of%22:1638432234463,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:10,%22c%22:10,%22ce%22:12,%22rq%22:12,%22rp%22:164,%22rpe%22:178,%22dl%22:166,%22di%22:613,%22ds%22:613,%22de%22:614,%22dc%22:1190,%22l%22:1190,%22le%22:1194%7D,%22navigation%22:%7B%7D%7D&fp=241&fcp=241&at=GBNTEw1LGR8%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1212.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 08:03:56 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
6b730aa13e671f29-FRA
popunder.gif
connectedit.co/ 		35 B
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://connectedit.co/popunder.gif
Protocol
HTTP/1.1
Server
2606:4700:3037::ac43:ad61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 08:03:55 GMT
content-encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
35965
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
58
pragma
public
Last-Modified
Wed, 01 Dec 2021 22:04:30 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=om%2B7KOCy4%2B3q5SiipCkR%2FVqvyOAyKnGVNqCyyKdSmXBKSLHelxJIIX6wi8781h1T2AzzWtHxqtKI4f7bfY42JMcw0rRRhq%2Bvm0C3WDpLJTuo30Dd6FWBoBGU4WIdn1W9k2ou0IHnpQ52DC6jMg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
Accept-Ranges
bytes
CF-RAY
6b730aa15f7ed6cd-FRA
popunder.gif
connectedit.co/ 		35 B
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://connectedit.co/popunder.gif
Requested by
Host: d301cxwfymy227.cloudfront.net
URL: http://d301cxwfymy227.cloudfront.net/?fwxcd=925694
Protocol
HTTP/1.1
Server
2606:4700:3037::ac43:ad61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 08:03:55 GMT
content-encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
35965
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
58
pragma
public
Last-Modified
Wed, 01 Dec 2021 22:04:30 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdVHpdjT%2B58ljJ8GxNNvWJpZdZfgDQaqPdlrKBUbRT%2BlOeGC5ARxSjbIE5lllTBHezdlhOBP1kwgSB54CRY1DwlCOQu7A%2F61ZSKHM94GB2NlDuVALFkJA7cma8nIBB9VXIY28zARvLPaMQKjjA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
Accept-Ranges
bytes
CF-RAY
6b730aa1afc6d6cd-FRA
img.gif
my.rtmark.net/ Frame 8334 		43 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=1e38f9d2f3ab4676b225d565e889a0eb
Requested by
Host: shorteh.com
URL: https://shorteh.com/afu.php?zoneid=1241630
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://shorteh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 08:03:55 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
/
ourcoolstories.com/ Frame 8334
Redirect Chain
  • https://shorteh.com/?z=1241630&syncedCookie=true
  • https://ourcoolstories.com/?s=490182923086222258&ssk=09571c4850c0a53eb055e32fc75f0b23&svar=1638432235&z=1241630&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
34 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ourcoolstories.com/?s=490182923086222258&ssk=09571c4850c0a53eb055e32fc75f0b23&svar=1638432235&z=1241630&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.181 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.24
Resource Hash
1198768aaf3006a06b233f4bef7d98869a5b87202b4c3876938a24f61236a8a1

Request headers

Upgrade-Insecure-Requests
1
Origin
https://shorteh.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Thu, 02 Dec 2021 08:03:55 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/7.4.24
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding
gzip

