138.68.180.92 Open in urlscan Pro
138.68.180.92 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://138.68.180.92/dota3.tar.gz
Effective URL:
https://138.68.180.92/dota3.tar.gz
Submission: On November 14 via api (November 14th 2024, 7:36:00 am UTC) from RU — Scanned from GB

Summary HTTP 113 Redirects Behaviour Indicators

Summary

This website contacted 39 IPs in 5 countries across 25 domains to perform 113 HTTP transactions. The main IP is 138.68.180.92, located in Slough, United Kingdom and belongs to . The main domain is 138.68.180.92.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 21st 2024. Valid for: a year.

This is the only time 138.68.180.92 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	138.68.180.92 138.68.180.92	() ()
1 2	2606:4700::68... 2606:4700::6811:f9cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
4	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.230.228.28 54.230.228.28	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
5	216.58.212.132 216.58.212.132	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bce4	() ()
1	2606:4700:440... 2606:4700:4400::ac40:9251	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
1	104.75.90.86 104.75.90.86	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
1	2600:9000:237... 2600:9000:237d:dc00:1e:b6b6:9ac0:93a1	() ()
3	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
1	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
1	172.217.16.202 172.217.16.202	15169 (GOOGLE) (GOOGLE)
4	142.250.184.232 142.250.184.232	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:10::210:a99	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.53.43.59 23.53.43.59	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6812:80d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:b0c0:1:e... 2a03:b0c0:1:e0::2c8:7001	() ()
1	65.9.66.16 65.9.66.16	() ()
1	54.187.119.242 54.187.119.242	() ()
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6811:1fae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
2	157.240.251.35 157.240.251.35	32934 (FACEBOOK) (FACEBOOK)
11	104.18.189.228 104.18.189.228	() ()
2	142.250.186.106 142.250.186.106	() ()
113	39

34 138.68.180.92 (Slough, United Kingdom)

ASN- ()

138.68.180.92	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f9cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.228.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-28.muc50.r.cloudfront.net

script.tapfiliate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.212.132 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bce4 (United States)

ASN- ()

leadbooster-chat.pipedrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9251 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.calendly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.133 (San Francisco, United States)

ASN54113 (FASTLY, US)

static.filestackapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.90.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-90-86.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.128.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

checkout.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:dc00:1e:b6b6:9ac0:93a1 (United States)

ASN- ()

cdn.firstpromoter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f10.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:10::210:a99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.53.43.59 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-43-59.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:80d8 (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:b0c0:1:e0::2c8:7001 (Slough, United Kingdom)

ASN- ()

v2.clickguardian.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.16 (United States)

ASN- ()
PTR: server-65-9-66-16.fra56.r.cloudfront.net

checkout.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.187.119.242 (Boardman, United States)

ASN- ()
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:1fae (United States)

ASN13335 (CLOUDFLARENET, US)

prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.251.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.189.228 (None, )

ASN- ()

leadbooster-chat.pipedrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.106 (None, )

ASN- ()

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	pipedrive.com leadbooster-chat.pipedrive.com — Cisco Umbrella Rank: 127765	285 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	709 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 55 maps.googleapis.com — Cisco Umbrella Rank: 502	237 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 52 td.doubleclick.net — Cisco Umbrella Rank: 231 stats.g.doubleclick.net — Cisco Umbrella Rank: 171	5 KB
6	google.com www.google.com — Cisco Umbrella Rank: 4 region1.analytics.google.com — Cisco Umbrella Rank: 3604	1 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 404 px4.ads.linkedin.com — Cisco Umbrella Rank: 6892	2 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	238 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 275	36 KB
3	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 4200	191 B
3	stripe.com checkout.stripe.com — Cisco Umbrella Rank: 22246 q.stripe.com — Cisco Umbrella Rank: 11857	22 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	217 B
2	clickguardian.app v2.clickguardian.app — Cisco Umbrella Rank: 140517	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 208	73 KB
2	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 10310 prism.app-us1.com — Cisco Umbrella Rank: 10319	8 KB
2	livechatinc.com cdn.livechatinc.com — Cisco Umbrella Rank: 5903 api.livechatinc.com — Cisco Umbrella Rank: 5543	29 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 65	22 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3697	45 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 850	393 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1142	14 KB
1	firstpromoter.com cdn.firstpromoter.com — Cisco Umbrella Rank: 39037	2 KB
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 5712
1	filestackapi.com static.filestackapi.com — Cisco Umbrella Rank: 27694	46 KB
1	calendly.com assets.calendly.com — Cisco Umbrella Rank: 16308	1 KB
1	tapfiliate.com script.tapfiliate.com — Cisco Umbrella Rank: 42993	4 KB
0	hs-scripts.com Failed js.hs-scripts.com Failed
113	25

	Domain	Requested by
12	leadbooster-chat.pipedrive.com	138.68.180.92 leadbooster-chat.pipedrive.com
9	www.googletagmanager.com	138.68.180.92 www.googletagmanager.com
5	www.google.com	138.68.180.92 www.googletagmanager.com www.gstatic.com
4	maps.googleapis.com	138.68.180.92 maps.googleapis.com
4	cdnjs.cloudflare.com	138.68.180.92 v2.clickguardian.app
3	www.google.co.uk	138.68.180.92
3	px.ads.linkedin.com	1 redirects snap.licdn.com
3	td.doubleclick.net	www.googletagmanager.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	138.68.180.92
2	www.facebook.com	138.68.180.92
2	v2.clickguardian.app	138.68.180.92 v2.clickguardian.app
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	connect.facebook.net	138.68.180.92 connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	checkout.stripe.com	138.68.180.92 checkout.stripe.com
2	stackpath.bootstrapcdn.com	138.68.180.92
2	unpkg.com	1 redirects 138.68.180.92
1	api.livechatinc.com	cdn.livechatinc.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	px4.ads.linkedin.com	138.68.180.92
1	q.stripe.com	138.68.180.92
1	diffuser-cdn.app-us1.com	138.68.180.92
1	cdn.livechatinc.com	138.68.180.92
1	snap.licdn.com	138.68.180.92
1	www.gstatic.com	www.google.com
1	cdn.firstpromoter.com	138.68.180.92
1	s7.addthis.com	138.68.180.92
1	static.filestackapi.com	138.68.180.92
1	assets.calendly.com	138.68.180.92
1	script.tapfiliate.com	138.68.180.92
0	js.hs-scripts.com Failed	138.68.180.92
113	34

This site contains no links.

Subject Issuer	Validity	Valid
virtualnonexecs.com Go Daddy Secure Certificate Authority - G2	`2024-02-21` - `2025-03-24`	a year	crt.sh
bootstrapcdn.com WE1	`2024-09-20` - `2024-12-19`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
backend.tapfiliate.com Amazon RSA 2048 M03	`2024-09-04` - `2025-10-04`	a year	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
pipedrive.com WE1	`2024-10-21` - `2025-01-19`	3 months	crt.sh
calendly.com WE1	`2024-10-25` - `2025-01-23`	3 months	crt.sh
*.filestackapi.com R10	`2024-09-28` - `2024-12-27`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-09` - `2024-12-11`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-10-30` - `2025-02-06`	3 months	crt.sh
*.firstpromoter.com Amazon RSA 2048 M03	`2024-10-20` - `2025-11-17`	a year	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
livechat.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-10` - `2025-07-10`	a year	crt.sh
diffuser-cdn.app-us1.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-23` - `2024-11-21`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
v2.clickguardian.app Sectigo RSA Domain Validation Secure Server CA	`2023-10-24` - `2024-11-23`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2024-11-11` - `2025-02-27`	4 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-10-14` - `2025-04-14`	6 months	crt.sh
prism.app-us1.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
*.google.co.uk WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://138.68.180.92/dota3.tar.gz
Frame ID: F13CA19874B1576089964EDABA83C9EF
Requests: 97 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/10944529345?random=1731569745999&cv=11&fst=1731569745999&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bc0v897752028za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2F138.68.180.92%2Fdota3.tar.gz&hn=www.googleadservices.com&frm=0&tiba=VirtualNonExecs%20-%20TAKE%20YOUR%20NON-EXEC%20CAREER%20FURTHER&npa=0&pscdl=noapi&auid=268112828.1731569746&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 470F71BD6475A52B2B077598991B7C3A
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/723917424?random=1731569746030&cv=11&fst=1731569746030&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bc0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067554~102067807~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2F138.68.180.92%2Fdota3.tar.gz&hn=www.googleadservices.com&frm=0&tiba=VirtualNonExecs%20-%20TAKE%20YOUR%20NON-EXEC%20CAREER%20FURTHER&npa=0&pscdl=noapi&auid=268112828.1731569746&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 04460E65E710C8DAE7DF5A8DFF8853C1
Requests: 1 HTTP requests in this frame

Frame: https://checkout.stripe.com/v3/82u6Z5A5MLNC2LtLYKXrWQ.html?distinct_id=c3852810-3c2f-af2b-bfac-4c38e9ae855c
Frame ID: E3BA5DEAAA031067A0D59FAD44CE54AF
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2F138.68.180.92
Frame ID: 0CD994B9503D55A47221A24142FC3254
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-4SQ4LF65VB&gacid=159349648.1731569746&gtm=45je4bc0v9121303471za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067554~102077855&z=341301171
Frame ID: B00D6001E4E89C1CDFD600E6DD72B91A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfxDLEUAAAAAN9yU--N_4-0QlEQWGP1c1oMwa3w&co=aHR0cHM6Ly8xMzguNjguMTgwLjkyOjQ0Mw..&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=u71d28r9aaz6
Frame ID: AC0D96F2B1B69CAD611E1ECB48B6222F
Requests: 1 HTTP requests in this frame

Frame: https://leadbooster-chat.pipedrive.com/assets/main.js?version=a9522a5_11820056070
Frame ID: 165653764F4A617EC004F7E87B716BD9
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

