support.powershelltech.com Open in urlscan Pro
15.204.232.110 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://support.powershelltech.com/
Submission: On August 26 via automatic, source certstream-suspicious (August 26th 2024, 11:59:04 am UTC) — Scanned from GB

Summary HTTP 46 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 12 domains to perform 46 HTTP transactions. The main IP is 15.204.232.110, located in Reston, United States and belongs to OVH, FR. The main domain is support.powershelltech.com.
TLS certificate: Issued by E6 on August 25th 2024. Valid for: 3 months.

This is the only time support.powershelltech.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	15.204.232.110 15.204.232.110	16276 (OVH) (OVH)
1	47.89.219.37 47.89.219.37	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3030::ac43:8b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3032::ac43:abcb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:41d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	35.158.70.220 35.158.70.220	16509 (AMAZON-02) (AMAZON-02)
9	192.243.59.13 192.243.59.13	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
4	45.133.44.9 45.133.44.9	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
46	15

12 15.204.232.110 (Reston, United States)

ASN16276 (OVH, FR)
PTR: vps-f89554e3.vps.ovh.us

support.powershelltech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.89.219.37 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

www.cutercounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3030::ac43:8b77 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:abcb (United States)

ASN13335 (CLOUDFLARENET, US)

data.ch3n.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:41d (United States)

ASN13335 (CLOUDFLARENET, US)

invidget.switchblade.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.70.220 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-70-220.eu-central-1.compute.amazonaws.com

proftrafficcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

executeabattoir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.9 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cdn.cloudimagesb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	powershelltech.com support.powershelltech.com	97 KB
9	executeabattoir.com executeabattoir.com — Cisco Umbrella Rank: 213308	24 KB
6	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157 tpc.googlesyndication.com — Cisco Umbrella Rank: 203	194 KB
5	fontawesome.com ka-f.fontawesome.com — Cisco Umbrella Rank: 7493	177 KB
4	cloudimagesb.com cdn.cloudimagesb.com — Cisco Umbrella Rank: 13358	197 KB
2	adtrafficquality.google ep1.adtrafficquality.google ep2.adtrafficquality.google	19 KB
2	ch3n.cc data.ch3n.cc	2 KB
1	proftrafficcounter.com proftrafficcounter.com — Cisco Umbrella Rank: 8770	308 B
1	gstatic.com fonts.gstatic.com	24 KB
1	switchblade.xyz invidget.switchblade.xyz
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
1	cutercounter.com www.cutercounter.com	817 B
46	12

	Domain	Requested by
12	support.powershelltech.com	support.powershelltech.com
9	executeabattoir.com	support.powershelltech.com
5	ka-f.fontawesome.com	support.powershelltech.com
5	pagead2.googlesyndication.com	support.powershelltech.com pagead2.googlesyndication.com
4	cdn.cloudimagesb.com
2	data.ch3n.cc	support.powershelltech.com data.ch3n.cc
1	tpc.googlesyndication.com	ep2.adtrafficquality.google
1	ep2.adtrafficquality.google	pagead2.googlesyndication.com
1	ep1.adtrafficquality.google	pagead2.googlesyndication.com
1	proftrafficcounter.com	support.powershelltech.com
1	fonts.gstatic.com	fonts.googleapis.com
1	invidget.switchblade.xyz	support.powershelltech.com
1	fonts.googleapis.com	support.powershelltech.com
1	www.cutercounter.com	support.powershelltech.com
46	14

This site contains links to these domains. Also see Links.

Domain
docs.google.com
www.cutercounter.com

Subject Issuer	Validity	Valid
support.powershelltech.com E6	`2024-08-25` - `2024-11-23`	3 months	crt.sh
cutercounter.com E5	`2024-06-28` - `2024-09-26`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
ka-f.fontawesome.com WE1	`2024-07-01` - `2024-09-29`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
ch3n.cc WE1	`2024-07-14` - `2024-10-12`	3 months	crt.sh
switchblade.xyz WE1	`2024-07-28` - `2024-10-26`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
proftrafficcounter.com Amazon RSA 2048 M03	`2023-11-21` - `2024-12-19`	a year	crt.sh
executeabattoir.com R11	`2024-06-30` - `2024-09-28`	3 months	crt.sh
adtrafficquality.google WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
cdn.cloudimagesb.com R10	`2024-07-20` - `2024-10-18`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://support.powershelltech.com/
Frame ID: 8F8E1843691ED632974C4459753FE2DF
Requests: 41 HTTP requests in this frame

Frame: https://invidget.switchblade.xyz/vV7mkcPhMy?theme=dark
Frame ID: 97391C5643788F75C4C69FF06DF6B7CA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240821/r20110914/zrt_lookup_fy2021.html
Frame ID: 5FCF307EE6E14648E0FFFD25BCCBAF3B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-6700774525685317&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1722999842&plat=3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsupport.powershelltech.com%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=32_7~29_18~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&itsi=-1&aiapm=0.41421&aiapmi=0.44357&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1724673537139&bpp=3&bdt=919&idt=319&shv=r20240821&mjsv=m202408190201&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=5548775081317&frm=20&pv=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44798934%2C95332923%2C95333411%2C95334830%2C95338228%2C31086462%2C21065724&oid=2&pvsid=1781721758414579&tmod=429501322&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=356
Frame ID: A5CF2974ACBAECAA59D6040DF0C9525C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-6700774525685317&output=html&h=280&slotname=5324022054&adk=1558636061&adf=854766408&pi=t.ma~as.5324022054&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1722999842&rafmt=1&format=1200x280&url=https%3A%2F%2Fsupport.powershelltech.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1724673537142&bpp=2&bdt=921&idt=371&shv=r20240821&mjsv=m202408190201&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5548775081317&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=602&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44798934%2C95332923%2C95333411%2C95334830%2C95338228%2C31086462%2C21065724&oid=2&pvsid=1781721758414579&tmod=429501322&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=382
Frame ID: F8CD49A85725E9303127BE2F66A9E0E9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 17432C51B19FC3BDB84D1B4C48CA78F1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dashboard

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

46
Requests

98 %
HTTPS

64 %
IPv6

12
Domains

14
Subdomains

15
IPs

2
Countries

736 kB
Transfer

1223 kB
Size

9
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://docs.google.com/spreadsheets/d/1j4pSMcTHv8APUjVet4D5vgvzP1AeRw-jOQLZW5FIvao/edit?usp=sharing
Title: Game request Status

Search URL Search Domain Scan URL

URL: https://www.cutercounter.com/hits.php?id=hxofkcx&nd=9&style=40

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
support.powershelltech.com/ 3 KB
2 KB 731ms
182ms Document
text/html 15.204.232.110
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://support.powershelltech.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 15.204.232.110 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS: vps-f89554e3.vps.ovh.us
Software: openresty / Express
Resource Hash: 80be7a282bb6a703f7b839fded28a2c68dca8adf9d3ec530f1b8bb38460c375e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 26 Aug 2024 11:58:56 GMT
ETag: W/"cea-1912acb24db"
Last-Modified: Wed, 07 Aug 2024 03:04:02 GMT
Server: openresty
Transfer-Encoding: chunked
X-Powered-By: Express
X-Served-By: support.powershelltech.com

GET
H/1.1 200
OK font.js Show response
support.powershelltech.com/assets/js/ 11 KB
11 KB 108ms
106ms Script
application/javascript 15.204.232.110
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://support.powershelltech.com/assets/js/font.js
Requested by: Host: support.powershelltech.com
URL: https://support.powershelltech.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 15.204.232.110 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS: vps-f89554e3.vps.ovh.us
Software: openresty / Express
Resource Hash: c9a3d179bfed32846024ccba2747d360ea292c74ee721f1924feb2bc4d6844f0

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

X-Served-By: support.powershelltech.com
Date: Mon, 26 Aug 2024 11:58:56 GMT
Server: openresty
X-Powered-By: Express
ETag: W/"2c3a-190b7280d83"
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=45064
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11322
Expires: Tue, 27 Aug 2024 00:30:00 GMT

GET
H/1.1 200
OK randomSentence.js Show response
support.powershelltech.com/assets/js/ 743 B
1 KB 432ms
178ms Script
application/javascript 15.204.232.110
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://support.powershelltech.com/assets/js/randomSentence.js?v=2
Requested by: Host: support.powershelltech.com
URL: https://support.powershelltech.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 15.204.232.110 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS: vps-f89554e3.vps.ovh.us
Software: openresty / Express
Resource Hash: c3234cfbbb5246b4e59b0709eb239d0833d712fd4bc8f889d4697c7ca81f3d40

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

X-Served-By: support.powershelltech.com
Date: Mon, 26 Aug 2024 11:58:56 GMT
Server: openresty
X-Powered-By: Express
ETag: W/"2e7-190b7280d83"
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=45064
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 743
Expires: Tue, 27 Aug 2024 00:30:00 GMT