Redirect headers

server
nginx
date
Thu, 02 Dec 2021 08:03:55 GMT
content-length
0
location
https://ourcoolstories.com/?s=490182923086222258&ssk=09571c4850c0a53eb055e32fc75f0b23&svar=1638432235&z=1241630&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
x-trace-id
841c496f80991bc858b1cfd59289a696
link
<https://ourcoolstories.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
referrer-policy
no-referrer
access-control-allow-origin
https://shorteh.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age
86400
pragma
no-cache
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
expires
Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin
* *
strict-transport-security
max-age=1
x-content-type-options
nosniff
inapp.min.js
littlecdn.com/apps/templates/_assets/scripts/ Frame 8334 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://littlecdn.com/apps/templates/_assets/scripts/inapp.min.js
Requested by
Host: ourcoolstories.com
URL: https://ourcoolstories.com/?s=490182923086222258&ssk=09571c4850c0a53eb055e32fc75f0b23&svar=1638432235&z=1241630&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53ba3541ae765b293259fff16bf4599fb18295116b19d6b928e74d55f67b57a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ourcoolstories.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 08:03:56 GMT
content-encoding
br
cf-cache-status
HIT
age
5473
last-modified
Tue, 30 Nov 2021 16:05:42 GMT
server
cloudflare
etag
W/"61a64bd6-54ed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=14400
cf-ray
6b730aa32e3018e5-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
fv.js
propeller-tracking.com/ Frame 8334 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://propeller-tracking.com/fv.js?t=71022&cb=1697474202
Requested by
Host: ourcoolstories.com
URL: https://ourcoolstories.com/?s=490182923086222258&ssk=09571c4850c0a53eb055e32fc75f0b23&svar=1638432235&z=1241630&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ourcoolstories.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 08:03:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-trace-id
43cf76eee9925a1336e3b1c8ecf8bf73
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers
Authorization
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires
Tue, 11 Jan 1994 10:00:00 GMT
tag.js
mc.yandex.ru/metrika/ Frame 8334 		192 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: ourcoolstories.com
URL: https://ourcoolstories.com/?s=490182923086222258&ssk=09571c4850c0a53eb055e32fc75f0b23&svar=1638432235&z=1241630&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
63cce1521fcd97e195120a05274cd014773a4cb4ef37d4faa70c2bb8ecb9d999
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ourcoolstories.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 08:03:56 GMT
content-encoding
br
last-modified
Wed, 01 Dec 2021 15:22:37 GMT
etag
"61a7690d-10572"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
66930
expires
Thu, 02 Dec 2021 09:03:56 GMT
micro.tag.min.js
yonhelioliskor.com/pfe/current/ Frame 8334 		83 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yonhelioliskor.com/pfe/current/micro.tag.min.js?z=4662709&ymid=490182923086222258&var=1241630&sw=/sw-check-permissions/4662709
Requested by
Host: ourcoolstories.com
URL: https://ourcoolstories.com/?s=490182923086222258&ssk=09571c4850c0a53eb055e32fc75f0b23&svar=1638432235&z=1241630&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
0e068718b52a629da7626aa4f6f674bd197376475f04844178e276b88695c50c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ourcoolstories.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 08:03:56 GMT
content-encoding
gzip
last-modified
Fri, 19 Nov 2021 12:53:28 GMT
server
nginx
etag
W/"61979e48-14bc2"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
truncated
/ Frame 8334 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
skin.html
ourcoolstories.com/templates/_assets/push-skin/ Frame F030 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ourcoolstories.com/templates/_assets/push-skin/skin.html
Requested by
Host: ourcoolstories.com
URL: https://ourcoolstories.com/?s=490182923086222258&ssk=09571c4850c0a53eb055e32fc75f0b23&svar=1638432235&z=1241630&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.181 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
87ff48a9cd88a4c7f8611fbbf68b4da09401553cad4f8f23ae71cf4aef0a4a08
Security Headers
Name Value
Strict-Transport-Security max-age=60
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ourcoolstories.com/?s=490182923086222258&ssk=09571c4850c0a53eb055e32fc75f0b23&svar=1638432235&z=1241630&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Response headers