VirtualNonExecs - TAKE YOUR NON-EXEC CAREER FURTHER

Page URL History Show full URLs

http://138.68.180.92/dota3.tar.gz HTTP 307
https://138.68.180.92/dota3.tar.gz Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

AddThis (Widgets) Expand

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

FingerprintJS (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

fingerprint(\d)?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

113
Requests

67 %
HTTPS

42 %
IPv6

25
Domains

34
Subdomains

39
IPs

5
Countries

2658 kB
Transfer

9677 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://138.68.180.92/dota3.tar.gz HTTP 307
https://138.68.180.92/dota3.tar.gz Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://unpkg.com/tailwindcss@%5E2/dist/tailwind.min.css HTTP 302
https://unpkg.com/tailwindcss@2.2.19/dist/tailwind.min.css

Request Chain 80

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3021761&time=1731569746263&url=https%3A%2F%2F138.68.180.92%2Fdota3.tar.gz HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3021761&time=1731569746263&url=https%3A%2F%2F138.68.180.92%2Fdota3.tar.gz&e_ipv6=AQLkYCfLkkaWDAAAAZMpmYKV_sNAfBbDOF1H23CkhDREOQOG_b8KMe1UfOioYFaUs8duK9Q

113 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

404
Not Found

Primary Request dota3.tar.gz Show response
138.68.180.92/
Redirect Chain

http://138.68.180.92/dota3.tar.gz
https://138.68.180.92/dota3.tar.gz

79 KB
20 KB

138ms
79ms

Document
text/html

138.68.180.92

General

Check archive.org

Show headers Download Go to

Full URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 91be5bf99536ef0317a3845a6282f70c8176b52294c433a6d902411ef5047248

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 14 Nov 2024 07:35:45 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

Redirect headers

Location: https://138.68.180.92/dota3.tar.gz
Non-Authoritative-Reason: HttpsUpgrades

GET
H2

200

tailwind.min.css
unpkg.com/tailwindcss@2.2.19/dist/
Redirect Chain

https://unpkg.com/tailwindcss@%5E2/dist/tailwind.min.css
https://unpkg.com/tailwindcss@2.2.19/dist/tailwind.min.css

3 MB
393 KB

37ms
37ms

Stylesheet
text/css

2606:4700::6811:f9cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/tailwindcss@2.2.19/dist/tailwind.min.css

Requested by

Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz

Protocol

Server

2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6ad97402eddb903e7a5d7a73ee47a679204efbdda4521a391cbad9df509b932

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "2cc503-cyTPK4s7rX9aC3Y3NNaHIxjV1fQ"
age: 614922
x-content-type-options: nosniff
date: Thu, 14 Nov 2024 07:35:45 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JC2F51NS1J58RS98ZWWM33GW-lhr
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8e25539cbf0688b5-LHR
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /tailwindcss@2.2.19/dist/tailwind.min.css
content-encoding: br
cf-cache-status: HIT
age: 158
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8e25539c6ecb88b5-LHR
access-control-allow-origin: *
date: Thu, 14 Nov 2024 07:35:45 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JCMSE3JEG1TAZXGY3BCZH6KM-lhr
server: cloudflare

GET
H3 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/ 156 KB
28 KB 104ms
66ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css

Requested by

Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://138.68.180.92
Referer: https://138.68.180.92/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: MISS
etag: W/"7cc40c199d128af6b01e74a28c5900b0"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 07:35:45 GMT
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 03/18/2024 12:50:34
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: dd0d84b258fcc12bdd399556eb1c3726
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8e25539c3e9793f8-LHR
access-control-allow-origin: *
cdn-edgestorageid: 874
server: cloudflare
cdn-requestcountrycode: DE

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
80 KB 144ms
61ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-143439240-1

Requested by

Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

93a27ec1146fd276bd0aad6e767f1c069d820b5606cbac8ae3ba69f54608b3b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 14 Nov 2024 07:35:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 07:35:45 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 81305
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK jquery.js Show response
138.68.180.92/js/homepage/ 276 KB
80 KB 41ms
37ms Script
application/javascript 138.68.180.92

General

Check archive.org

Show headers Download Go to

Full URL: https://138.68.180.92/js/homepage/jquery.js
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8a051cd343d7193d5804bd7f29fed0632f5f3e52ea64a7041ab0aa0f3dc41432

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: "44e03-60816bc23b0d8-gzip"
Connection: keep-alive
Accept-Ranges: bytes
Date: Thu, 14 Nov 2024 07:35:45 GMT
Content-Type: application/javascript
Last-Modified: Thu, 19 Oct 2023 19:26:39 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H3 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.0/ 24 KB
7 KB 86ms
48ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.0/jquery.validate.min.js

Requested by

Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec2-5f30"
age: 44969
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OTZ9sTXKZT09env%2F7O8mReGG6HRe8jXhCaa1vkgbPCbgXGtB%2B9WwbeSXCrkwUXqtcfTsPmYJSylocZOeO1VO63MHdkDJDkhD2ASkXdZQdxTuVcWKkf2JXtR9MoFDEcXN3Sf8wRF5"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 04 Nov 2025 07:35:45 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 07:35:45 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e25539c4cea6550-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6955
server: cloudflare

GET
H/1.1 200
OK aos.js Show response
138.68.180.92/js/homepage/ 18 KB
6 KB 73ms
24ms Script
application/javascript 138.68.180.92

General

Check archive.org

Show headers Download Go to

Full URL: https://138.68.180.92/js/homepage/aos.js
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 65fb32d698f81db6f5404785a68784bf138a02787c400552a3628471c1f2c301

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

Content-Encoding: gzip
ETag: "48ce-60816bc23b0d8-gzip"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5533
Date: Thu, 14 Nov 2024 07:35:45 GMT
Content-Type: application/javascript
Last-Modified: Thu, 19 Oct 2023 19:26:39 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK custom.js Show response
138.68.180.92/js/homepage/ 25 KB
4 KB 72ms
23ms Script
application/javascript 138.68.180.92

General

Check archive.org

Show headers Download Go to

Full URL: https://138.68.180.92/js/homepage/custom.js?cachefix=1
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e43acd851ecab7af83dc0e2d72eb34bfecf8016239bdcb9f89da6c817ed35531

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

Content-Encoding: gzip
ETag: "637f-61ce57042e51d-gzip"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3500
Date: Thu, 14 Nov 2024 07:35:45 GMT
Content-Type: application/javascript
Last-Modified: Wed, 10 Jul 2024 14:26:56 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 tapfiliate.js Show response
script.tapfiliate.com/ 12 KB
4 KB 143ms
46ms Script
application/javascript 54.230.228.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://script.tapfiliate.com/tapfiliate.js
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-28.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1dfa83a1b50579ad4ecf77af193b842488d0c7d9baaed86c82b7bc6ed2b0edc6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

x-amz-cf-pop: MUC50-P5
content-encoding: gzip
etag: W/"98d84239c39bec9e67b3abaf76a6e500"
age: 18957
via: 1.1 00fe48bc72383ac135425bf0b3409486.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: jtzAcYWAgrRN6YPcwQoskaXv8yV13fmxpWJAz4JWK3QqT1vhmUg86w==
date: Thu, 14 Nov 2024 06:42:43 GMT
content-type: application/javascript
vary: accept-encoding, Origin
server: AmazonS3
last-modified: Thu, 03 Oct 2024 07:12:49 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
92 KB 206ms
126ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10944529345

Requested by

Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a12aa3130137548d71f7e0c6c2ebe34cee37479220a9f28fec66dd7e3815928

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 14 Nov 2024 07:35:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 07:35:45 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 14 Nov 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 94335
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
881 B 128ms
47ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@300;800&display=swap

Requested by

Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cef1db766189a35903b34a927afed955b46ea9eff2cbd2eb08a1d7539e65b89b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 14 Nov 2024 07:35:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 07:35:45 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 14 Nov 2024 07:35:45 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.7/css/ 15 KB
2 KB 101ms
65ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.7/css/select2.min.css

Requested by

Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31e49ff119a0ddbe6a2c59628e7a7193a97e20992247dd7ffd818f0ab0a6a205

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03fcb-3b4c"
age: 185450
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oNrgYTL7%2FXyPS9Gic6cfA%2B%2BF5y71DFdnDq%2BFNH2UhsaCAKZifgEzYM44d7Ttm8%2BbXsVWIz%2FgdPpidswA%2Bq8hCru36PcmjuZFYE2D36LAvU4W5Yr2KZV5E6i3huIj7QH0Vv%2BqN0%2Bh"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 04 Nov 2025 07:35:45 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 07:35:45 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:16:11 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e25539c4ce76550-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1641
server: cloudflare

GET
H/1.1 200
OK datepicker.css
138.68.180.92/stylesheets/ 16 KB
2 KB 69ms
23ms Stylesheet
text/css 138.68.180.92

General

Check archive.org

Show headers Download Go to

Full URL: https://138.68.180.92/stylesheets/datepicker.css
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8ceec3ddf22c02afa307c5eddcd239bc17f7938b6fb47c33a7c2122d01b85165

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

Content-Encoding: gzip
ETag: "4044-5d219fcfa1d69-gzip"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2223
Date: Thu, 14 Nov 2024 07:35:45 GMT
Content-Type: text/css
Last-Modified: Wed, 01 Dec 2021 18:39:03 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK screen.css
138.68.180.92/stylesheets/ 310 KB
32 KB 98ms
51ms Stylesheet
text/css 138.68.180.92

General

Check archive.org

Show headers Download Go to

Full URL: https://138.68.180.92/stylesheets/screen.css
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5dff4ea3d2cfe3a8bd35c4a70ca732db605b9ea1438d63fa5a6c9bee57beb1d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

Content-Encoding: gzip
ETag: "4d72e-5d484fa485a58-gzip"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32880
Date: Thu, 14 Nov 2024 07:35:45 GMT
Content-Type: text/css
Last-Modified: Sat, 01 Jan 2022 13:08:03 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 246 KB
88 KB 219ms
149ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-723917424