GET
H/1.1 200
OK index.css
support.powershelltech.com/assets/css/ 2 KB
3 KB 212ms
104ms Stylesheet
text/css 15.204.232.110
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://support.powershelltech.com/assets/css/index.css
Requested by: Host: support.powershelltech.com
URL: https://support.powershelltech.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 15.204.232.110 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS: vps-f89554e3.vps.ovh.us
Software: openresty / Express
Resource Hash: c1c567e3cc6aeb229ffff4bc6f1cbb4c39cb995f1a7404ba28b1a1760fb3bc24

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

X-Served-By: support.powershelltech.com
Date: Mon, 26 Aug 2024 11:58:56 GMT
Server: openresty
X-Powered-By: Express
ETag: W/"8cd-190b7280d83"
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=45064
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2253
Expires: Tue, 27 Aug 2024 00:30:00 GMT

GET
H/1.1 200
OK style.css
support.powershelltech.com/assets/css/ 2 KB
2 KB 318ms
105ms Stylesheet
text/css 15.204.232.110
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://support.powershelltech.com/assets/css/style.css
Requested by: Host: support.powershelltech.com
URL: https://support.powershelltech.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 15.204.232.110 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS: vps-f89554e3.vps.ovh.us
Software: openresty / Express
Resource Hash: a86338081e5ba630b64ba27e36e0052908885e5af6adace25b468880e4d58c8d

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

X-Served-By: support.powershelltech.com
Date: Mon, 26 Aug 2024 11:58:56 GMT
Server: openresty
X-Powered-By: Express
ETag: W/"722-190b7280d83"
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=45064
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1826
Expires: Tue, 27 Aug 2024 00:30:00 GMT

GET
H/1.1 200
OK nav.css
support.powershelltech.com/assets/css/ 1 KB
2 KB 349ms
99ms Stylesheet
text/css 15.204.232.110
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://support.powershelltech.com/assets/css/nav.css?v=3
Requested by: Host: support.powershelltech.com
URL: https://support.powershelltech.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 15.204.232.110 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS: vps-f89554e3.vps.ovh.us
Software: openresty / Express
Resource Hash: 8fee3233781c1cef6ca718f2edc0a86a6064b0885cbcb1e29862e26ad49ff99d

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

X-Served-By: support.powershelltech.com
Date: Mon, 26 Aug 2024 11:58:56 GMT
Server: openresty
X-Powered-By: Express
ETag: W/"593-190b7280d83"
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=45064
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1427
Expires: Tue, 27 Aug 2024 00:30:00 GMT

GET
H/1.1 200
OK script.js Show response
support.powershelltech.com/assets/js/ 3 KB
3 KB 434ms
179ms Script
application/javascript 15.204.232.110
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://support.powershelltech.com/assets/js/script.js?v=10
Requested by: Host: support.powershelltech.com
URL: https://support.powershelltech.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 15.204.232.110 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS: vps-f89554e3.vps.ovh.us
Software: openresty / Express
Resource Hash: 75cd0f408875c6a05c8594694d6a674a40778823bcc96869e0ae9c159d3927ee

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

X-Served-By: support.powershelltech.com
Date: Mon, 26 Aug 2024 11:58:56 GMT
Server: openresty
X-Powered-By: Express
ETag: W/"a25-1916156c15e"
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=45064
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2597
Expires: Tue, 27 Aug 2024 00:30:00 GMT

GET
H/1.1 200
OK easteregg.min.js Show response
support.powershelltech.com/assets/js/ 442 B
830 B 101ms
101ms Script
application/javascript 15.204.232.110
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://support.powershelltech.com/assets/js/easteregg.min.js
Requested by: Host: support.powershelltech.com
URL: https://support.powershelltech.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 15.204.232.110 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS: vps-f89554e3.vps.ovh.us
Software: openresty / Express
Resource Hash: 39d7c7ac65d9e4421322a5ab7e0cd2fcead337da3c66749c65aa7f4bab785dad

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

X-Served-By: support.powershelltech.com
Date: Mon, 26 Aug 2024 11:58:56 GMT
Server: openresty
X-Powered-By: Express
ETag: W/"1ba-190b7280d83"
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=45064
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 442
Expires: Tue, 27 Aug 2024 00:30:00 GMT

GET
H/1.1 200
OK hits.php
www.cutercounter.com/ 617 B
817 B 1200ms
165ms Image
image/gif 47.89.219.37
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cutercounter.com/hits.php?id=hxofkcx&nd=9&style=40
Requested by: Host: support.powershelltech.com
URL: https://support.powershelltech.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 47.89.219.37 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache / PHP/7.0.33
Resource Hash: 1350e9b0ba21b4e5e71a49e7937bd399e2ce0db1cdf8249d4d728f5734633ffd

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 26 Aug 2024 11:58:57 GMT
Server: Apache
Connection: Keep-Alive
X-Powered-By: PHP/7.0.33
Content-Length: 617
Keep-Alive: timeout=5, max=100
Content-Type: image/gif

GET
H/1.1 200
OK adsterra.js Show response
support.powershelltech.com/assets/js/ 36 KB
37 KB 179ms
179ms Script
application/javascript 15.204.232.110
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://support.powershelltech.com/assets/js/adsterra.js
Requested by: Host: support.powershelltech.com
URL: https://support.powershelltech.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 15.204.232.110 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS: vps-f89554e3.vps.ovh.us
Software: openresty / Express
Resource Hash: 279a6ea5548a4547f02ae626de054d228e3b80cf01469e0060c110db3cc5489b

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

X-Served-By: support.powershelltech.com
Date: Mon, 26 Aug 2024 11:58:56 GMT
Server: openresty
X-Powered-By: Express
ETag: W/"91ee-1912ab43ec5"
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=45064
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37358
Expires: Tue, 27 Aug 2024 00:30:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 202ms
54ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6700774525685317

Requested by

Host: support.powershelltech.com
URL: https://support.powershelltech.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a81b760125f6c53f494018222a7f9c2b3909b2899f91e2812590e22815c04f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://support.powershelltech.com/
Origin: https://support.powershelltech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 11:58:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52078
x-xss-protection: 0
server: cafe
etag: 17662237949221087146
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 26 Aug 2024 11:58:57 GMT

GET
H3 200 free.min.css Show response
ka-f.fontawesome.com/releases/v6.4.2/css/ 100 KB
23 KB 145ms
52ms Fetch
text/css 2606:4700:3030::ac43:8b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.2/css/free.min.css?token=8e467ad554
Requested by: Host: support.powershelltech.com
URL: https://support.powershelltech.com/assets/js/font.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e0821588462d15b0ff8e911760fc041332c162e2e30ab4b1071bcc8eb6c8223

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 11:58:56 GMT
content-encoding: gzip
via: 1.1 851879d53a84651e63e2408132976dfe.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR5-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
server: cloudflare
etag: W/"ae737a19e46fd502ba9cbe9e33213861"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WOfGT5s79z0uf0pHYQeqmndgI4iYv%2FNheq8Q7WDapqFmvv%2BISpBJTG%2Fk4e6DdT%2FlitEbyMqDjL79KgcWQxGlC1qADw9hqywAvzEOCgLz98DukpaSWyrOx4c0goMUne%2BcGOW10yly625PR9skkba8%2BG4ahA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8b93a722cace4141-LHR
access-control-allow-headers: fa-kit-token
x-amz-cf-id: Ckmvo4HaqJxOSZOxNX1qpDO_3n6GKzdyVNNOHIUt5q-C1E0oiOx_Bg==

GET
H3 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v6.4.2/css/ 27 KB
5 KB 172ms
79ms Fetch
text/css 2606:4700:3030::ac43:8b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.2/css/free-v4-shims.min.css?token=8e467ad554
Requested by: Host: support.powershelltech.com
URL: https://support.powershelltech.com/assets/js/font.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 236e285339a2a692e9491d356489cdf83513cfb1add049a0620123d644e47554

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 11:58:56 GMT
content-encoding: gzip
via: 1.1 d9724ab1ffbd159e13ec0a9fda972d3e.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR5-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
server: cloudflare
etag: W/"da06df503ced6ee507b5fb4fa0999f74"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u05r79LHqBDcUl84zOpCDMdnptwqvTeyfDkXfAFVUzdnmH2RIDGpMGmGt1E3fH8SKr1Ex1522XX2uVg64c98HBAFu2PvrpUtAHpdv%2B4cwqYoJ6UoLQ6dTo1gCylEo%2FtGQn3gCEW1%2FxRiORgO4OOI9nR2vA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8b93a722cad24141-LHR
access-control-allow-headers: fa-kit-token
x-amz-cf-id: Ot2WBys8NJMqDnoyib3U8tlYWYlNONCPG-R6rOuG7gYbDRcyzhCvMg==

GET
H3 200 free-v5-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.4.2/css/ 823 B
1000 B 172ms
79ms Fetch
text/css 2606:4700:3030::ac43:8b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.2/css/free-v5-font-face.min.css?token=8e467ad554
Requested by: Host: support.powershelltech.com
URL: https://support.powershelltech.com/assets/js/font.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e81443469aa4b967191ce19b7474eb223746a2b8d5dc42d3786da84d99dfad9