Server
nginx
Date
Thu, 02 Dec 2021 08:03:55 GMT
Content-Type
text/html
Last-Modified
Tue, 30 Nov 2021 16:05:42 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
ETag
W/"61a64bd6-a84"
Strict-Transport-Security
max-age=60
X-Content-Type-Options
nosniff
Content-Encoding
gzip
/
ourcoolstories.com/ Frame 8334 		2 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ourcoolstories.com/?s=490182923086222258&ssk=09571c4850c0a53eb055e32fc75f0b23&svar=1638432235&z=1241630&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&mprtr=1
Requested by
Host: ourcoolstories.com
URL: https://ourcoolstories.com/?s=490182923086222258&ssk=09571c4850c0a53eb055e32fc75f0b23&svar=1638432235&z=1241630&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.181 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.24
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ourcoolstories.com/?s=490182923086222258&ssk=09571c4850c0a53eb055e32fc75f0b23&svar=1638432235&z=1241630&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 08:03:56 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.24
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
skin.css
ourcoolstories.com/templates/_assets/push-skin/ Frame F030 		23 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ourcoolstories.com/templates/_assets/push-skin/skin.css
Requested by
Host: ourcoolstories.com
URL: https://ourcoolstories.com/templates/_assets/push-skin/skin.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.181 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
078f8d637ba3c9b35da7e4392c083232c392aa968c6c4c3af030e7fb9d5d6d17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ourcoolstories.com/templates/_assets/push-skin/skin.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 08:03:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Nov 2021 16:05:42 GMT
Server
nginx
ETag
W/"61a64bd6-5cf1"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
skin.min.js
ourcoolstories.com/templates/_assets/push-skin/ Frame F030 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ourcoolstories.com/templates/_assets/push-skin/skin.min.js
Requested by
Host: ourcoolstories.com
URL: https://ourcoolstories.com/templates/_assets/push-skin/skin.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.181 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2850867d45189af6747c0e88fcf55922006b36e447035be87adf4df1046a064d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ourcoolstories.com/templates/_assets/push-skin/skin.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 02 Dec 2021 08:03:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Nov 2021 16:05:42 GMT
Server
nginx
ETag
W/"61a64bd6-6d48"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
vctx
propeller-tracking.com/ Frame 8334 		0
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propeller-tracking.com/vctx?t=71022
Requested by
Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=1697474202
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ourcoolstories.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-trace-id
071b463cc2242ef659b1f372d3e42b3f
pragma
no-cache
date
Thu, 02 Dec 2021 08:03:56 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ourcoolstories.com
access-control-expose-headers
Authorization
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires
Tue, 11 Jan 1994 10:00:00 GMT
zone
yonhelioliskor.com/ Frame 8334 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yonhelioliskor.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=ourcoolstories.com&var=1241630&ymid=490182923086222258&var_3=&dsig=&action=prerequest
Requested by
Host: yonhelioliskor.com
URL: https://yonhelioliskor.com/pfe/current/micro.tag.min.js?z=4662709&ymid=490182923086222258&var=1241630&sw=/sw-check-permissions/4662709
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://ourcoolstories.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-trace-id
7d5192937fd6d44ea7cf0153e0a67b17
date
Thu, 02 Dec 2021 08:03:56 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-origin
https://ourcoolstories.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
0
vbl
propeller-tracking.com/ Frame 8334 		0
493 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://propeller-tracking.com/vbl?t=71022&bid=undefined&aid=undefined
Requested by
Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=71022&cb=1697474202
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://ourcoolstories.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-trace-id
0083e4f257ad7fb681b0b3650be639e2
pragma
no-cache
date
Thu, 02 Dec 2021 08:03:56 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://ourcoolstories.com
access-control-expose-headers
Authorization
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires
Tue, 11 Jan 1994 10:00:00 GMT
1
mc.yandex.com/watch/67238875/ Frame 8334
Redirect Chain
  • https://mc.yandex.com/watch/67238875?wmode=7&page-url=https%3A%2F%2Fourcoolstories.com%2F%3Fs%3D490182923086222258%26ssk%3D09571c4850c0a53eb055e32fc75f0b23%26svar%3D1638432235%26z%3D1241630%26pz%3D...
  • https://mc.yandex.com/watch/67238875/1?wmode=7&page-url=https%3A%2F%2Fourcoolstories.com%2F%3Fs%3D490182923086222258%26ssk%3D09571c4850c0a53eb055e32fc75f0b23%26svar%3D1638432235%26z%3D1241630%26pz%...
331 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/67238875/1?wmode=7&page-url=https%3A%2F%2Fourcoolstories.com%2F%3Fs%3D490182923086222258%26ssk%3D09571c4850c0a53eb055e32fc75f0b23%26svar%3D1638432235%26z%3D1241630%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aha6h9sd7uqizm2nl9b%3Afp%3A142%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A715%3Acn%3A1%3Adp%3A0%3Als%3A1244011827523%3Ahid%3A804324124%3Az%3A0%3Ai%3A20211202080356%3Aet%3A1638432236%3Ac%3A1%3Arn%3A711714282%3Arqn%3A1%3Au%3A163843223623045770%3Aw%3A1600x1107%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1638432235860%3Ads%3A6%2C42%2C41%2C1%2C17%2C0%2C%2C28%2C1%2C%2C%2C%2C139%3Adsn%3A6%2C42%2C41%2C1%2C18%2C0%2C%2C32%2C0%2C%2C%2C%2C140%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1638432236%3At%3AZulassen%20dr%C3%BCcken&t=gdpr%2814%29aw%281%29ti%282%29
Requested by
Host: ourcoolstories.com
URL: https://ourcoolstories.com/?s=490182923086222258&ssk=09571c4850c0a53eb055e32fc75f0b23&svar=1638432235&z=1241630&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
54dad09ba42c34cd783f8c1ff2a1a07b035fb527d08f2fd8afbc29e2f1d15af7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ourcoolstories.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 08:03:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 02-Dec-2021 08:03:56 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ourcoolstories.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Thu, 02-Dec-2021 08:03:56 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Dec 2021 08:03:56 GMT
last-modified
Thu, 02-Dec-2021 08:03:56 GMT
location
/watch/67238875/1?wmode=7&page-url=https%3A%2F%2Fourcoolstories.com%2F%3Fs%3D490182923086222258%26ssk%3D09571c4850c0a53eb055e32fc75f0b23%26svar%3D1638432235%26z%3D1241630%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aha6h9sd7uqizm2nl9b%3Afp%3A142%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A715%3Acn%3A1%3Adp%3A0%3Als%3A1244011827523%3Ahid%3A804324124%3Az%3A0%3Ai%3A20211202080356%3Aet%3A1638432236%3Ac%3A1%3Arn%3A711714282%3Arqn%3A1%3Au%3A163843223623045770%3Aw%3A1600x1107%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1638432235860%3Ads%3A6%2C42%2C41%2C1%2C17%2C0%2C%2C28%2C1%2C%2C%2C%2C139%3Adsn%3A6%2C42%2C41%2C1%2C18%2C0%2C%2C32%2C0%2C%2C%2C%2C140%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1638432236%3At%3AZulassen%20dr%C3%BCcken&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://ourcoolstories.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 02-Dec-2021 08:03:56 GMT
advert.gif
mc.yandex.com/metrika/ Frame 8334 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: ourcoolstories.com
URL: https://ourcoolstories.com/?s=490182923086222258&ssk=09571c4850c0a53eb055e32fc75f0b23&svar=1638432235&z=1241630&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ourcoolstories.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 08:03:56 GMT
last-modified
Wed, 01 Dec 2021 15:22:37 GMT
etag
"61a7690d-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 02 Dec 2021 09:03:56 GMT
/
incorphishor.com/4/4662728/ Frame 8334 		995 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://incorphishor.com/4/4662728/?var=1241630
Requested by
Host: ourcoolstories.com
URL: https://ourcoolstories.com/?s=490182923086222258&ssk=09571c4850c0a53eb055e32fc75f0b23&svar=1638432235&z=1241630&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
de138882fff03e72c02f7753be87fdc76db05f889e55f5b94d02a13b7c87fddd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ourcoolstories.com/