Requested by

Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a68c0f6f8c3c9092486e0c8d3560c82b816dd51e42ca68bba9ddf30f06b40cd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 14 Nov 2024 07:35:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 07:35:45 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 14 Nov 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 90244
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
990 B 122ms
53ms Script
text/javascript 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Requested by

Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f4.1e100.net

Software

ESF /

Resource Hash

99ee0d0d184a21926f941bafc1808f3e6465bfd681b2e22ef9465c6840857ded

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Thu, 14 Nov 2024 07:35:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Thu, 14 Nov 2024 07:35:45 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 loader.js Show response
leadbooster-chat.pipedrive.com/assets/ 32 KB
14 KB 177ms
114ms Script
application/javascript 2606:4700::6812:bce4

General

Check archive.org

Show headers Download Go to

Full URL

https://leadbooster-chat.pipedrive.com/assets/loader.js

Requested by

Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bce4 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

cb368b8f207b2c6f042e5b7b9ff88ffcb299035fece18c2f2a5ef04bd10eac69

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

access-control-expose-headers: X-RateLimit-Remaining, X-RateLimit-Limit, X-RateLimit-Reset
content-encoding: gzip
cf-cache-status: MISS
x-correlation-id: 00aac6f4-a649-476a-82e7-46c628359f4e
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 07:35:45 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 13 Nov 2024 12:28:06 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cache-control: public, max-age=0
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
referrer-policy: no-referrer
x-download-options: noopen
cf-ray: 8e25539edd6a491c-LHR
access-control-allow-origin: *
x-xss-protection: 0, 1; mode=block
origin-agent-cluster: ?1
badi: Routing: lon-2=>lon-2; Version: 1d6b; Host: 7dbb898c5-cnz5m;
server: cloudflare

GET
H/1.1 200
OK showNav.svg
138.68.180.92/images/ 1 KB
1 KB 72ms
23ms Image
image/svg+xml 138.68.180.92

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://138.68.180.92/images/showNav.svg
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e1e00b8922063f30abea75ef026a36c9ce92752992dd1583af0342a6f460b186

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

ETag: "457-5d219fcf579e1"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1111
Date: Thu, 14 Nov 2024 07:35:45 GMT
Content-Type: image/svg+xml
Last-Modified: Wed, 01 Dec 2021 18:39:03 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK aos.css
138.68.180.92/css/homepage/ 49 KB
4 KB 25ms
24ms Stylesheet
text/css 138.68.180.92

General

Check archive.org

Show headers Download Go to

Full URL: https://138.68.180.92/css/homepage/aos.css
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6fef4d16009dd3157897c77a8a193e6c6b6d9f28ff7ea85cdc887a3d5dc78cf7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

Content-Encoding: gzip
ETag: "c5e0-60816bc221a97-gzip"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3521
Date: Thu, 14 Nov 2024 07:35:45 GMT
Content-Type: text/css
Last-Modified: Thu, 19 Oct 2023 19:26:38 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK slick.css
138.68.180.92/css/homepage/ 2 KB
880 B 24ms
23ms Stylesheet
text/css 138.68.180.92

General

Check archive.org

Show headers Download Go to

Full URL: https://138.68.180.92/css/homepage/slick.css
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

Content-Encoding: gzip
ETag: "767-60816bc221a97-gzip"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 577
Date: Thu, 14 Nov 2024 07:35:45 GMT
Content-Type: text/css
Last-Modified: Thu, 19 Oct 2023 19:26:38 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK style.css
138.68.180.92/css/homepage/ 69 KB
10 KB 26ms
26ms Stylesheet
text/css 138.68.180.92

General

Check archive.org

Show headers Download Go to

Full URL: https://138.68.180.92/css/homepage/style.css?cachefix=1720621616
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9b4ef69043190128f5b7bbdd7fb5b312c3adf115a198a2a02cc37596dc3b185e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

Content-Encoding: gzip
ETag: "11471-614844fade3f1-gzip"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9927
Date: Thu, 14 Nov 2024 07:35:45 GMT
Content-Type: text/css
Last-Modified: Mon, 25 Mar 2024 23:12:45 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK responsive.css
138.68.180.92/css/homepage/ 31 KB
4 KB 24ms
24ms Stylesheet
text/css 138.68.180.92

General

Check archive.org

Show headers Download Go to

Full URL: https://138.68.180.92/css/homepage/responsive.css?cachefix=1720621616
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f637fb2c8c92787b9df28efbc50f590a3876195c593e8aed7b2cd56456a53ea2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

Content-Encoding: gzip
ETag: "7b65-60c4dffbf6cb9-gzip"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3618
Date: Thu, 14 Nov 2024 07:35:45 GMT
Content-Type: text/css
Last-Modified: Tue, 12 Dec 2023 11:03:23 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 widget.css
assets.calendly.com/assets/external/ 3 KB
1 KB 221ms
153ms Stylesheet
text/css 2606:4700:4400::ac40:9251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.calendly.com/assets/external/widget.css

Requested by

Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9251 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a3195b22bc399b5e8e5ec8f9f9efe01669a314d20b1016ee65d32baadf079bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=300
content-encoding: br
cf-cache-status: HIT
etag: W/"37862f74b0570347dff098154957ac17"
age: 232
x-content-type-options: nosniff
cf-ray: 8e25539d3ebe6533-LHR
expires: Fri, 15 Nov 2024 07:35:45 GMT
date: Thu, 14 Nov 2024 07:35:45 GMT
content-type: text/css
last-modified: Mon, 11 Nov 2024 22:29:03 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK app.css
138.68.180.92/css/ 98 KB
18 KB 47ms
47ms Stylesheet
text/css 138.68.180.92

General

Check archive.org

Show headers Download Go to

Full URL: https://138.68.180.92/css/app.css?id=1c54ead59b52e7d1835d
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ddf4a721040f8bbf2a8364342b6f0d2c8f747122108ce7f71ff27a5835fe1aae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

Content-Encoding: gzip
ETag: "18760-626cca93dd152-gzip"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18146
Date: Thu, 14 Nov 2024 07:35:45 GMT
Content-Type: text/css
Last-Modified: Wed, 13 Nov 2024 15:05:14 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK close.svg
138.68.180.92/images/ 957 B
1 KB 23ms
22ms Image
image/svg+xml 138.68.180.92

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://138.68.180.92/images/close.svg
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 176d3cc5acf97cbf61f221ac467577b10fdd75567a7c98f05f47743bf76c5970

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

ETag: "3bd-5d219fcf2e99d"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 957
Date: Thu, 14 Nov 2024 07:35:45 GMT
Content-Type: image/svg+xml
Last-Modified: Wed, 01 Dec 2021 18:39:03 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK ico_student.svg
138.68.180.92/images/ 7 KB
8 KB 24ms
24ms Image
image/svg+xml 138.68.180.92

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://138.68.180.92/images/ico_student.svg
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a4b29d1eb8f2dad15b9915f39a913ed02bb12f36474053fffa7f183afb71dd8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

ETag: "1dbd-5d219fcf431bf"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7613
Date: Thu, 14 Nov 2024 07:35:45 GMT
Content-Type: image/svg+xml
Last-Modified: Wed, 01 Dec 2021 18:39:03 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK ico_man.svg
138.68.180.92/images/ 6 KB
6 KB 24ms
24ms Image
image/svg+xml 138.68.180.92

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://138.68.180.92/images/ico_man.svg
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c630aa0b5599b658486ab0b7af79e01cea0845409e65da7bb8696e2699944552

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

ETag: "18ec-5d219fcf431bf"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6380
Date: Thu, 14 Nov 2024 07:35:45 GMT
Content-Type: image/svg+xml
Last-Modified: Wed, 01 Dec 2021 18:39:03 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK bigTick.svg
138.68.180.92/images/ 891 B
1 KB 26ms
26ms Image
image/svg+xml 138.68.180.92

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://138.68.180.92/images/bigTick.svg
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: abd3e93477d8e243fc4e3512a95e57833027194c525f90305efcf7add4885ea9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

ETag: "37b-5d219fcf28bdc"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 891
Date: Thu, 14 Nov 2024 07:35:45 GMT
Content-Type: image/svg+xml
Last-Modified: Wed, 01 Dec 2021 18:39:03 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK logo.webp
138.68.180.92/images/homepage/ 8 KB
8 KB 24ms
24ms Image
image/webp 138.68.180.92

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://138.68.180.92/images/homepage/logo.webp
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 34e8d4f4b1913602498507ec7ad221545ac4a3710cba485cae0c3775f81977cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

Accept-Ranges: bytes
Content-Length: 7832
Date: Thu, 14 Nov 2024 07:35:45 GMT
ETag: "1e98-60816bc231497"
Last-Modified: Thu, 19 Oct 2023 19:26:38 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive

GET
H/1.1 200
OK footer-logo.webp
138.68.180.92/images/homepage/ 6 KB
6 KB 32ms
32ms Image
image/webp 138.68.180.92

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://138.68.180.92/images/homepage/footer-logo.webp
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a226dd3f668fe50a3af881c710b4fb9f1f5bda4a4b3a58ad243dcf4b427b5ebe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

Accept-Ranges: bytes
Content-Length: 5794
Date: Thu, 14 Nov 2024 07:35:45 GMT
ETag: "16a2-60816bc231497"
Last-Modified: Thu, 19 Oct 2023 19:26:38 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive

GET
H/1.1 200
OK icsa-img.webp
138.68.180.92/images/homepage/ 4 KB
5 KB 31ms
31ms Image
image/webp 138.68.180.92

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://138.68.180.92/images/homepage/icsa-img.webp
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: bd49024ca65f46df8a20fc625c35498b1d8f2de66acc6a7e2020e559f57d54f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

Accept-Ranges: bytes
Content-Length: 4536
Date: Thu, 14 Nov 2024 07:35:45 GMT
ETag: "11b8-60816bc231497"
Last-Modified: Thu, 19 Oct 2023 19:26:38 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive