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 11:58:56 GMT
via: 1.1 02462ba58311d13c5134d2086aba8b32.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR5-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
server: cloudflare
etag: W/"dbf296002d53e56d340b105d9d764940"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=juxvigEPYc%2Btdp1sluErBpowknox4I9QhJ3PJ6H5%2BCyJWLu9BM4nYNz213Pq76MJOl5oYeBc%2Bw0UFbXvgyBTaMTX9w%2FBrLDwOoPazf9LP%2FMm7ySujeVVL4vme3%2Fmyq7%2FAJBqLCsIECLGyr5MKgzGcm1Raw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8b93a722cad34141-LHR
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 7IGqGlFDvePzhTReTzcqgmx-clju5VL3j5BZeMB5C5VnOIH-sB7o1w==

GET
H3 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.4.2/css/ 2 KB
1 KB 171ms
78ms Fetch
text/css 2606:4700:3030::ac43:8b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.2/css/free-v4-font-face.min.css?token=8e467ad554
Requested by: Host: support.powershelltech.com
URL: https://support.powershelltech.com/assets/js/font.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c58c4804370b9c347d517491c450416ca371fb1403aceaa1d6f751403b07c48

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 11:58:56 GMT
content-encoding: gzip
via: 1.1 64fe15439df273f1f7429f1dfac4f792.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR5-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
server: cloudflare
etag: W/"9b853b50f37dd0ca770ce0f294d427df"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MGzcfNHslhEbHCbBRe7z76%2FXyCy3lSUJCW1L4Qf2wSU9wRjKbP3hHDdcXG2WiXwO8ruRprYMwBAdhYL8%2B9PnRdl%2Fvu22hM6cd0B2Q13lvz6N2txV7RTVOgH7MEW9w78JN3npsbND78nVW87qyW4ti3VcQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8b93a722cad04141-LHR
access-control-allow-headers: fa-kit-token
x-amz-cf-id: q6a9RsXYKtUP4eXM527ufxogwghJLilb4P2VP7LZQyddwpYu_IW_qg==

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 215ms
62ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter&display=swap

Requested by

Host: support.powershelltech.com
URL: https://support.powershelltech.com/assets/css/index.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e316368629d77dc310250a03185c68e58a2abe54c6517f04fd9fd258a4355257

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 26 Aug 2024 11:58:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 26 Aug 2024 10:20:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Aug 2024 11:58:56 GMT

GET
H3 200 script.tagged-events.js Show response
data.ch3n.cc/js/ 3 KB
2 KB 155ms
41ms Script
application/javascript 2606:4700:3032::ac43:abcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://data.ch3n.cc/js/script.tagged-events.js

Requested by

Host: support.powershelltech.com
URL: https://support.powershelltech.com/assets/js/script.js?v=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:abcb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c022ad0172c4e1509cdbcbd659b3842c0e0cd62cf201c1aa0a7cfd7cacb2b71a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 11:58:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37042
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: data.ch3n.cc
last-modified: Mon, 26 Aug 2024 01:41:35 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CgOZI%2FQFOdjNleemFFqqxfd7%2BhzfcifUv%2FuJ1nTvsw0NgJW1RIORg2wG4n5NdgFRP3YA%2FY%2BATgij8M9un%2Bw9aRaRBa6fgr0bBSsS5opW21CPAtX1ByBFqTUSgRZ5iSnsyOkHMPy0snKABf4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=82105
cf-ray: 8b93a726488e9442-LHR
expires: Tue, 27 Aug 2024 00:30:00 GMT

GET
H/1.1 200
OK ads.json Show response
support.powershelltech.com/assets/json/ 114 B
505 B 109ms
108ms Fetch
application/json 15.204.232.110
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://support.powershelltech.com/assets/json/ads.json
Requested by: Host: support.powershelltech.com
URL: https://support.powershelltech.com/assets/js/script.js?v=10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 15.204.232.110 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS: vps-f89554e3.vps.ovh.us
Software: openresty / Express
Resource Hash: 87d572ee363b8a7fa5de0bd76f1844d1e52ff54adfcac183120b37137e86fc58

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 26 Aug 2024 11:58:56 GMT
Last-Modified: Wed, 07 Aug 2024 02:39:01 GMT
Server: openresty
X-Powered-By: Express
ETag: W/"72-1912ab43ec6"
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 114
X-Served-By: support.powershelltech.com

GET
H2 200 vV7mkcPhMy
invidget.switchblade.xyz/ Frame 9739 0
0 713ms
569ms Document
image/svg+xml 2606:4700:20::681a:41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://invidget.switchblade.xyz/vV7mkcPhMy?theme=dark
Requested by: Host: support.powershelltech.com
URL: https://support.powershelltech.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Referer: https://support.powershelltech.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: max-age=14400
cf-cache-status: EXPIRED
cf-ray: 8b93a7267cbf76de-LHR
content-encoding: br
content-type: image/svg+xml; charset=utf-8
date: Mon, 26 Aug 2024 11:58:57 GMT
etag: W/"6726-br+T2vGTRlla2Bpba8AyG+Y/B6Q"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zmWdYaPGgh7WCok1qZYgblnGgd6NgbU2nWkZ6C5GjRlrVsYf8fKOG5GF6hSLvmV6hewr2R0bp5BdBARs19p6cdJccXcHz4AajuDcMRD11pDyhBlm%2B6rKNpTfF9OhzGyZRQTfMQjGN8mN6wX3TDU4eXYBd%2BxyIA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: Express
x-served-by: invidget.switchblade.xyz

GET
H2 200 UcCO3FwrK3iLTeHuS_nVMrMxCp50SjIw2boKoduKmMEVuLyfAZ9hiA.woff2
fonts.gstatic.com/s/inter/v18/ 23 KB
24 KB 186ms
54ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v18/UcCO3FwrK3iLTeHuS_nVMrMxCp50SjIw2boKoduKmMEVuLyfAZ9hiA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd05e326cf8eac3b55acecf29c842ed73e6e6dd06491cf47f7e8800680ab3e33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://support.powershelltech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:15:40 GMT
x-content-type-options: nosniff
age: 510197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23692
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:45:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:15:40 GMT

GET
H3 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.4.2/webfonts/ 147 KB
147 KB 56ms
55ms Font
font/woff2 2606:4700:3030::ac43:8b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.4.2/webfonts/free-fa-solid-900.woff2
Requested by: Host: support.powershelltech.com
URL: https://support.powershelltech.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3e9a900f61c6811de529e4227226b898ce88b65a66347d0088a2da3af5e60b5

Request headers

Referer: https://support.powershelltech.com/
Origin: https://support.powershelltech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 11:58:56 GMT
via: 1.1 15daa09affbc43879e6c6220fe3ec1dc.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR5-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 150020
last-modified: Tue, 01 Aug 2023 19:25:32 GMT
server: cloudflare
etag: "a8dcee416ebfe6e615e5902a49500e48"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BW63yfExmG3nzU46%2BwGN7qpVCGpxA5u8x%2FQkB41j6MsTA%2Bwf3Tbw%2F9q15d%2FL2a9Z62oBkekJAIthJw%2FLhjB1kUEvif89HifMXpEWoCPWjH5UkvJxto9ImgEd4KNwQNw9ZBSoodqiJsMy%2F0IPwYHdHSul3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 8b93a725bebc4141-LHR
access-control-allow-headers: fa-kit-token
x-amz-cf-id: aMhE4nIY_UlJ9h5XKRG4uoq0ozHh0dhvkwkVGqIhrU-GOhlpzSBQZA==

POST
H3 202 event Show response
data.ch3n.cc/api/ 2 B
523 B 353ms
259ms XHR
text/plain 2606:4700:3032::ac43:abcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ch3n.cc/api/event
Requested by: Host: data.ch3n.cc
URL: https://data.ch3n.cc/js/script.tagged-events.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:abcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Aug 2024 11:58:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aYx7DMGrLhKLlDgfJkPwK5szWYs6RSRpIucDQq9Un9QJgj5eaekOwP2OI%2F%2FJVO2WeCKfk0lc40fpgqgWBvSkXjE%2BZLpMXy5dIVOH0%2BwwIHtQvrtUWQUiqcn%2FNgl3NtvCU9IuVqcNaxgZz0A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b93a72729a16323-LHR
alt-svc: h3=":443"; ma=86400
content-length: 2
x-request-id: F-9FcccIczkkMUgCbM_h

GET
H2 200 stats Show response
proftrafficcounter.com/ 40 B
308 B 223ms
63ms XHR
text/html 35.158.70.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proftrafficcounter.com/stats
Requested by: Host: support.powershelltech.com
URL: https://support.powershelltech.com/assets/js/adsterra.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.70.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-70-220.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: 66c0a42308dfaebf3623cad0be75bb06c49342f2aeba6cfdcdc25392ee101d23