Response headers

server
nginx
date
Thu, 02 Dec 2021 08:03:56 GMT
content-type
text/html; charset=utf8
content-length
995
x-trace-id
cbe244ecc9b9d9cc714467ed0a7da928
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <http://google.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin
* *
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age
86400
pragma
no-cache no-cache
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
expires
Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
timing-allow-origin
*
vb
propeller-tracking.com/ Frame 8334 		0
0
img.gif
my.rtmark.net/ Frame 8334 		43 B
506 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=b1be6ab1285d479cbf5af8ce7791c26d
Requested by
Host: incorphishor.com
URL: https://incorphishor.com/4/4662728/?var=1241630
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 02 Dec 2021 08:03:56 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
https://incorphishor.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
/
www.google.com/ Frame 8334
Redirect Chain
  • http://google.com/
  • http://www.google.com/
  • https://www.google.com/?gws_rd=ssl
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/?gws_rd=ssl
Requested by
Host: incorphishor.com
URL: https://incorphishor.com/4/4662728/?var=1241630
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://incorphishor.com/4/3735488/?var=4662728&ab2r=0&prfrev=false

Response headers

date
Thu, 02 Dec 2021 08:03:56 GMT
expires
-1
cache-control
private, max-age=0
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=31536000
bfcache-opt-in
unload
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding
br
server
gws
content-length
51813
x-xss-protection
0
x-frame-options
SAMEORIGIN
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

Location
https://www.google.com/?gws_rd=ssl
Cache-Control
private
Content-Type
text/html; charset=UTF-8
BFCache-Opt-In
unload
Date
Thu, 02 Dec 2021 08:03:56 GMT
Server
gws
Content-Length
231
X-XSS-Protection
0
X-Frame-Options
SAMEORIGIN

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
analytics.shorte.st
URL
http://analytics.shorte.st/displayed
Domain
propeller-tracking.com
URL
https://propeller-tracking.com/vb?t=71022&bid=undefined&aid=undefined&tp=786.3999996185303