GET
H/1.1 200
OK jquery.js Show response
138.68.180.92/js/Old/ 85 KB
30 KB 29ms
28ms Script
application/javascript 138.68.180.92

General

Check archive.org

Show headers Download Go to

Full URL: https://138.68.180.92/js/Old/jquery.js
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

Content-Encoding: gzip
ETag: "1538e-5d219fcf913c7-gzip"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30305
Date: Thu, 14 Nov 2024 07:35:45 GMT
Content-Type: application/javascript
Last-Modified: Wed, 01 Dec 2021 18:39:03 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK slick.js Show response
138.68.180.92/js/Old/ 87 KB
15 KB 34ms
32ms Script
application/javascript 138.68.180.92

General

Check archive.org

Show headers Download Go to

Full URL: https://138.68.180.92/js/Old/slick.js
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0aaa4cf927b0e3631cffbe62f6786810aa65348483cd950e49f634a0881b16b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

Content-Encoding: gzip
ETag: "15b7b-5d219fcf913c7-gzip"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15071
Date: Thu, 14 Nov 2024 07:35:45 GMT
Content-Type: application/javascript
Last-Modified: Wed, 01 Dec 2021 18:39:03 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK anime.js Show response
138.68.180.92/js/Old/ 17 KB
7 KB 33ms
29ms Script
application/javascript 138.68.180.92

General

Check archive.org

Show headers Download Go to

Full URL: https://138.68.180.92/js/Old/anime.js
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a43f4a6446508a64cb40e3134fdf65061193ec05f230fcf783dd86d62c9de3bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

Content-Encoding: gzip
ETag: "431b-5d219fcf913c7-gzip"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7098
Date: Thu, 14 Nov 2024 07:35:45 GMT
Content-Type: application/javascript
Last-Modified: Wed, 01 Dec 2021 18:39:03 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK inview.js Show response
138.68.180.92/js/Old/ 1 KB
1 KB 32ms
29ms Script
application/javascript 138.68.180.92

General

Check archive.org

Show headers Download Go to

Full URL: https://138.68.180.92/js/Old/inview.js
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5a3535bf9c68a69732cec8f625abb8a79db09a0466d0793f491a9193710aff92

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

Content-Encoding: gzip
ETag: "59d-5d219fcf913c7-gzip"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 765
Date: Thu, 14 Nov 2024 07:35:45 GMT
Content-Type: application/javascript
Last-Modified: Wed, 01 Dec 2021 18:39:03 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK smoothstate.js Show response
138.68.180.92/js/Old/ 7 KB
3 KB 30ms
27ms Script
application/javascript 138.68.180.92

General

Check archive.org

Show headers Download Go to

Full URL: https://138.68.180.92/js/Old/smoothstate.js
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7fdc101978dcecc1d6b81431a79491cfd1ed4a7c7582bbbf3f5252cb7020a35a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

Content-Encoding: gzip
ETag: "1be2-5d219fcf913c7-gzip"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2930
Date: Thu, 14 Nov 2024 07:35:45 GMT
Content-Type: application/javascript
Last-Modified: Wed, 01 Dec 2021 18:39:03 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK datepicker.js Show response
138.68.180.92/js/Old/ 33 KB
10 KB 33ms
30ms Script
application/javascript 138.68.180.92

General

Check archive.org

Show headers Download Go to

Full URL: https://138.68.180.92/js/Old/datepicker.js
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6ea55ea86749ee1fe560fabac6b3effd81b33046fa74dc657e24d41d28110a9f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

Content-Encoding: gzip
ETag: "839d-5d219fcf913c7-gzip"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10076
Date: Thu, 14 Nov 2024 07:35:45 GMT
Content-Type: application/javascript
Last-Modified: Wed, 01 Dec 2021 18:39:03 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H3 200 select2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/select2/4.0.7/js/ 67 KB
16 KB 42ms
38ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.7/js/select2.min.js

Requested by

Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1870b7c456eb7af4346917168392449543a7717617c53b4c3ae03be1c5803d3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03fcb-10b24"
age: 51584
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yDtmYq0c6QO40HdUX6sWpygktApaYTOG%2Fq8dB9cIkYyL6gGVa1v7ZlBhIgjLpVujVKnwfDAs3sQBCJBUjqXeco%2F8J2ZFQnJrP%2Fc134oXpcNPYQvu9vbqqrrmpjZ7r%2BR19FFAkr1t"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 04 Nov 2025 07:35:45 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 07:35:45 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:16:11 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e25539e1f6d6550-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16145
server: cloudflare

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 384 KB
120 KB 160ms
79ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBSWNb9QbbUAgtqCf3nCRbGTS-wG1SV0KI&libraries=places

Requested by

Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

52bd1b3908d6ccb0f8639118d78a40fb242826a56e87f0563105f86df6133aad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

cache-control: public, max-age=1800, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: gzip
etag: 610ba1eb
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122972
date: Thu, 14 Nov 2024 07:35:45 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
vary: Accept-Language, Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H2 200 filestack.min.js Show response
static.filestackapi.com/filestack-js/2.x.x/ 156 KB
46 KB 95ms
23ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.filestackapi.com/filestack-js/2.x.x/filestack.min.js
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 33c1395b40663c2b0ebfbfd6729617cb93333e7539d07decf54bf8b1337f0510

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

content-encoding: gzip
etag: "bba31b371201037befbd26b6fed2ce0f"
age: 32670
x-cache: HIT
date: Thu, 14 Nov 2024 07:35:45 GMT
last-modified: Mon, 06 May 2019 08:36:43 GMT
vary: Accept-Encoding
x-served-by: cache-lhr-egll1980096-LHR
content-type: application/javascript
x-amz-id-2: SYDK+wgUGVPWig+r1gaVeiJdZ/zUeJdcsEltaxbzqAZk59q1yNpqsrmquRPQrwO+72ntRLs092ZGnyhz62HIvnxjvmA9vI1E7dsoVUF7E+8=
x-cache-hits: 0
x-timer: S1731569746.684954,VS0,VE1
via: 1.1 varnish
x-amz-request-id: 8KP2MGGKHS31R82K
accept-ranges: bytes
access-control-allow-origin: *
content-length: 46627

GET
H/1.1 500
Internal Server Error addthis_widget.js
s7.addthis.com/js/300/ 0
0 178ms
46ms Script
text/html 104.75.90.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s7.addthis.com/js/300/addthis_widget.js
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.90.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-90-86.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 14 Nov 2024 07:35:45 GMT
Content-Length: 27
Date: Thu, 14 Nov 2024 07:35:45 GMT
AK-GRN: 0.926656b8.1731569745.6350ab4
Content-Type: text/html

GET
H/1.1 200
OK app.js Show response
138.68.180.92/js/Old/ 39 KB
6 KB 25ms
25ms Script
application/javascript 138.68.180.92

General

Check archive.org

Show headers Download Go to

Full URL: https://138.68.180.92/js/Old/app.js
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8fdd95ae4f3e6ffb22108c9e0daf1164ae681f3c61da873283c488d997f8b1ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

Content-Encoding: gzip
ETag: "9de4-60a96130e3a80-gzip"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6182
Date: Thu, 14 Nov 2024 07:35:45 GMT
Content-Type: application/javascript
Last-Modified: Mon, 20 Nov 2023 14:12:21 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 checkout.js Show response
checkout.stripe.com/ 88 KB
22 KB 92ms
26ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.stripe.com/checkout.js

Requested by

Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

18c6f9fae85d6c3ce7c19f694a86603df2cadb3807e52b4db404e0cbe83a4170

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

x-request-id: 6f5d55e2-e637-4e4f-af17-5913e4ffdb83
content-encoding: br
etag: "da09b58e42e67727627772fedab68831"
age: 39
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Thu, 14 Nov 2024 07:35:45 GMT
last-modified: Wed, 16 Oct 2024 19:28:11 GMT
content-type: text/javascript; charset=utf-8
x-served-by: cache-lcy-eglc8600061-LCY
x-cache-hits: 1
vary: Accept-Encoding, Origin
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: public, max-age=60
x-timer: S1731569746.696051,VS0,VE2
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21914
server: Fastly

GET
H3 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 57 KB
17 KB 72ms
70ms Script
application/javascript 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://138.68.180.92
Referer: https://138.68.180.92/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: MISS
etag: W/"e1d98d47689e00f8ecbc5d9f61bdb42e"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 07:35:45 GMT
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 03/18/2024 12:53:16
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: b69d9de618d59e663689eca5e38194b8
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8e25539e18c193f8-LHR
access-control-allow-origin: *
cdn-edgestorageid: 1078
server: cloudflare
cdn-requestcountrycode: DE

GET 6364002.js
js.hs-scripts.com/ 0
0

GET
H/1.1 200
OK counter.min.js Show response
138.68.180.92/js/Old/ 2 KB
1 KB 23ms
22ms Script
application/javascript 138.68.180.92

General

Check archive.org

Show headers Download Go to

Full URL: https://138.68.180.92/js/Old/counter.min.js
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ae3ce17d36d32a00d80a6dc45e36f595c5c942039e449fb1b9c284c912005abc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

Content-Encoding: gzip
ETag: "8d4-5d219fcf913c7-gzip"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 819
Date: Thu, 14 Nov 2024 07:35:45 GMT
Content-Type: application/javascript
Last-Modified: Wed, 01 Dec 2021 18:39:03 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK jquery.easing.js Show response
138.68.180.92/js/Old/ 8 KB
2 KB 24ms
23ms Script
application/javascript 138.68.180.92

General

Check archive.org

Show headers Download Go to

Full URL: https://138.68.180.92/js/Old/jquery.easing.js
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c49e6c18ff132b6071846b42440de77720c666a49f51058d847f6e5f5a49985e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