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://support.powershelltech.com
date: Mon, 26 Aug 2024 11:58:57 GMT
access-control-allow-credentials: true
server: fasthttp
content-length: 40
vary: Origin
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK ntv.json Show response
executeabattoir.com/ 17 KB
18 KB 1430ms
333ms XHR
application/json 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://executeabattoir.com/ntv.json?key=d748553ce609adfb19cbe01dc3948c7b&vstc=4

Requested by

Host: support.powershelltech.com
URL: https://support.powershelltech.com/assets/js/adsterra.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

7c8123fc03d47ce50bc27ca79f0a91e32c2bbf1d1648372b9caae2f0b5bb2c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Aug 2024 11:58:58 GMT
Custom-Referer: https://support.powershelltech.com
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: application/json
Access-Control-Allow-Origin: https://support.powershelltech.com
Cache-Control: no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 17204
X-Request-ID: 7600595c6c8edd24228cbf480724f45e
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408190201/ 426 KB
143 KB 225ms
87ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408190201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6700774525685317&plah=support.powershelltech.com&bust=31086462

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6700774525685317

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c497f0c0f5e5ba7019b52771d35b6e2e8dab554c2ed0409083cf00d35036fb93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 11:58:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146304
x-xss-protection: 0
server: cafe
etag: 7048890578235801213
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 26 Aug 2024 11:58:57 GMT

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240821/r20110914/ Frame 5FCF 0
0 173ms
38ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240821/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408190201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6700774525685317&plah=support.powershelltech.com&bust=31086462

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://support.powershelltech.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age: 17147
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Aug 2024 07:13:10 GMT
etag: 5947459844715414650
expires: Mon, 09 Sep 2024 07:13:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads
pagead2.googlesyndication.com/pagead/ Frame A5CF 0
0 184ms
71ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-6700774525685317&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1722999842&plat=3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsupport.powershelltech.com%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=32_7~29_18~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&itsi=-1&aiapm=0.41421&aiapmi=0.44357&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1724673537139&bpp=3&bdt=919&idt=319&shv=r20240821&mjsv=m202408190201&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=5548775081317&frm=20&pv=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44798934%2C95332923%2C95333411%2C95334830%2C95338228%2C31086462%2C21065724&oid=2&pvsid=1781721758414579&tmod=429501322&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=356

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://support.powershelltech.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Aug 2024 11:58:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads
pagead2.googlesyndication.com/pagead/ Frame F8CD 0
0 143ms
56ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-6700774525685317&output=html&h=280&slotname=5324022054&adk=1558636061&adf=854766408&pi=t.ma~as.5324022054&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1722999842&rafmt=1&format=1200x280&url=https%3A%2F%2Fsupport.powershelltech.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1724673537142&bpp=2&bdt=921&idt=371&shv=r20240821&mjsv=m202408190201&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5548775081317&frm=20&pv=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=602&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44798934%2C95332923%2C95333411%2C95334830%2C95338228%2C31086462%2C21065724&oid=2&pvsid=1781721758414579&tmod=429501322&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=382

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://support.powershelltech.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Aug 2024 11:58:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK quotes.json Show response
support.powershelltech.com/assets/json/ 2 KB
2 KB 100ms
100ms Fetch
application/json 15.204.232.110
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://support.powershelltech.com/assets/json/quotes.json
Requested by: Host: support.powershelltech.com
URL: https://support.powershelltech.com/assets/js/randomSentence.js?v=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 15.204.232.110 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS: vps-f89554e3.vps.ovh.us
Software: openresty / Express
Resource Hash: 9a10fffaa31b91beb37d838595b2b577a89d7565e8739b9daab92c41bc57146d

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Mon, 26 Aug 2024 11:58:58 GMT
Last-Modified: Mon, 15 Jul 2024 16:09:33 GMT
Server: openresty
X-Powered-By: Express
ETag: W/"827-190b7280d83"
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2087
X-Served-By: support.powershelltech.com

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 166ms
57ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20240821&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

158d6fdd99970f5ded84d8f8d9a6f735cbf6be1eb4cf4fc30e826768eb9affa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 11:58:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12886
x-xss-protection: 0

GET
H/1.1 200
OK canvas.ico
support.powershelltech.com/img/ 32 KB
33 KB 180ms
180ms Other
image/x-icon 15.204.232.110
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://support.powershelltech.com/img/canvas.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 15.204.232.110 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS: vps-f89554e3.vps.ovh.us
Software: openresty / Express
Resource Hash: 46bf05e4101596386341b4c193ba9ef1ae1fb40dd26b87c10799e941d9425d2b

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

X-Served-By: support.powershelltech.com
Date: Mon, 26 Aug 2024 11:58:58 GMT
Server: openresty
X-Powered-By: Express
ETag: W/"80dc-190b7280d8b"
Content-Type: image/x-icon
Access-Control-Allow-Origin: *
Cache-Control: max-age=45062
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32988
Expires: Tue, 27 Aug 2024 00:30:00 GMT

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 17 KB
7 KB 210ms
69ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 11:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 26 Aug 2024 11:58:58 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1743 0
0 189ms
53ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://support.powershelltech.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 16551
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Aug 2024 07:23:07 GMT
expires: Tue, 26 Aug 2025 07:23:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1708427781.jpg
cdn.cloudimagesb.com/cti/50/bb/49/50bb4904274ce51b258c63445c8c2a7a/ 22 KB
22 KB 210ms
74ms Image
image/jpeg 45.133.44.9
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cloudimagesb.com/cti/50/bb/49/50bb4904274ce51b258c63445c8c2a7a/1708427781.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.9 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: a3ee91b5709a007d7f26b30f9481e89b2c4322bc8d22219f4903e51f5dafa7b1

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Mon, 26 Aug 2024 11:58:58 GMT
last-modified: Tue, 20 Feb 2024 11:16:29 GMT
server: nginx/1.21.6
etag: "65d48a0d-58cb"
x-cdn-host-id: ds5950
content-type: image/jpeg
cache-control: max-age=172800
accept-ranges: bytes
content-length: 22731
expires: Wed, 28 Aug 2024 11:58:58 GMT

GET
H2 200 b04258ef4b9f69924779b7a198d15a286a717b865fd13abdafca2e41625f05bc.png
cdn.cloudimagesb.com/si/ 134 KB
135 KB 194ms
58ms Image
image/png 45.133.44.9
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cloudimagesb.com/si/b04258ef4b9f69924779b7a198d15a286a717b865fd13abdafca2e41625f05bc.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.9 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: 71b577955176e41307be2f3174415b0a09c2c6e1cc710131d99828e7a89309d3

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Mon, 26 Aug 2024 11:58:58 GMT
last-modified: Sat, 24 Aug 2024 22:36:12 GMT
server: nginx/1.21.6
etag: "66ca605c-219d8"
x-cdn-host-id: ds5950
content-type: image/png
cache-control: max-age=172800
accept-ranges: bytes
content-length: 137688
expires: Wed, 28 Aug 2024 11:58:58 GMT

GET
H2 200 1708437393.jpg
cdn.cloudimagesb.com/cti/f2/23/22/f223227bdfd32ff774d0121f68d96cd9/ 22 KB
22 KB 209ms
74ms Image
image/jpeg 45.133.44.9
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cloudimagesb.com/cti/f2/23/22/f223227bdfd32ff774d0121f68d96cd9/1708437393.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.9 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: b040359a4b6c767702bc88b843dc9fcf4749c40ab7d26eb6130ffc820d92b1cb

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Mon, 26 Aug 2024 11:58:58 GMT
last-modified: Tue, 20 Feb 2024 13:56:41 GMT
server: nginx/1.21.6
etag: "65d4af99-56f3"
x-cdn-host-id: ds5950
content-type: image/jpeg
cache-control: max-age=172800
accept-ranges: bytes
content-length: 22259
expires: Wed, 28 Aug 2024 11:58:58 GMT

GET
H2 200 1708427971.jpg
cdn.cloudimagesb.com/cti/ec/c7/f1/ecc7f11637677063a1240cd8523f19b3/ 17 KB
18 KB 176ms
41ms Image
image/jpeg 45.133.44.9
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cloudimagesb.com/cti/ec/c7/f1/ecc7f11637677063a1240cd8523f19b3/1708427971.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.9 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: 01a908ab006d4f1a0915250051804e689793f253c60005d9e6f4581552c5008a

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Mon, 26 Aug 2024 11:58:58 GMT
last-modified: Tue, 20 Feb 2024 11:19:39 GMT
server: nginx/1.21.6
etag: "65d48acb-4537"
x-cdn-host-id: ds5950
content-type: image/jpeg
cache-control: max-age=172800
accept-ranges: bytes
content-length: 17719
expires: Wed, 28 Aug 2024 11:58:58 GMT