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| NREUM object| newrelic function| __nr_require string| GoogleAnalyticsObject function| ga object| dataLayer function| gtag object| app function| bindInfoButtons function| showClickedInfo object| bean function| domready function| reqwest function| Fingerprint2 object| fuckAdBlock function| t8b function| e6QQ boolean| DEBUG_MODE boolean| ENABLE_LOGS boolean| ENABLE_ONLINE_DEBUGGER boolean| SUPPORT_IE8 boolean| MOBILE_VERSION boolean| EXTERNAL_POLYFILL boolean| SEND_PIXELS boolean| IS_POP_COIN boolean| PIXEL_LOG_LEVEL_INFO boolean| PIXEL_LOG_LEVEL_DEBUG boolean| PIXEL_LOG_LEVEL_WARNING boolean| PIXEL_LOG_LEVEL_ERROR boolean| PIXEL_LOG_LEVEL_METRICS function| f8MM number| LAST_CORRECT_EVENT_TIME number| _3320949029 number| _2942449667 object| zfgformats object| google_tag_manager boolean| fanfilnfjkdsabfhjdsbfkljsvmjhdfb object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| sdk number| iinf boolean| installOnFly boolean| zfgloadedpush boolean| zfgloadedpushopt boolean| zfgloadedpushcode object| onClickExcludes

21 Cookies

Domain/Path Name / Value
gestyy.com/ Name: hl
Value: en
gestyy.com/ Name: cookies-enable
Value: 1
.gestyy.com/ Name: _ga
Value: GA1.2.474181581.1638432235
.gestyy.com/ Name: _gid
Value: GA1.2.1900101580.1638432235
.gestyy.com/ Name: _gat
Value: 1
my.rtmark.net/ Name: ID
Value: 999c6673a83f4c3089e5271263d378ab
shorteh.com/ Name: oaidts
Value: 1638432235
shorteh.com/ Name: OAID
Value: 999c6673a83f4c3089e5271263d378ab
shorteh.com/ Name: syncedCookie
Value: true
.nr-data.net/ Name: JSESSIONID
Value: de7969e5abd400ad
.ourcoolstories.com/ Name: _ym_uid
Value: 163843223623045770
.ourcoolstories.com/ Name: _ym_d
Value: 1638432236
.yandex.com/ Name: yandexuid
Value: 8833951641638432236
.yandex.com/ Name: yuidss
Value: 8833951641638432236
mc.yandex.com/ Name: yabs-sid
Value: 1020155751638432236
.yandex.com/ Name: i
Value: itAcYeqfoXM9deu8kWnP2Ie3FERzxMVxi6X0yK0KZm7x9id35b2fiqQnwjl1hHXZzSsCEEdDfNYCNq8PssaXa2dcRk8=
.yandex.com/ Name: ymex
Value: 1669968236.yrts.1638432236#1669968236.yrtsi.1638432236
.ourcoolstories.com/ Name: _ym_isad
Value: 2
.ourcoolstories.com/ Name: _ym_visorc
Value: b
incorphishor.com/ Name: OAID
Value: b1be6ab1285d479cbf5af8ce7791c26d
incorphishor.com/ Name: oaidts
Value: 1638432236