Content-Encoding: gzip
ETag: "2069-5d219fcf913c7-gzip"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1986
Date: Thu, 14 Nov 2024 07:35:45 GMT
Content-Type: application/javascript
Last-Modified: Wed, 01 Dec 2021 18:39:03 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 fprom.js Show response
cdn.firstpromoter.com/ 5 KB
2 KB 172ms
46ms Script
application/javascript 2600:9000:237d:dc00:1e:b6b6:9ac0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstpromoter.com/fprom.js
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:dc00:1e:b6b6:9ac0:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1c9c5272136c7ebb6df65a9f5f7e30afe147971ec8d417412e7e5cbc3c51b77c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

cache-control: public, max-age=7200
content-encoding: gzip
etag: W/"4050b7f2106d3693d62497155108e557"
age: 721
via: 1.1 ba1081cbdcd39cc4928b65493cb81558.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: TEYhVbvy7JIoIggeB_rdOEW5VyuBCirvXQ0jotn2ortY2aRXS0SRbA==
date: Thu, 14 Nov 2024 07:23:45 GMT
content-type: application/javascript
last-modified: Sun, 16 May 2021 12:18:56 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
vary: accept-encoding

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 222 KB
80 KB 117ms
115ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WBP7WRG

Requested by

Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

95e82d3000d61146095f95d70495499e4025b0be5fa1864e82eb144f059dd864

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 14 Nov 2024 07:35:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 07:35:45 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 14 Nov 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 81155
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK body.jpg
138.68.180.92/images/ 60 KB
60 KB 48ms
45ms Image
image/jpeg 138.68.180.92

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://138.68.180.92/images/body.jpg
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/stylesheets/screen.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c809a67e53940442754061d8dfdc6afbf42cda57a29a0d1390b1956d3ab26130

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/stylesheets/screen.css

Response headers

ETag: "f0f0-5d219fcf2d9fd"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 61680
Date: Thu, 14 Nov 2024 07:35:45 GMT
Content-Type: image/jpeg
Last-Modified: Wed, 01 Dec 2021 18:39:03 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
648 B 61ms
54ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: 138.68.180.92
URL: https://138.68.180.92/css/homepage/style.css?cachefix=1720621616

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4fb79f65150c8f5d0d9ff24d13160dca998959e970adaad2279cd915fc4b934

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 14 Nov 2024 07:35:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 07:35:45 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 14 Nov 2024 07:26:21 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 17 KB
1 KB 49ms
49ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=PT+Serif:ital,wght@0,400;0,700;1,400;1,700&family=Poppins:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: 138.68.180.92
URL: https://138.68.180.92/css/app.css?id=1c54ead59b52e7d1835d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

423513005af65219232f09f3ac27369b7ec1738e64598fc74f3535ec8278ddfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 14 Nov 2024 07:35:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 07:35:45 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 14 Nov 2024 07:35:45 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK Reckless-Regular.woff2
138.68.180.92/fonts/ 35 KB
36 KB 34ms
28ms Font
font/woff2 138.68.180.92

General

Check archive.org

Show headers Download Go to

Full URL: https://138.68.180.92/fonts/Reckless-Regular.woff2
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 704d4f221b33a4d6a5ee5eb88f7e1607432260727b59bc395a944a396ddac9bb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://138.68.180.92
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

ETag: "8d68-6136a4fa526e3"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36200
Date: Thu, 14 Nov 2024 07:35:45 GMT
Content-Type: font/woff2
Last-Modified: Mon, 11 Mar 2024 22:46:23 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H3 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 104ms
50ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://138.68.180.92
Referer: https://fonts.googleapis.com/

Response headers

age: 56313
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 13 Nov 2025 15:57:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 15:57:12 GMT
last-modified: Fri, 22 Mar 2024 00:02:55 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7840
x-xss-protection: 0
server: sffe

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 91ms
38ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://138.68.180.92
Referer: https://fonts.googleapis.com/

Response headers

age: 170684
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 12 Nov 2025 08:11:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 Nov 2024 08:11:01 GMT
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK Reckless-Bold.woff2
138.68.180.92/fonts/ 35 KB
36 KB 35ms
30ms Font
font/woff2 138.68.180.92

General

Check archive.org

Show headers Download Go to

Full URL: https://138.68.180.92/fonts/Reckless-Bold.woff2
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 48776ebc35286a1861f136aff66c03c81bc7a614ba29517ece619dd9d6f56147

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://138.68.180.92
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

ETag: "8da0-6136a4fa526e3"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36256
Date: Thu, 14 Nov 2024 07:35:45 GMT
Content-Type: font/woff2
Last-Modified: Mon, 11 Mar 2024 22:46:23 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK HKGroteskRegular.woff2
138.68.180.92/fonts/homepage/ 28 KB
28 KB 51ms
47ms Font
font/woff2 138.68.180.92

General

Check archive.org

Show headers Download Go to

Full URL: https://138.68.180.92/fonts/homepage/HKGroteskRegular.woff2
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 52af8b747c2a7c230e4778dc83436648aa48129a900c8ec14d980cdaf6ceb209

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://138.68.180.92
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

ETag: "6e10-60816bc229797"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28176
Date: Thu, 14 Nov 2024 07:35:45 GMT
Content-Type: font/woff2
Last-Modified: Thu, 19 Oct 2023 19:26:38 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK HKGroteskSemiBold.woff2
138.68.180.92/fonts/homepage/ 29 KB
29 KB 33ms
29ms Font
font/woff2 138.68.180.92

General

Check archive.org

Show headers Download Go to

Full URL: https://138.68.180.92/fonts/homepage/HKGroteskSemiBold.woff2
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f204a36fa9d74e307330a5cb19f5c180efdbb85aec1e5774dcb887f5a8462be2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://138.68.180.92
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

ETag: "7448-60816bc22a737"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29768
Date: Thu, 14 Nov 2024 07:35:45 GMT
Content-Type: font/woff2
Last-Modified: Thu, 19 Oct 2023 19:26:38 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H3 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 96ms
43ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://138.68.180.92
Referer: https://fonts.googleapis.com/

Response headers

age: 68467
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 13 Nov 2025 12:34:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 12:34:38 GMT
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7748
x-xss-protection: 0
server: sffe

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ 546 KB
215 KB 81ms
34ms Script
text/javascript 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

f8e5f5ce9ff44073cff24bcd3d2b8aa4e67b67891b14ff929fe4743880fdf82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://138.68.180.92
Referer: https://138.68.180.92/

Response headers

content-encoding: gzip
age: 155
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 07:33:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 07:33:10 GMT
last-modified: Tue, 22 Oct 2024 00:01:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220347
x-xss-protection: 0
server: sffe

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
44 B 124ms
53ms XHR
application/json 172.217.16.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBSWNb9QbbUAgtqCf3nCRbGTS-wG1SV0KI&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://138.68.180.92
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
date: Thu, 14 Nov 2024 07:35:45 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 362 KB
120 KB 59ms
58ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4SQ4LF65VB&l=dataLayer&cx=c&gtm=457e4bc0za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-143439240-1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

27b44ef48fc6461a9d319828f694302116df37e65a2ac99b9676d68cf884083b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 14 Nov 2024 07:35:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 07:35:45 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 122584
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 127ms
45ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-143439240-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

content-encoding: gzip
age: 3261
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Thu, 14 Nov 2024 08:41:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 06:41:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
92 KB 78ms
77ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10944529345&l=dataLayer&cx=c&gtm=457e4bc0za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-143439240-1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b969ab0dee9fa9bad0e4ad58246ff9a85c2f73a36377b2a5fda4e07895e68799

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 14 Nov 2024 07:35:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 07:35:45 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 14 Nov 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 94432
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 246 KB
88 KB 61ms
60ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-723917424&l=dataLayer&cx=c&gtm=457e4bc0za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-143439240-1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

21b824fca03676cd5a939d08ced8499fa6d8a7de0ee10f4da8c229c8a8d95650

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 14 Nov 2024 07:35:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 07:35:45 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 14 Nov 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 90270
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 190ms
54ms Script
application/javascript 2a02:26f0:3500:10::210:a99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

cache-control: max-age=67936
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Thu, 14 Nov 2024 07:35:46 GMT
last-modified: Thu, 22 Aug 2024 10:43:55 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 84 KB
28 KB 259ms
51ms Script
application/javascript 23.53.43.59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-59.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 37cd83f5fb8a7197cfb3545388594f601b4aa7575b639710a1d99a1e7f8df8d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

content-encoding: br
x-amz-version-id: Qbh.KWprU3gvDKB1OUca1yqTEspItfur
etag: W/"d448e190bc8237221f1ef31329b0a953"
expires: Thu, 14 Nov 2024 15:35:46 GMT
x-amz-cf-id: VCFz9hFVG8wsI_f01QIX2hsUTBRQiKtw0Rr_u0M_8U__NtJkuARkMw==
date: Thu, 14 Nov 2024 07:35:46 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 12 Nov 2024 07:50:10 GMT
vary: accept-encoding
cache-control: max-age=28800
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 28693
x-amz-cf-pop: FRA60-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 32 KB
8 KB 131ms
55ms Script
application/javascript 2606:4700::6812:80d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Requested by

Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:80d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26db36707844fa367f47c47b4b614db27a608286fe71d9ff8c3012dbe71c5499

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"234346615b452270c8ee1158258c83bb"
age: 136
x-cache: Hit from cloudfront
x-amz-cf-id: Xu0Fw6bbKFjSxsOVBYl3cgVZlkhzjAzL2Yx8iTEupPfWbdmXOlETqA==
date: Thu, 14 Nov 2024 07:35:46 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 15:47:53 GMT
vary: accept-encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=300
via: 1.1 1cdc77e7d966cbd0971ffcf4c515583e.cloudfront.net (CloudFront)
cf-ray: 8e2553a0cf61cd49-LHR
x-amz-cf-pop: CDG55-P1
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 95ms
49ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-oBq9Ebgy' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 07:35:46 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-oBq9Ebgy' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=33, rtx=0, c=23, mss=1232, tbw=4469, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: f2JZk8gEy1Cvb+wJg9n0ZwVUrlD8d7CzAwCiuDKnAZOZMYLoi/zepaz/GFjJowKm66CuIa331NtNWYwZq6wL5g==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62107
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 193 KB
69 KB 95ms
95ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KSX45V3