GET
H/1.1 200
OK ren.gif
executeabattoir.com/ 7 B
733 B 115ms
114ms Image
image/gif 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://executeabattoir.com/ren.gif?sid=H4sIAAAAAAAC%2F1xSzY8bxRNt729%2FOYAQH%2BIGghGnBEXOzNi7toUQyiYkROsoXxsl4oJ6utvewj3do%2B4Zz2bFYUUCytEHhASn2ecky0cUwR%2BQCHm5oCCk%2BLaX%2FTtyRHZWGFGtVtWrfiVVveqvd4tDFqPgB%2Bqi3Sat%2BamVehgcvxlFHwRdMsVWsNVe%2FWy1eSI4nWVa3VDJOuWnVhqtemM1OL7%2BycbF7slA00AF55UY2BPBmU1nU3Uqitv1cHaCa7zHHR2VgLJHUadZbzXrcRTXozjElvtvxhc1eF6DHB6yN0By%2Bmrw2lcgMYFJfzmr%2FCC32cmP00Lz3DoM5d51MzC2NEgXYc%2FV0DN7R2xY%2F%2BzcE1hzfz4T7PAfYkJTtvRKF4l58KJ1JMNxFLeRaCiDRL6McjiB0hMQn0DY2yB5EULi%2FBpM%2Bui6oVzJYJ1MX9r0BYfPOFN27H83QeWUHbsTwqRP1hzl5DeDDaWVsGlaGBI8J2t8cLl7Blu9CrQ1AfUnyIp95Ns1ULkPkX8Jkn%2Bx4zfehUkfdK2R1oBkNVeEaALqTaDVCNzXUMwu1VD0llBkS0jlQRCKhmytJFysrkZh2BPhSqMlwrgVqV5ThEmEQswaHiHPRhB6BOF2kLkdDGgEV%2FwGv1nByxp8PmW1KzsYygqlYig9Q8kZSmIoc4ZyWN2X2se%2BeiC1L5LoyMdHvlGNbd7f5fdt3leGgbsRnKx2s0P2%2Bkyxmn7zMQbqIJCtZntlpSHUatjhspdEHZGoMJKi0Wm2RSuBpwrkl%2BYjb9OUfbhXR0ZT9ra6goTvw%2Bt9CKqBFxF4WYFvVtg2D%2FupT5UkXudZBmkrZPky8lu1XX3I3prvrEt3oMRTdmQQrkLmKnxOvzP09d3xVVuye1dt6dmvl7KcUtqe7%2FBaznN17Kd1dau0Tl4460c%2Fnhazh1n4cEP5vMuNJNP37Oc1klK5c9YJxR5f8DdUcrnwm2uFM0XWvXzm3IU0c8p7smYCTs8uPYegKfv%2F8%2Ffmn%2FX9bz8FuQlcUSEtFp2SnUBkO%2FDZIuctg9MLnGQ1lEU1dnGySGpi0GqBeVLB%2Fwsni3js%2BKyaU7Xr76LvlsHz2zBphaGrMNQVuB7BFy%2BN88w9%2FeiP72b2PRK9PE60W76XaKe%2FmYs8ZRvvfDFlXb03gz%2FA00EQtnhbNuIo6jRavBe2O4I34k7UbLdbImmKFnI%2F7f1plv4OAAD%2F%2F91gOrO1BAAA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Aug 2024 11:58:58 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: image/gif
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
Content-Length: 7
X-Request-ID: aae410a3accecdac7d6e175dda4dc1f8
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK ren.gif
executeabattoir.com/ 7 B
733 B 223ms
107ms Image
image/gif 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://executeabattoir.com/ren.gif?sid=H4sIAAAAAAAC%2F1xSz4scxRev2Sz5wlfEKLmIou0tgTDbPTO7M4NIyCYmhp1gfmxIblpdVTP73Oqqpqp7erN6WEyUHOfgRU%2B9n0my%2FghB%2F4AEmfUiEcG%2B7WXBk%2F%2BGzGRxxFcU731efR6893n15W5%2ByBrI%2BYG6YrdJa760XA%2BDU7ej6N2gRybfCrY6Kx%2BttE4H59JUq1sqXqNsabnZrjdXglNrH6xf6Z0JNG2q4JISm%2FZ0cH7D2UQtRY1OPZye4Abvc0dHJaD0SdRt1duteiNq1KNGiC3334zPa%2FC8Bjk8ZK%2BBZPVKcOILkJjAJD9eUH4zs%2BmZ95Nc88w6DOXeTbNpbGGQzMO%2Bq6Fv9o7YsP6Pi89gzcPZTLDDf4gxVWzh5R5i8%2BhF64iH46jRQayhDGL5EorhBEpPQHwCYe%2BC5BUIiUurMMmTm4YyJYM1MgNpkxccPuVU7Pix26CiYsfvhTDJs1VHGfmNYF1pJWyS5IYEz8gaH1ztncdWvwRtTUCDCdJ8H9l2DVTsQ2Sfg%2BTv7NStt2GSRz1rpDUgWc4UIZqA%2BhNoNQL3NeTTSzXk%2FQXk6QISeRCEoinbyzEXKytRGPZFuNxsi7DRjlS%2FJcI4Qi6mDY%2BQpSMIPYJwO0jdDjZpBJf%2FDL9RwssafFax2rUdDGWJQjEUnqHgDAUxFBlDMSwfSu0bvnwktc%2Fj6Mg3jnyzHNtssMsf2mygDAN3IzhZ7qaH7NWpYjV98ik21UEg263O8nJTqJWwy2U%2FjroiVmEkRbPb6oh2DE8lyC%2FMRt6mir23V0dKFXtTXUPM9%2BH1PgTVwPMIvCjBN0psm8eDxCdKEq%2FzNIW0JdJsEdmd2q4%2BZG%2FMdrb%2B1mdQ4vnZe9t%2FXnpy8lMIVyJ1JT6hXxgG%2Bv74ui3Yg%2Bu28OynD9OMEtqe7fBGxjN17Ps1daewTl6%2B4EffnRPTh2n4eF35rMeNJDPw7IdVklK5i9YJxZ5e9rdUfDX3G6u5M3nau3r%2B4uUkdcp7smYCThX73947EFSxE3%2B9PvuuS8HHIDeBy0sk%2BXN2ZCC7D5HuwKfznLcMTs9xnC6gyMuxa8TzpCYGreaYxyX8v3A8j8eOT6s5lbv%2BPgZuETy7C5OUGLoSQ12C6xF8%2Fv9xlrrnZ3%2F9emrfINaL41i7xQexdvqrivXo3kzrivX03hR%2BC08HQdjmHdlsRFG32eb9sNMVvNnoRq1Opy3ilmgj81X%2FN7PwdwAAAP%2F%2FHqVJorcEAAA%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Aug 2024 11:58:58 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: image/gif
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
Content-Length: 7
X-Request-ID: b1cd10e01d338af75b49760b3366d7e9
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK ren.gif
executeabattoir.com/ 7 B
733 B 452ms
225ms Image
image/gif 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://executeabattoir.com/ren.gif?sid=H4sIAAAAAAAC%2F1xSzY8bxRNtb1Y5%2FH7iU9xAMMcERc7M2Lu2hRDKJiRE6yhfGyU31NPd9hbb0z3qnvE4Kw4rElCOPnAATrPPSZaPKIILt0TIywUFIcUXtJf9OzgiOyuMqFar6lW%2Fkqpe9Re7xSGLUfADdcluk9b89Eo9DE7ciqL3gi6ZYhgM26sfrzZPBmeyTKubKlmn%2FPRKo1VvrAYn1j%2FauNQ9FWjaUsEFJbbsyeDsprOpOh3F7Xo4O8F13uOOjkpA2eOo06y3mvU4iutRHGLo%2FpvxRQ2e1yAHh%2Bx1kJy%2BErz6OUhMYNIfzym%2Fldvs1IdpoXluHQZy74bZMrY0SBdhz9XQM3tHbFj%2F%2FPxTWPNgPhPs4B9iQlO29FIXiXn4onUkg3EUt5FoKINE%2Fh%2FlYAKlJyA%2BgbB3QPIShMSFNZj08Q1DuZLBOpm%2BtOkLDp9xpuz4sVugcsqO3w1h0qdrjnLym8GG0krYNC0MCZ6TNT640j2LYa8CDSeg%2FgRZsY98uwYq9yHyz0DyD3bi5jsw6cOuNdIakKzmihBNQL0JtBqB%2BxqK2aUait4SimwJqTwIQtGQrZWEi9XVKAx7IlxptEQYtyLVa4owiVCIWcMj5NkIQo8g3A4yt4MtGsEVv8BvVvCyBp9PWe3qDgayQqkYSs9QcoaSGMqcoRxUD6T2sa8eSu2LJDry8ZFvVGOb93f5A5v3lWHgbgQnq93skL02U6ym33iCLXUQyFazvbLSEGo17HDZS6KOSFQYSdHoNNuilcBTBfJL85G3acre36sjoyl7S11Fwvfh9T4E1cCLCLyswDcrbJtH%2FdSnShKv8yyDtBWyfBn57dquPmRvznfW1XtQ4hk7MghXIXMVPqFfGfr63viaLdn9a7b07KfLWU4pbc93eD3nuTr%2B%2Fbq6XVonL57zo%2B%2FOiNnDLHy0oXze5UaS6Xv2wxpJqdx564RiTy76myq5UvjNtcKZIuteOXv%2BYpo55T1ZMwGn55f%2FgqApe%2FnPn%2Bef9d2vhiA3gSsqpMWiU7ITiGwHPlvkvGVweoGT7BjKohq7OFkkNTFotcA8qeD%2FhZNFPHZ8Vs2p2vX30HfL4PkdmLTCwFUY6Apcj%2BCL%2F43zzD374LevZ%2FYNEr08TrRbvp9op7%2Bcsi7dnbKNtz%2Bdyz2D38LTQRC2eFs24ijqNFq8F7Y7gjfiTtRst1siaYoWcj%2Ft%2FW6W%2Fg4AAP%2F%2F1Q6TcrUEAAA%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Aug 2024 11:58:58 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: image/gif
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