5 Console Messages

Source Level URL
Text
javascript error URL: http://gestyy.com/eopsRV?utm_source=&utm_medium=QL&utm_name=1
Message:
Access to XMLHttpRequest at 'http://analytics.shorte.st/displayed' from origin 'http://gestyy.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: http://analytics.shorte.st/displayed
Message:
Failed to load resource: net::ERR_FAILED
deprecation warning URL: https://ourcoolstories.com/?s=490182923086222258&ssk=09571c4850c0a53eb055e32fc75f0b23&svar=1638432235&z=1241630&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb(Line 47)
Message:
Permission for the Notification API may no longer be requested from a cross-origin iframe. You should consider requesting permission from a top-level frame or opening a new window instead. See https://www.chromestatus.com/feature/6451284559265792 for more details.
deprecation warning URL: https://ourcoolstories.com/?s=490182923086222258&ssk=09571c4850c0a53eb055e32fc75f0b23&svar=1638432235&z=1241630&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb(Line 47)
Message:
The Notification API may no longer be used from insecure origins. You should consider switching your application to a secure origin, such as HTTPS. See https://goo.gl/rStTGz for more details.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.google.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ads.shorte.st
analytics.shorte.st
bam-cell.nr-data.net
connectedit.co
d301cxwfymy227.cloudfront.net
equiremuke.co
fonts.googleapis.com
fonts.gstatic.com
freychang.fun
gestyy.com
google.com
incorphishor.com
js-agent.newrelic.com
littlecdn.com
mc.yandex.com
mc.yandex.ru
my.rtmark.net
ourcoolstories.com
propeller-tracking.com
ptauxofi.net
shorteh.com
static.sh.st
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
yfetyg.com
yonhelioliskor.com
yqmxfz.com
analytics.shorte.st
propeller-tracking.com
13.32.121.11
139.45.195.8
139.45.197.181
139.45.197.238
139.45.197.239
139.45.197.240
139.45.197.250
139.45.197.251
151.101.66.137
162.247.243.147
2600:9000:2156:3000:12:fc33:3bc0:21
2606:4700:10::6816:1974
2606:4700:20::681a:56b
2606:4700:20::681a:7da
2606:4700:20::681a:99b
2606:4700:3030::ac43:dadd
2606:4700:3033::6815:155b
2606:4700:3037::ac43:ad61
2a00:1450:4001:801::200e
2a00:1450:4001:802::2003
2a00:1450:4001:802::2004
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::200d
2a00:1450:4001:811::200e
2a02:6b8::1:119
2a02:b4a:1:7::9273:1
2a03:2880:f12d:83:face:b00c:0:25de
078f8d637ba3c9b35da7e4392c083232c392aa968c6c4c3af030e7fb9d5d6d17
0e068718b52a629da7626aa4f6f674bd197376475f04844178e276b88695c50c
0f13250dac3eba96683a13d9c0c14c812448cc2f499a6ad6637a17adf094884d
1198768aaf3006a06b233f4bef7d98869a5b87202b4c3876938a24f61236a8a1
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
2850867d45189af6747c0e88fcf55922006b36e447035be87adf4df1046a064d
2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384
39c54f0919d2baea1c89172b3f0bbe2706744643826f319e933b9eb0223e78ac
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
463d2194d71e637aeb688557de6e915540b6c10177c57b7eba183996ef6a0a13
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53ba3541ae765b293259fff16bf4599fb18295116b19d6b928e74d55f67b57a8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54dad09ba42c34cd783f8c1ff2a1a07b035fb527d08f2fd8afbc29e2f1d15af7
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
57a9c6cd97e6b79a42cbcf962f90500d2a0e1ea9c1a56845ee402964b2af5e6d
63cce1521fcd97e195120a05274cd014773a4cb4ef37d4faa70c2bb8ecb9d999
6c2f5586dc8758e29d2994722ab3238d2e076441f44bd76cb082309067503238
7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5
7feaaccec6c1dd4a6130d53515de689229ba0485c90278bacfc9d5a699cc4d12
80015d6f0abcc16f1dc20b62befd496a2d649447d498885a6dea4cf3ad30d751
8146dfca511f063c33c05e13e151ed3d3456441590a4b1358bbc99b320a02b8d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87eb4c9fa2bd3a95f29b584d8c1154e5d2c137ccbbc8572dedc6218beefa656f
87ff48a9cd88a4c7f8611fbbf68b4da09401553cad4f8f23ae71cf4aef0a4a08
8c96e5c31caef7a69880681bfc5a73b423b39610767c463e3fbe444488b5dc38
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a957910dfed84ef772accf0a0ceb2e7a55a0de9faf7aa254079760973fbc5932
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
b0886a203b4a8452136091091a4555fd6421c05c3e2fe74ccc9afed5b1637055
b636e7f8d2c6a9fc553d5b48af17c9d6a7f77b088ca722600badb6a5762345e8
b7c1b2700d7b5eaa2ff7fa0cbce701f1c23b65e45e880411a9940e8e9e32c92a
ba2754aff6e8a94e3eaaa03f0f30502982c5fe263dca8d7fceeef63284cb75ee
bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f
ce751c1a36f19a34d9116b17e472f75bd51357e4f835a5c8a1b36689f56c9099
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dd9445c957df98bf934db24def85c911957ce1adb3f3e3cc6e14fa3f7f63c50d
de138882fff03e72c02f7753be87fdc76db05f889e55f5b94d02a13b7c87fddd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fd6832e13fca9622a46af5fddb394c358ef083d84002896aca34613d77780e
eea3222b97ee716a699e47886b2f4471a1257a3362007a874f6c53c87dd1200f
fd7607ab554a8c5af9aed32593ae99aaf0682198dbbd277372e8b663bd98b001
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881