Requested by

Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2c49f60dd412f7a0712680dde43424d57eaa64f26e250c17814d7a53800115eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 14 Nov 2024 07:35:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 07:35:45 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 14 Nov 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 70745
x-xss-protection: 0
server: Google Tag Manager

POST
H3 200 collect
www.google.com/ccm/ 0
0 52ms
52ms Ping
text/plain 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2F138.68.180.92%2Fdota3.tar.gz&scrsrc=www.googletagmanager.com&frm=0&rnd=1334479195.1731569746&auid=268112828.1731569746&npa=0&gtm=45be4bc0v897752028za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102077855&tft=1731569746008&tfd=891&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10944529345
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s21-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10944529345/ 5 KB
2 KB 186ms
54ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10944529345/?random=1731569745999&cv=11&fst=1731569745999&bg=ffffff&guid=ON&async=1&gtm=45be4bc0v897752028za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2F138.68.180.92%2Fdota3.tar.gz&hn=www.googleadservices.com&frm=0&tiba=VirtualNonExecs%20-%20TAKE%20YOUR%20NON-EXEC%20CAREER%20FURTHER&npa=0&pscdl=noapi&auid=268112828.1731569746&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10944529345

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

c4be827d1d6d1a6180cd57cdbc39833a9084575d5c9d292fc2b395a77454831b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2368
date: Thu, 14 Nov 2024 07:35:46 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 10944529345
td.doubleclick.net/td/rul/ Frame 470F 0
0 492ms
69ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/10944529345?random=1731569745999&cv=11&fst=1731569745999&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bc0v897752028za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2F138.68.180.92%2Fdota3.tar.gz&hn=www.googleadservices.com&frm=0&tiba=VirtualNonExecs%20-%20TAKE%20YOUR%20NON-EXEC%20CAREER%20FURTHER&npa=0&pscdl=noapi&auid=268112828.1731569746&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10944529345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://138.68.180.92/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Nov 2024 07:35:46 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/723917424/ 5 KB
2 KB 152ms
54ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/723917424/?random=1731569746030&cv=11&fst=1731569746030&bg=ffffff&guid=ON&async=1&gtm=45be4bc0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067554~102067807~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2F138.68.180.92%2Fdota3.tar.gz&hn=www.googleadservices.com&frm=0&tiba=VirtualNonExecs%20-%20TAKE%20YOUR%20NON-EXEC%20CAREER%20FURTHER&npa=0&pscdl=noapi&auid=268112828.1731569746&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-723917424

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

af0209395bfd26c60e5a960470f0e5f50732f136c06ece0f17f7abf026ca0973

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2356
date: Thu, 14 Nov 2024 07:35:46 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 723917424
td.doubleclick.net/td/rul/ Frame 0446 0
0 450ms
56ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/723917424?random=1731569746030&cv=11&fst=1731569746030&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bc0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067554~102067807~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2F138.68.180.92%2Fdota3.tar.gz&hn=www.googleadservices.com&frm=0&tiba=VirtualNonExecs%20-%20TAKE%20YOUR%20NON-EXEC%20CAREER%20FURTHER&npa=0&pscdl=noapi&auid=268112828.1731569746&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-723917424

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://138.68.180.92/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Nov 2024 07:35:46 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK track.js Show response
v2.clickguardian.app/ 4 KB
1 KB 129ms
29ms Script
application/javascript 2a03:b0c0:1:e0::2c8:7001

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.clickguardian.app/track.js
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:1:e0::2c8:7001 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: dcdf62f54440f8c224dcdfb6453c53106600c573d3cb5e4c0ba0d1cafcda3edc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: W/"5e25c06c-e6d"
Connection: keep-alive
Date: Thu, 14 Nov 2024 07:35:46 GMT
Content-Type: application/javascript
Last-Modified: Mon, 20 Jan 2020 14:59:56 GMT
Server: nginx/1.10.3 (Ubuntu)

GET
H2 200 82u6Z5A5MLNC2LtLYKXrWQ.html
checkout.stripe.com/v3/ Frame E3BA 0
0 417ms
42ms Document
text/html 65.9.66.16

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.stripe.com/v3/82u6Z5A5MLNC2LtLYKXrWQ.html?distinct_id=c3852810-3c2f-af2b-bfac-4c38e9ae855c

Requested by

Host: checkout.stripe.com
URL: https://checkout.stripe.com/checkout.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.16 , United States, ASN (),

Reverse DNS

server-65-9-66-16.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://api.stripe.com https://errors.stripe.com https://a.stripecdn.com https://b.stripecdn.com https://r.stripe.com 'self'; default-src 'none'; font-src 'none'; form-action 'none'; frame-src https://js.stripe.com https://a.stripecdn.com https://b.stripecdn.com 'self' stripecheckout:; img-src http: https:; media-src 'none'; object-src https://a.stripecdn.com https://b.stripecdn.com 'self'; script-src https://js.stripe.com https://stripecdn.com https://a.stripecdn.com https://b.stripecdn.com 'self' 'report-sample'; style-src https://a.stripecdn.com https://b.stripecdn.com 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://138.68.180.92/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 46
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=60
content-encoding: gzip
content-security-policy: base-uri 'none'; connect-src https://api.stripe.com https://errors.stripe.com https://a.stripecdn.com https://b.stripecdn.com https://r.stripe.com 'self'; default-src 'none'; font-src 'none'; form-action 'none'; frame-src https://js.stripe.com https://a.stripecdn.com https://b.stripecdn.com 'self' stripecheckout:; img-src http: https:; media-src 'none'; object-src https://a.stripecdn.com https://b.stripecdn.com 'self'; script-src https://js.stripe.com https://stripecdn.com https://a.stripecdn.com https://b.stripecdn.com 'self' 'report-sample'; style-src https://a.stripecdn.com https://b.stripecdn.com 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 14 Nov 2024 07:35:46 GMT
etag: W/"f36bba67903930b342d8bb4b60a5eb59"
last-modified: Wed, 16 Oct 2024 19:28:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
x-amz-cf-id: ZxLQF3AoO3GjrQgiQuX1K3rL1TDFUWYfYE58-gK6GL6f1FWxFFIlRg==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 /
q.stripe.com/ 43 B
287 B 497ms
151ms Image
image/gif 54.187.119.242

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.stripe.com/?event=checkout.config.summary&rf=138.68.180.92&optchecker-origin=configure&optchecker-numErrors=0&optchecker-numWarnings=0&distinct_id=c3852810-3c2f-af2b-bfac-4c38e9ae855c&eventId=43ac9922-cdea-e9a4-1a64-95746b18500a&option-key=pk_live_3S84oJnragHmFrVk39iFTGpi00oM9s4dVc&h=1200&w=1600&lsid=8fcc3eea-e2d0-4273-8c2b-dea0fa76437e&cid=5452a279-bc54-4b68-bec4-7bb4b311f86f&i=1731569746077

Requested by

Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN (),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
pragma: no-cache
expires: 0
content-length: 43
date: Thu, 14 Nov 2024 07:35:46 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 0CD9 0
0 348ms
43ms Document
text/html 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2F138.68.180.92

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10944529345

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Nov 2024 07:35:46 GMT
expires: Fri, 14 Nov 2025 07:35:46 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
418 B 44ms
40ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=40156806&t=pageview&_s=1&dl=https%3A%2F%2F138.68.180.92%2Fdota3.tar.gz&ul=en-gb&de=UTF-8&dt=VirtualNonExecs%20-%20TAKE%20YOUR%20NON-EXEC%20CAREER%20FURTHER&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1058620150&gjid=1390886700&cid=159349648.1731569746&tid=UA-143439240-1&_gid=1208951347.1731569746&_r=1&gtm=457e4bc0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067554~102077855&jsscut=1&z=1271222252

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://138.68.180.92/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 07:35:46 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://138.68.180.92
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
818 B 421ms
202ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=3021761&time=1731569746263&url=https%3A%2F%2F138.68.180.92%2Fdota3.tar.gz
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Referer: https://138.68.180.92/

Response headers

x-li-pop: afd-prod-lor1-x
content-encoding: gzip
x-fs-uuid: 000626da7fa5f8fc44d6769429a5cadc
x-msedge-ref: Ref A: 59C54512C6B54D93870B1382AE1E1583 Ref B: LON04EDGE1114 Ref C: 2024-11-14T07:35:46Z
x-li-fabric: prod-lor1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYm2n+l+PxE1naUKaXK3A==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Thu, 14 Nov 2024 07:35:46 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3021761&time=1731569746263&url=https%3A%2F%2F138.68.180.92%2Fdota3.tar.gz
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3021761&time=1731569746263&url=https%3A%2F%2F138.68.180.92%2Fdota3.tar.gz&e_ipv6=AQLkYCfLkkaWDAAAAZMpmYKV_sNAfBbDOF1H23CkhDREOQOG_b8KMe1UfOioYFaU...