Content-Length: 7
X-Request-ID: 6b3137c1b7efb46186bce12010475ec1
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK ren.gif
executeabattoir.com/ 7 B
733 B 365ms
107ms Image
image/gif 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://executeabattoir.com/ren.gif?sid=H4sIAAAAAAAC%2F1xSzYscxRuu2d%2F%2BclDED7wp2nhKJEy6e2Z3ZhCRbGJi2An52pDcpLqqZvZ1qquaqu7pzaKwmCg5zkEEPfU%2Bk2T9CEH%2FgASZ9SIRIXPby%2F4dOcpMFkd8i%2BL9qOeF533e%2Bnq3OGQxCn6gLtpt0pqfWqmHwfGbUfRB0CVTbAVb7dVPV5sngtNZptUNlaxTfmql0ao3VoPj659sXOyeDDQNVHBeiYE9EZzZdDZVp6K4XQ9nJ7jGe9zRUQsoexR1mvVWsx5HcT2KQ2y5%2F1Z8UYPnNcjhIXsDJKevBq99BRITmPSXs8oPcpud%2FDgtNM%2Btw1DuXTcDY0uDdBH2XA09s3eEhvXPzj2BNffnM8EO%2FwEmNGVLr3SRmAcvqCMZjqO4jURDGSTyZZTDCZSegPgEwt4GyYsQEufXYNJH1w3lSgbrZPrSpi8wfIaZsmP%2Fuwkqp%2BzYnRAmfbLmKCe%2FGWworYRN08KQ4DlZ44PL3TPY6lWgrQmoP0FW7CPfroHKfYj8S5D8ix2%2F8S5M%2BqBrjbQGJKu5IkQTUG8CrUbgvoZidqmGoreEIltCKg%2BCUDRkayXhYnU1CsOeCFcaLRHGrUj1miJMIhRiRniEPBtB6BGE20HmdjCgEVzxG%2FxmBS9r8PmU1a7sYCgrlIqh9AwlZyiJocwZymF1X2of%2B%2BqB1L5IoiMfH%2FlGNbZ5f5fft3lfGQbuRnCy2s0O2eszxWr6zccYqINAtprtlZWGUKthh8teEnVEosJIikan2RatBJ4qkF%2Baj7xNU%2FbhXh0ZTdnb6goSvg%2Bv9yGoBl5E4GUFvllh2zzspz5VknidZxmkrZDly8hv1Xb1IXtrvrMu%2FQAlnrIjg3AVMlfhM%2Fqdoa%2Fvjq%2Fakt27akvPfr2U5ZTS9nyH13Keq2M%2FratbpXXywlk%2F%2BvG0mD3MwocbyuddbiSZvmc%2Fr5GUyp2zTij2%2BIK%2FoZLLhd9cK5wpsu7lM%2BcupJlT3pM1E3B6duk5BE3Z%2F5%2B%2FN%2F%2Bs73%2F7BchN4IoKabFgSnYCke3AZ4uatwxOL%2FIkW0ZZVGMXJ4uiJgatFjlPKvh%2F5ckiHjs%2B6%2BZU7fq76Ltl8Pw2TFph6CoMdQWuR%2FDFS%2BM8c08%2F%2BuO7mX2PRC%2BPE%2B2W7yXa6W9mIt%2BZso13Pp%2Byrt57obmngyBs8bZsxFHUabR4L2x3BG%2FEnajZbrdE0hQt5H7a%2B9Ms%2FR0AAP%2F%2FDZb%2BuLUEAAA%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Aug 2024 11:58:58 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: image/gif
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
Content-Length: 7
X-Request-ID: 6626311cc1fe5925874fb1828c2d6c67
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK impr.gif
executeabattoir.com/ 7 B
733 B 479ms
221ms Image
image/gif 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://executeabattoir.com/impr.gif?sid=H4sIAAAAAAAC%2F1xSy4tcxReunt%2F8slDEB%2B4UvbhKJHTu7fcgIpnExDAd8pqQ4EbqVtXtOU7dqkvVvX0ng4vBRMmyFyLo6s7XScZHCPoHJEiPG4kI6d1s5u%2FIUroz2OIpinO%2BU9%2BBc75TX%2B8Wh6yBgh%2Boi3abtOan2vUwOH4zij4I%2BmSKrWCr1%2Fms0zoRnM4yrW6oeI3yU%2B1mt97sBMfXPlm%2F2D8ZaNpUwXklNu2J4MyGs6k6FTV69XB2gms84Y6OSkDZo2ilVe%2B26o2oUY8aIbbcfzO%2BqMHzGuTwkL0BktNXg9e%2BAokJTPrLWeU3c5ud%2FDgtNM%2Btw1DuXTebxpYG6SJMXA2J2Ttiw%2Fpn557AmvvzmWCH%2FxBjmrKlV%2FqIzYMXrSMejqNGD7GGMojlyyiHEyg9AfEJhL0NkhchJM6vwqSPrhvKlQzWyAykTV9w%2BIwzZcf%2BdxNUTtmxOyFM%2BmTVUU5%2BI1hXWgmbpoUhwXOyxgeX%2B2ewlVSgrQloMEFW7CPfroHKfYj8S5D8ix2%2F8S5M%2BqBvjbQGJKu5IkQTUDKBViNwX0Mxu1RDkSyhyJaQyoMgFE3ZbcdcdDpRGCYibDe7Imx0I5W0RBhHKMSs4RHybAShRxBuB5nbwSaN4Irf4DcqeFmDz6esdmUHQ1mhVAylZyg5Q0kMZc5QDqv7UvuGrx5I7Ys4OvKNI9%2BsxjYf7PL7Nh8ow8DdCE5Wu9khe32mWE2%2F%2BRib6iCQ3Vav3W4K1QlXuEziaEXEKoykaK60eqIbw1MF8kvzkbdpyj7cqyOjKXtbXUHM9%2BH1PgTVwIsIvKzANypsm4eD1KdKEq%2FzLIO0FbJ8Gfmt2q4%2BZG%2FNd9anO1DiKTsyCFchcxU%2Bp98ZBvru%2BKot2b2rtvTs10tZTiltz3d4Lee5OvbTmrpVWicvnPWjH0%2BL2cMsfLiufN7nRpIZePbzKkmp3DnrhGKPL%2FgbKr5c%2BI3Vwpki618%2Bc%2B5CmjnlPVkzAadnl55D0JT9%2F%2Fl788%2F6%2FrefgtwErqiQFotOyU4gsh34bJHzlsHpBY6zGsqiGrtGvEhqYtBqgXlcwf8Lx4t47PismlO16%2B9i4JbB89swaYWhqzDUFbgewRcvjfPMPf3oj%2B9m9j1ivTyOtVu%2BF2unv5mLPGXr73wxZX29N4M%2FwNNB0AwbsteTstNuc9lWSTtqrPAkER2VtJpJEiH30%2BRPs%2FR3AAAA%2F%2F%2BZVPpRtQQAAA%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Aug 2024 11:58:59 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: image/gif
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
Content-Length: 7
X-Request-ID: ca54535697e892180fc97f6476f0f38c
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK impr.gif
executeabattoir.com/ 7 B
733 B 492ms
233ms Image
image/gif 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://executeabattoir.com/impr.gif?sid=H4sIAAAAAAAC%2F1xSzW8cxRPtdaz8pB9CBJQLAsFwS6RoPbPfFkJRnJAQeSPy4Si5QU93z7pwT%2Feoe2bHMRwsElCOe%2BACp%2FHbJOYjiuAPSITWXFAQEnvzxRIn%2Fg20GwsjqtWqetWvpKpX%2FeVOccAaKPi%2BumK3SGu%2B1K6HwanbUfRu0CdTbAabvc5Hndbp4FyWaXVLxauUL7Wb3XqzE5xa%2FWDtSv9MoGlDBZeU2LCng%2FPrzqZqKWr06uHsBDd4wh0dloCyJ9Fyq95t1RtRox41Qmy6%2F2Z8UYPnNcjhAXsNJKevBCe%2BAIkJTPrjBeU3cpudeT8tNM%2Btw1Du3jQbxpYG6VGYuBoSs3vIhvV%2FXHwGax7OZ4Id%2FkOMacoWXu4jNo9etI54OI4aPcQayiCWL6EcTqD0BMQnEPYuSF6BkLi0ApM%2BuWkoVzJYJTOQNn3B4TPOlB0%2FdhtUTtnxeyFM%2BmzFUU5%2BPVhTWgmbpoUhwXOyxgdX%2B%2BexmVSgzQloMEFW7CHfqoHKPYj8c5D8nZ269TZM%2BqhvjbQGJKu5IkQTUDKBViNwX0Mxu1RDkSygyBaQyv0gFE3ZbcdcdDpRGCYibDe7Imx0I5W0RBhHKMSs4RHybAShRxBuG5nbxgaN4Iqf4dcreFmDz6esdm0bQ1mhVAylZyg5Q0kMZc5QDquHUvuGrx5J7Ys4OvSNQ9%2BsxjYf7PCHNh8ow8DdCE5WO9kBe3WmWE2ffIoNtR%2FIbqvXbjeF6oTLXCZxtCxiFUZSNJdbPdGN4akC%2BYX5yFs0Ze%2Ft1pHRlL2priHme%2FB6D4Jq4EUEXlbg6xW2zONB6lMlidd5lkHaClm%2BiPxObUcfsDfmO1t76zMo8fzsva0%2FLz05%2BSmEq5C5Cp%2FQLwwDfX983ZbswXVbevbTh1lOKW3Nd3gj57k69v2qulNaJy9f8KPvzonZwyx8vKZ83udGkhl49sMKSancReuEYk8v%2B1sqvlr49ZXCmSLrXz1%2F8XKaOeU9WTMBpyn73%2B47EDRlJ%2F56ff5dl4KPQW4CV1RIi%2Bfs0EB2DyLbhs%2BOct4yOH2E42wBZVGNXSM%2BSmpi0OoI87iC%2FxeOj%2BKx47NqTtWOv4%2BBWwTP78KkFYauwlBX4HoEX%2Fx%2FnGfu%2Bdlfv57ZN4j14jjWbvFBrJ3%2Basr6dG%2Bu9ZT19e4MfgtP%2B0EzbMheT8pOu81lWyXtqLHMk0R0VNJqJkmE3E%2BT38zC3wEAAP%2F%2FWpGJQLcEAAA%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Aug 2024 11:58:59 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: image/gif