0
267 B

258ms
186ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3021761&time=1731569746263&url=https%3A%2F%2F138.68.180.92%2Fdota3.tar.gz&e_ipv6=AQLkYCfLkkaWDAAAAZMpmYKV_sNAfBbDOF1H23CkhDREOQOG_b8KMe1UfOioYFaUs8duK9Q
Requested by: Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 16D00AF3BC7D43F987320057A4AD885A Ref B: LON04EDGE1007 Ref C: 2024-11-14T07:35:46Z
x-li-fabric: prod-lor1
x-li-uuid: AAYm2n+p/zKr5d0UYShLew==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Thu, 14 Nov 2024 07:35:46 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3021761&time=1731569746263&url=https%3A%2F%2F138.68.180.92%2Fdota3.tar.gz&e_ipv6=AQLkYCfLkkaWDAAAAZMpmYKV_sNAfBbDOF1H23CkhDREOQOG_b8KMe1UfOioYFaUs8duK9Q
x-msedge-ref: Ref A: 2C3562823CE3470C90D6A4E02AF28291 Ref B: LTSEDGE1222 Ref C: 2024-11-14T07:35:46Z
x-li-fabric: prod-lor1
x-li-uuid: AAYm2n+l+568ds1NWrQVOg==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Thu, 14 Nov 2024 07:35:45 GMT

GET
H2 200 / Show response
prism.app-us1.com/ 0
327 B 562ms
357ms Script
application/javascript 2606:4700::6811:1fae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prism.app-us1.com/?a=224516993&u=https%3A%2F%2F138.68.180.92%2Fdota3.tar.gz

Requested by

Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:1fae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.29

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: no-cache, private
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 52
cf-ray: 8e2553a38f4f640f-LHR
content-length: 0
date: Thu, 14 Nov 2024 07:35:46 GMT
content-type: application/javascript
x-powered-by: PHP/8.1.29
vary: Accept-Encoding
server: cloudflare

GET
H3 200 fingerprint2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.1.0/ 29 KB
10 KB 37ms
36ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.1.0/fingerprint2.min.js

Requested by

Host: v2.clickguardian.app
URL: https://v2.clickguardian.app/track.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e5c-72e4"
age: 43496
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X4SbMwNsi5zMUMkm5kkAfuMmSlzRiEJ1UDsURV9uJSPhan7a%2BEeYj4vv3Ji1VxaxTq7cMpcScfhtCXCWRXt3NhIvpd2Jv9SMyJEtxcpSq5BypcrHUlNLNhgRdIyi%2BXVNllDG29BJ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 04 Nov 2025 07:35:46 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 07:35:46 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:10:04 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e2553a24c3a6550-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9392
server: cloudflare

GET
H3 200 /
www.google.com/pagead/1p-user-list/723917424/ 42 B
64 B 52ms
51ms Image
image/gif 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/723917424/?random=1731569746030&cv=11&fst=1731567600000&bg=ffffff&guid=ON&async=1&gtm=45be4bc0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067554~102067807~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2F138.68.180.92%2Fdota3.tar.gz&hn=www.googleadservices.com&frm=0&tiba=VirtualNonExecs%20-%20TAKE%20YOUR%20NON-EXEC%20CAREER%20FURTHER&npa=0&pscdl=noapi&auid=268112828.1731569746&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7d876V2RtS9VMul-KDUfi5_utmmz1a5w&random=2029965065&rmt_tld=0&ipr=y

Requested by

Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 14 Nov 2024 07:35:46 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.uk/pagead/1p-user-list/723917424/ 42 B
64 B 260ms
55ms Image
image/gif 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/723917424/?random=1731569746030&cv=11&fst=1731567600000&bg=ffffff&guid=ON&async=1&gtm=45be4bc0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067554~102067807~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2F138.68.180.92%2Fdota3.tar.gz&hn=www.googleadservices.com&frm=0&tiba=VirtualNonExecs%20-%20TAKE%20YOUR%20NON-EXEC%20CAREER%20FURTHER&npa=0&pscdl=noapi&auid=268112828.1731569746&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7d876V2RtS9VMul-KDUfi5_utmmz1a5w&random=2029965065&rmt_tld=1&ipr=y

Requested by

Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 14 Nov 2024 07:35:46 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/10944529345/ 42 B
64 B 53ms
48ms Image
image/gif 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10944529345/?random=1731569745999&cv=11&fst=1731567600000&bg=ffffff&guid=ON&async=1&gtm=45be4bc0v897752028za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2F138.68.180.92%2Fdota3.tar.gz&hn=www.googleadservices.com&frm=0&tiba=VirtualNonExecs%20-%20TAKE%20YOUR%20NON-EXEC%20CAREER%20FURTHER&npa=0&pscdl=noapi&auid=268112828.1731569746&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dA57vlmom2z4rbloaRBsfU62Q4S3jBg&random=3507616561&rmt_tld=0&ipr=y

Requested by

Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 14 Nov 2024 07:35:46 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.uk/pagead/1p-user-list/10944529345/ 42 B
64 B 248ms
50ms Image
image/gif 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/10944529345/?random=1731569745999&cv=11&fst=1731567600000&bg=ffffff&guid=ON&async=1&gtm=45be4bc0v897752028za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2F138.68.180.92%2Fdota3.tar.gz&hn=www.googleadservices.com&frm=0&tiba=VirtualNonExecs%20-%20TAKE%20YOUR%20NON-EXEC%20CAREER%20FURTHER&npa=0&pscdl=noapi&auid=268112828.1731569746&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dA57vlmom2z4rbloaRBsfU62Q4S3jBg&random=3507616561&rmt_tld=1&ipr=y

Requested by

Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 14 Nov 2024 07:35:46 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 401656404743555 Show response
connect.facebook.net/signals/config/ 61 KB
12 KB 293ms
293ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/401656404743555?v=2.9.176&r=stable&domain=138.68.180.92&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

83b2dea489b58a9dcbb77fc883fc74cf5c2fe8cdef74ecabc959f59a54dd1b6f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-jBO37TMa' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 07:35:46 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-jBO37TMa' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=77, mss=1232, tbw=70325, tp=65, tpl=0, uplat=250, ullat=0
pragma: public
x-fb-debug: DlsZEBLJV1S3mbbAgn/HKG+R3hDf/6/jmrRuP29J/+3FHMNACUrbxNKrEE7tvDBq1flmFpmz2vCg50EHE4aXow==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 140ms
54ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4SQ4LF65VB&gtm=45je4bc0v9121303471za200&_p=1731569745595&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067554~102077855&cid=159349648.1731569746&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1731569746&sct=1&seg=0&dl=https%3A%2F%2F138.68.180.92%2Fdota3.tar.gz&dt=VirtualNonExecs%20-%20TAKE%20YOUR%20NON-EXEC%20CAREER%20FURTHER&en=page_view&_fv=1&_ss=1&tfd=1268
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4SQ4LF65VB&l=dataLayer&cx=c&gtm=457e4bc0za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://138.68.180.92
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 07:35:46 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
553 B 139ms
53ms Ping
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4SQ4LF65VB&cid=159349648.1731569746&gtm=45je4bc0v9121303471za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067554~102077855
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4SQ4LF65VB&l=dataLayer&cx=c&gtm=457e4bc0za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://138.68.180.92
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 07:35:46 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame B00D 0
0 58ms
57ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-4SQ4LF65VB&gacid=159349648.1731569746&gtm=45je4bc0v9121303471za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067554~102077855&z=341301171

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4SQ4LF65VB&l=dataLayer&cx=c&gtm=457e4bc0za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://138.68.180.92/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Nov 2024 07:35:46 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 127ms
64ms Image
image/gif 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4SQ4LF65VB&cid=159349648.1731569746&gtm=45je4bc0v9121303471za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067554~102077855&tag_exp=101925629~102067554~102077855&z=2014213043

Requested by

Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 14 Nov 2024 07:35:46 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 get_dynamic_configuration Show response
api.livechatinc.com/v3.6/customer/action/ 84 B
181 B 216ms
186ms Script
application/javascript 23.53.43.59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=11080397&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2F138.68.180.92%2Fdota3.tar.gz&channel_type=code&jsonp=__lcpdwens0pn
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-59.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b8dbfba93def9e0fbd78b8015493daa7e834469e9a2d231dd0a8ba8fb51a9922

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

content-length: 84
date: Thu, 14 Nov 2024 07:35:46 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame AC0D 0
0 112ms
46ms Document
text/html 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfxDLEUAAAAAN9yU--N_4-0QlEQWGP1c1oMwa3w&co=aHR0cHM6Ly8xMzguNjguMTgwLjkyOjQ0Mw..&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=u71d28r9aaz6

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hSpLaYTAzUIZiqnSSKlsnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://138.68.180.92/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-hSpLaYTAzUIZiqnSSKlsnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Nov 2024 07:35:46 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 102ms
40ms Image
text/plain 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=401656404743555&ev=PageView&dl=https%3A%2F%2F138.68.180.92%2Fdota3.tar.gz&rl=&if=false&ts=1731569746666&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4124&fbp=fb.3.1731569746660.225714815306809360&cs_est=true&ler=empty&cdl=API_unavailable&it=1731569746297&coo=false&rqm=GET

Requested by

Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=23, mss=1232, tbw=4489, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 14 Nov 2024 07:35:46 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
201 B 259ms
198ms Image
image/png 157.240.251.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=401656404743555&ev=PageView&dl=https%3A%2F%2F138.68.180.92%2Fdota3.tar.gz&rl=&if=false&ts=1731569746666&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4124&fbp=fb.3.1731569746660.225714815306809360&cs_est=true&ler=empty&cdl=API_unavailable&it=1731569746297&coo=false&rqm=FGET

Requested by

Host: 138.68.180.92
URL: https://138.68.180.92/dota3.tar.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7437035431299436514"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 07:35:46 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: PUGTQBOd4eDKAYERCMUiMvUIiW5CYyNz+RB/PRauLAPlGju1ENmINPDZySUqsz/dREnYYdB/rZf7uiJ+P0rVTA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7437035431299436514", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=36, rtx=0, c=23, mss=1232, tbw=4857, tp=13, tpl=0, uplat=160, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H/1.1 200
OK tracking Show response
v2.clickguardian.app/ 0
316 B 226ms
172ms XHR
text/html 2a03:b0c0:1:e0::2c8:7001

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.clickguardian.app/tracking
Requested by: Host: v2.clickguardian.app
URL: https://v2.clickguardian.app/track.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:b0c0:1:e0::2c8:7001 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://138.68.180.92/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Date: Thu, 14 Nov 2024 07:35:46 GMT
Content-Type: text/html; charset=UTF-8
Server: nginx/1.10.3 (Ubuntu)