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
Content-Length: 7
X-Request-ID: ad6f224f646a988e71251a7aa441ac4c
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK impr.gif
executeabattoir.com/ 7 B
733 B 410ms
248ms Image
image/gif 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://executeabattoir.com/impr.gif?sid=H4sIAAAAAAAC%2F1xSy28cxRPudawcfj%2FxFDcQzDFB0WZm3xZCKE5IiLxRXo6SG%2Brp7lkX7ukedc%2FsOBYHiwSU4x44AKfxt0nMI4rgwi0RWnNBQUjZC%2FLFfwdHtBuLRVSrVfVVfyVVfdVf7BaHrIGCH6hLdpu05qfb9TA4cSuK3gv6ZIqtYKvX%2BbjTOhmcyTKtbqp4jfLT7Wa33uwEJ9Y%2BWr%2FUPxVo2lTBBSU27cng7IazqTodNXr1cHaC6zzhjo5KQNnjaKVV77bqjahRjxohttx%2FM76owfMa5PCQvQ6S01eCVz8HiQlM%2BuM55Tdzm536MC00z63DUO7dMJvGlgbpIkxcDYnZO2LD%2Bufnn8KaB%2FOZYIf%2FEGOasqWX%2BojNwxetIx6Oo0YPsYYyiOX%2FUQ4nUHoC4hMIewckL0FIXFiFSR%2FfMJQrGayRGUibvuDwGWfKjh%2B7BSqn7PjdECZ9uuooJ78RrCuthE3TwpDgOVnjgyv9s9hKKtDWBDSYICv2kW%2FXQOU%2BRP4ZSP7BTtx8ByZ92LdGWgOS1VwRogkomUCrEbivoZhdqqFIllBkS0jlQRCKpuy2Yy46nSgMExG2m10RNrqRSloijCMUYtbwCHk2gtAjCLeDzO1gk0ZwxS%2FwGxW8rMHnU1a7uoOhrFAqhtIzlJyhJIYyZyiH1QOpfcNXD6X2RRwd%2BcaRb1Zjmw92%2BQObD5Rh4G4EJ6vd7JC9NlOspt94gk11EMhuq9duN4XqhCtcJnG0ImIVRlI0V1o90Y3hqQL5pfnI2zRl7%2B%2FVkdGUvaWuIub78HofgmrgRQReVuAbFbbNo0HqUyWJ13mWQdoKWb6M%2FHZtVx%2ByN%2Bc76%2Bs9KPGMHRmEq5C5Cp%2FQrwwDfW98zZbs%2FjVbevbT5SynlLbnO7ye81wd%2F35N3S6tkxfP%2BdF3Z8TsYRY%2BWlc%2B73MjyQw8%2B2GVpFTuvHVCsScX%2FU0VXyn8xmrhTJH1r5w9fzHNnPKerJmA0%2FPLf0HQlL3858%2Fzz%2FruV1sgN4ErKqTFolOyE4hsBz5b5LxlcHqB4%2BwYyqIau0a8SGpi0GqBeVzB%2FwvHi3js%2BKyaU7Xr72HglsHzOzBphaGrMNQVuB7BF%2F8b55l79sFvX8%2FsG8R6eRxrt3w%2F1k5%2FOWV9ujtl629%2FOpd7Br%2BFp4OgGTZkrydlp93msq2SdtRY4UkiOippNZMkQu6nye9m6e8AAAD%2F%2F5E6U5C1BAAA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Aug 2024 11:58:59 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: image/gif
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
Content-Length: 7
X-Request-ID: 0ce3d40a21f44fc64e42e75b087c2e64
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK impr.gif
executeabattoir.com/ 7 B
733 B 168ms
113ms Image
image/gif 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://executeabattoir.com/impr.gif?sid=H4sIAAAAAAAC%2F1xSzYscxRuu2d%2F%2BclDED7wp2nhKJEy653sRkWxiYtgJ%2BdqQ3KS6qnr2daurmqru6c2isJgoOc5BBD31PpNk%2FQhB%2F4AEmfUiESFz28v%2BHTnKTBZHfIvi%2Fajnhed93vp6tzhkDRT8QF2026Q1P9Wuh8Hxm1H0QdAnU2wFW73Op53WieB0lml1Q8VrlJ9qN7v1Zic4vvbJ%2BsX%2ByUDTpgrOK7FpTwRnNpxN1amo0auHsxNc4wl3dNQCyh5FK616t1VvRI161Aix5f5b8UUNntcgh4fsDZCcvhq89hVITGDSX84qv5nb7OTHaaF5bh2Gcu%2B62TS2NEgXYeJqSMzeERrWPzv3BNbcn88EO%2FwHGNOULb3SR2wevKCOeDiOGj3EGsogli%2BjHE6g9ATEJxD2NkhehJA4vwqTPrpuKFcyWCMzkDZ9geEzzJQd%2B99NUDllx%2B6EMOmTVUc5%2BY1gXWklbJoWhgTPyRofXO6fwVZSgbYmoMEEWbGPfLsGKvch8i9B8i92%2FMa7MOmDvjXSGpCs5ooQTUDJBFqNwH0NxexSDUWyhCJbQioPglA0Zbcdc9HpRGGYiLDd7Iqw0Y1U0hJhHKEQM8Ij5NkIQo8g3A4yt4NNGsEVv8FvVPCyBp9PWe3KDoayQqkYSs9QcoaSGMqcoRxW96X2DV89kNoXcXTkG0e%2BWY1tPtjl920%2BUIaBuxGcrHazQ%2Fb6TLGafvMxNtVBILutXrvdFKoTrnCZxNGKiFUYSdFcafVEN4anCuSX5iNv05R9uFdHRlP2trqCmO%2FD630IqoEXEXhZgW9U2DYPB6lPlSRe51kGaStk%2BTLyW7Vdfcjemu%2BsTz9AiafsyCBchcxV%2BIx%2BZxjou%2BOrtmT3rtrSs18vZTmltD3f4bWc5%2BrYT2vqVmmdvHDWj348LWYPs%2FDhuvJ5nxtJZuDZz6skpXLnrBOKPb7gb6j4cuE3Vgtniqx%2F%2Bcy5C2nmlPdkzQScnl16DkFT9v%2Fn780%2F6%2FvffgFyE7iiQlosmJKdQGQ78Nmi5i2D04s8zpZRFtXYNeJFURODVoucxxX8v%2FJ4EY8dn3Vzqnb9XQzcMnh%2BGyatMHQVhroC1yP44qVxnrmnH%2F3x3cy%2BR6yXx7F2y%2Fdi7fQ3M5HvTNn6O59PWV%2FvvdDc00HQDBuy15Oy025z2VZJO2qs8CQRHZW0mkkSIffT5E%2Bz9HcAAAD%2F%2F0miPlq1BAAA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Referer: https://support.powershelltech.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Aug 2024 11:58:58 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: image/gif
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
Content-Length: 7
X-Request-ID: f77f1bc465c3a4c9be372ee3727a632a
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240821&jk=1781721758414579&bg=!PzylPHPNAAag2_gngNs7ADQBe5WfOO2wOsAWwUsFUIvX0q-SnRZCQYdW9nfBZoRYlR5Q2VuDkUK9fExvdd_8GXj3LRxNAgAAAFRSAAAABWgBB34ANqF2l8FK1o_eeWy1XIS1MoKpF0IektjBKr-qqowmfIKsumpNF9-_d6f1hEwU26kVW2AcMM7X7QoAFRmYuZ6GLdEmFoZjNQru4b7l3ixJWZkC3WGXeGqdlx4RKiL9hg7m43qZe0q2yooLBZvmpVHIMLgOu0MyHXDrwB6-65WuxlW2T6Nj8IciFacrkPO_xeYcTYV7g3lwzwQ4b7XXtxHmu8_OefewgXLfJ2xYx46hYl-e_tj-JOHIYf9Y_syowcQT6s0b9KPEj_wPa-C8a8xiNurV1cL8O65urLsEU69dWiwbQS7JgUletX_exV946x_aSvjGS_IFD6cXuR7DfeGRV2cnBXy1EsjEkivNnhy0gAj_10zZiRRex5fj6e1XXmysnC78WZqaRif2riF-QyTRYKiyQuNZrd_t1Bp3ZTUKVhV6Vx-4oBq3S2YDZwIkfpktPm9-8AenEjHuUk9muYKoGxz4DiaZnTiKqavFWNKGNM-Q2CM-tbWow9iogjv63-8o5T6qicqQ-sJJ27kkVauxHEQD_qX_XtHAmCjnbJkpmdPIwp0xmoUtwk-wwbTYdSxX4A6y0WmKU3PyEodPtuhlRZ6wYGBfnQB1tSpNzIiuNWwK653gpZKDoyCUmS2n3si2w39AHfu0Hr_aNR-KjOK5HAKbhuGZf3oeXNc5nX1HFNTOadd-5mFaXNkz8fre4EL6I84GissnQqJTHaY_fK6ENjv5z_47xi6VbKh3sSRbtdX_N9y9vAze2NZHaIaIeABOCY2r9wIaMs0OuF3Z3TMFqoCV9eg-iTQSuy4jsBh_NyJkYIPO2L4R1oAeLddspPmdW1ONLn-6NVN_-nTBw5OWA_VK5epmqnOowsg2Ew6egm23HdhXgCutgkdINRr0oAFVeFb9Rn3EDR29jM0sm35xMs8K1NyMgZmoDmVt_81q2MI0QM-pl6z0-01Z9ZrgGQ8tNdaP2xSw64f3UMb_CEmtWcvy5xc7B_G1e0TwwWpKaxFEubO156d_NEZZmj8M8xXSK5ucR6OXrOKVr6Z7M_-o4l_a6pwxjUBEZSA_nZFYJ5why-M0XkABHDjwxOBswoI

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
proftrafficcounter.com/	1970-01-21 08:40:33	Name: uid_id2 Value: 49c69470-f0b2-42f3-8264-1dcc2dee1703:3:1
support.powershelltech.com/	1970-01-20 23:14:38	Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c Value: 49c69470-f0b2-42f3-8264-1dcc2dee1703%3A3%3A1
executeabattoir.com/	1970-01-20 23:05:59	Name: u_pl Value: 23860413
executeabattoir.com/	1970-01-20 23:05:59	Name: pdhtkv Value: true
executeabattoir.com/	1970-01-20 23:05:59	Name: uncs Value: 1
executeabattoir.com/	1970-01-20 23:05:59	Name: pdhtkv49 Value: true
executeabattoir.com/	1970-01-20 23:05:59	Name: uncs49 Value: 1
executeabattoir.com/	1970-01-20 23:04:33	Name: nlecd748553ce609adfb19cbe01dc3948c7b Value: [5512828]
support.powershelltech.com/	1970-01-20 23:04:33	Name: m5a4xojbcp2nx3gptmm633qal3gzmadn Value: executeabattoir.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cloudimagesb.com
data.ch3n.cc
ep1.adtrafficquality.google
ep2.adtrafficquality.google
executeabattoir.com
fonts.googleapis.com
fonts.gstatic.com
invidget.switchblade.xyz
ka-f.fontawesome.com
pagead2.googlesyndication.com
proftrafficcounter.com
support.powershelltech.com
tpc.googlesyndication.com
www.cutercounter.com
pagead2.googlesyndication.com
15.204.232.110
192.243.59.13
2606:4700:20::681a:41d
2606:4700:3030::ac43:8b77
2606:4700:3032::ac43:abcb
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2001
2a00:1450:4001:827::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
35.158.70.220
45.133.44.9
47.89.219.37
01a908ab006d4f1a0915250051804e689793f253c60005d9e6f4581552c5008a
0e81443469aa4b967191ce19b7474eb223746a2b8d5dc42d3786da84d99dfad9
1350e9b0ba21b4e5e71a49e7937bd399e2ce0db1cdf8249d4d728f5734633ffd
158d6fdd99970f5ded84d8f8d9a6f735cbf6be1eb4cf4fc30e826768eb9affa7
236e285339a2a692e9491d356489cdf83513cfb1add049a0620123d644e47554
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
279a6ea5548a4547f02ae626de054d228e3b80cf01469e0060c110db3cc5489b
39d7c7ac65d9e4421322a5ab7e0cd2fcead337da3c66749c65aa7f4bab785dad
46bf05e4101596386341b4c193ba9ef1ae1fb40dd26b87c10799e941d9425d2b
5e0821588462d15b0ff8e911760fc041332c162e2e30ab4b1071bcc8eb6c8223
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66c0a42308dfaebf3623cad0be75bb06c49342f2aeba6cfdcdc25392ee101d23
6c58c4804370b9c347d517491c450416ca371fb1403aceaa1d6f751403b07c48
71b577955176e41307be2f3174415b0a09c2c6e1cc710131d99828e7a89309d3
75cd0f408875c6a05c8594694d6a674a40778823bcc96869e0ae9c159d3927ee
7c8123fc03d47ce50bc27ca79f0a91e32c2bbf1d1648372b9caae2f0b5bb2c3e
80be7a282bb6a703f7b839fded28a2c68dca8adf9d3ec530f1b8bb38460c375e
87d572ee363b8a7fa5de0bd76f1844d1e52ff54adfcac183120b37137e86fc58
8a81b760125f6c53f494018222a7f9c2b3909b2899f91e2812590e22815c04f8
8fee3233781c1cef6ca718f2edc0a86a6064b0885cbcb1e29862e26ad49ff99d
9a10fffaa31b91beb37d838595b2b577a89d7565e8739b9daab92c41bc57146d
a3ee91b5709a007d7f26b30f9481e89b2c4322bc8d22219f4903e51f5dafa7b1
a86338081e5ba630b64ba27e36e0052908885e5af6adace25b468880e4d58c8d
b040359a4b6c767702bc88b843dc9fcf4749c40ab7d26eb6130ffc820d92b1cb
c022ad0172c4e1509cdbcbd659b3842c0e0cd62cf201c1aa0a7cfd7cacb2b71a
c1c567e3cc6aeb229ffff4bc6f1cbb4c39cb995f1a7404ba28b1a1760fb3bc24
c3234cfbbb5246b4e59b0709eb239d0833d712fd4bc8f889d4697c7ca81f3d40
c497f0c0f5e5ba7019b52771d35b6e2e8dab554c2ed0409083cf00d35036fb93
c9a3d179bfed32846024ccba2747d360ea292c74ee721f1924feb2bc4d6844f0
d3e9a900f61c6811de529e4227226b898ce88b65a66347d0088a2da3af5e60b5
dd05e326cf8eac3b55acecf29c842ed73e6e6dd06491cf47f7e8800680ab3e33
e316368629d77dc310250a03185c68e58a2abe54c6517f04fd9fd258a4355257
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

support.powershelltech.com Open in urlscan Pro 15.204.232.110 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

46 Requests

98 %HTTPS

64 %IPv6

12 Domains

14 Subdomains

15 IPs

2 Countries

736 kBTransfer

1223 kBSize

9 Cookies

2 Outgoing links

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

support.powershelltech.com Open in urlscan Pro
15.204.232.110 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

98 %
HTTPS

64 %
IPv6

12
Domains

14
Subdomains

15
IPs

2
Countries

736 kB
Transfer

1223 kB
Size

9
Cookies

46 HTTP transactions
0 data transactions