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
193 B 191ms
190ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://138.68.180.92/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: FCB0E02A421F4C1BA50F777887320971 Ref B: LTSEDGE1222 Ref C: 2024-11-14T07:35:46Z
x-li-fabric: prod-lor1
access-control-allow-credentials: true
x-li-uuid: AAYm2n+tG8QxYENV5Kv1Qg==
x-li-proto: http/2
access-control-allow-origin: https://138.68.180.92
x-cache: CONFIG_NOCACHE
date: Thu, 14 Nov 2024 07:35:46 GMT
vary: Origin

OPTIONS
H3 204 bundleInfo
leadbooster-chat.pipedrive.com/chat-api/ Frame 0
0 116ms
86ms Preflight 104.18.189.228

General

Check archive.org

Show headers Download Go to

Full URL

https://leadbooster-chat.pipedrive.com/chat-api/bundleInfo?url=https://138.68.180.92/dota3.tar.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.189.228 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0 1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: leadbooster-chat-company-id,x-public-token
Access-Control-Request-Method: GET
Origin: https://138.68.180.92
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: leadbooster-chat-company-id,x-public-token
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-expose-headers: X-RateLimit-Remaining, X-RateLimit-Limit, X-RateLimit-Reset
alt-svc: h3=":443"; ma=86400
badi: Routing: lon-2=>lon-2; Version: 1d6b; Host: 7dbb898c5-ztgkg;
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8e2553a74d0660fb-LHR
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Thu, 14 Nov 2024 07:35:47 GMT
origin-agent-cluster: ?1
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Access-Control-Request-Headers, Accept-Encoding
x-content-type-options: nosniff
x-correlation-id: 1f8beab1-dd55-47d8-999b-a291dd48228e
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0 1; mode=block

GET
H3 200 bundleInfo Show response
leadbooster-chat.pipedrive.com/chat-api/ 115 B
1 KB 94ms
94ms XHR
application/json 104.18.189.228

General

Check archive.org

Show headers Download Go to

Full URL

https://leadbooster-chat.pipedrive.com/chat-api/bundleInfo?url=https://138.68.180.92/dota3.tar.gz

Requested by

Host: leadbooster-chat.pipedrive.com
URL: https://leadbooster-chat.pipedrive.com/assets/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.189.228 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

2167b50217c2463161465507a5cc12797b1c5b2aae1d3063a2ce1540e5b28ae6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0, 1; mode=block

Request headers

Referer: https://138.68.180.92/
x-public-token: chatbot-d72fa87e-e2bf-4ed5-a82c-0c973e391f5c
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Leadbooster-Chat-Company-Id: 7543750

Response headers

access-control-expose-headers: X-RateLimit-Remaining, X-RateLimit-Limit, X-RateLimit-Reset
x-correlation-id: 238d9305-1df7-4ad0-b310-a69dd256802a
cf-cache-status: DYNAMIC
etag: W/"73-n0zmglhXaLPRJmLjL6EZGWpBDQU"
content-encoding: br
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 07:35:47 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cache-control: no-cache
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: no-referrer
x-download-options: noopen
cf-ray: 8e2553a7dd9d60fb-LHR
access-control-allow-origin: *
x-xss-protection: 0, 1; mode=block
origin-agent-cluster: ?1
badi: Routing: lon-2=>lon-2; Version: 1d6b; Host: 7dbb898c5-87mwl;
server: cloudflare

GET
H/1.1 200
OK favicon.png
138.68.180.92/ 898 B
1 KB 27ms
25ms Other
image/png 138.68.180.92

General

Check archive.org

Show headers Download Go to

Full URL: https://138.68.180.92/favicon.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.68.180.92 Slough, United Kingdom, ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d20205b4285d5bb945d8bbe1f35340d7c15cc15277fc89c17d86fdb6c8179dba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/dota3.tar.gz

Response headers

ETag: "382-5d219fce368c2"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 898
Date: Thu, 14 Nov 2024 07:35:47 GMT
Content-Type: image/png
Last-Modified: Wed, 01 Dec 2021 18:39:02 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H3 200 main.js Show response
leadbooster-chat.pipedrive.com/assets/ Frame 1656 687 KB
233 KB 102ms
100ms Script
application/javascript 104.18.189.228

General

Check archive.org

Show headers Download Go to

Full URL

https://leadbooster-chat.pipedrive.com/assets/main.js?version=a9522a5_11820056070

Requested by

Host: leadbooster-chat.pipedrive.com
URL: https://leadbooster-chat.pipedrive.com/assets/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.189.228 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

ed0ab619af3874d3adc72aef6321160bd39e547ee12ddf5a59054809c288bc73

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers: X-RateLimit-Remaining, X-RateLimit-Limit, X-RateLimit-Reset
content-encoding: gzip
cf-cache-status: HIT
age: 58259
x-correlation-id: 1f6cd829-8d4b-45a5-9fd5-60c9d35e534f
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 07:35:47 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 13 Nov 2024 12:28:40 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cache-control: public, max-age=2592000
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
referrer-policy: no-referrer
x-download-options: noopen
cf-ray: 8e2553a8ad1a71ae-LHR
access-control-allow-origin: *
x-xss-protection: 0, 1; mode=block
origin-agent-cluster: ?1
badi: Routing: dub-1=>dub-1; Version: 1d6b; Host: 6fcbf6f75f-kgv9r;
server: cloudflare

GET
H3 200 d72fa87e-e2bf-4ed5-a82c-0c973e391f5c Show response
leadbooster-chat.pipedrive.com/chat-api/playbookSettings/ Frame 1656 2 KB
2 KB 103ms
103ms Fetch
application/json 104.18.189.228

General

Check archive.org

Show headers Download Go to

Full URL

https://leadbooster-chat.pipedrive.com/chat-api/playbookSettings/d72fa87e-e2bf-4ed5-a82c-0c973e391f5c

Requested by

Host: leadbooster-chat.pipedrive.com
URL: https://leadbooster-chat.pipedrive.com/assets/main.js?version=a9522a5_11820056070

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.189.228 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

61bc467a593d20f32dd6656b5b0ea13ec651c5900df97ccf6e95a7d15dc4fd63

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0, 1; mode=block

Request headers

Referer
x-public-token: chatbot-d72fa87e-e2bf-4ed5-a82c-0c973e391f5c
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Leadbooster-Chat-Company-Id: 7543750

Response headers

access-control-expose-headers: X-RateLimit-Remaining, X-RateLimit-Limit, X-RateLimit-Reset
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"889-WKAqnng6hUEkLoLNDJfznqQsqTI"
x-correlation-id: b770fa83-79eb-422c-8d24-da90f51c9b93
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 07:35:47 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cache-control: no-cache
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: no-referrer
x-download-options: noopen
cf-ray: 8e2553aac82560fb-LHR
access-control-allow-origin: *
x-xss-protection: 0, 1; mode=block
badi: Routing: lon-2=>lon-2; Version: 1d6b; Host: 7dbb898c5-k9zfj;
origin-agent-cluster: ?1
server: cloudflare

OPTIONS
H3 204 d72fa87e-e2bf-4ed5-a82c-0c973e391f5c
leadbooster-chat.pipedrive.com/chat-api/playbookSettings/ Frame 0
0 77ms
77ms Preflight 104.18.189.228

General

Check archive.org

Show headers Download Go to

Full URL

https://leadbooster-chat.pipedrive.com/chat-api/playbookSettings/d72fa87e-e2bf-4ed5-a82c-0c973e391f5c

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.189.228 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0 1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,leadbooster-chat-company-id,x-public-token
Access-Control-Request-Method: GET
Origin: https://138.68.180.92
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,leadbooster-chat-company-id,x-public-token
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-expose-headers: X-RateLimit-Remaining, X-RateLimit-Limit, X-RateLimit-Reset
alt-svc: h3=":443"; ma=86400
badi: Routing: lon-2=>lon-2; Version: 1d6b; Host: 7dbb898c5-87mwl;
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8e2553aa4fbb60fb-LHR
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Thu, 14 Nov 2024 07:35:47 GMT
origin-agent-cluster: ?1
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Access-Control-Request-Headers, Accept-Encoding
x-content-type-options: nosniff
x-correlation-id: c15060f9-3070-45c1-808f-5476c3062927
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0 1; mode=block

OPTIONS
H3 200 seen
leadbooster-chat.pipedrive.com/api/v1/statistics/ Frame 0
0 73ms
72ms Preflight 104.18.189.228

General

Check archive.org

Show headers Download Go to

Full URL

https://leadbooster-chat.pipedrive.com/api/v1/statistics/seen

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.189.228 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,leadbooster-chat-company-id,x-public-token
Access-Control-Request-Method: POST
Origin: https://138.68.180.92
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,leadbooster-chat-company-id,x-public-token
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
access-control-allow-origin: https://138.68.180.92
allow: GET, POST, PUT, DELETE, PATCH
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e2553ab88ea60fb-LHR
content-length: 0
date: Thu, 14 Nov 2024 07:35:47 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 201 seen Show response
leadbooster-chat.pipedrive.com/api/v1/statistics/ Frame 1656 26 B
967 B 86ms
84ms Fetch
application/json 104.18.189.228

General

Check archive.org

Show headers Download Go to

Full URL

https://leadbooster-chat.pipedrive.com/api/v1/statistics/seen

Requested by

Host: leadbooster-chat.pipedrive.com
URL: https://leadbooster-chat.pipedrive.com/assets/main.js?version=a9522a5_11820056070

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.189.228 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

068111877fa6aa20ae61a6d184bc4b1f7081555e83df944cce03c4fdb2830fbc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0, 1; mode=block

Request headers

Referer
x-public-token: chatbot-d72fa87e-e2bf-4ed5-a82c-0c973e391f5c
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Leadbooster-Chat-Company-Id: 7543750

Response headers

access-control-expose-headers: X-RateLimit-Remaining, X-RateLimit-Limit, X-RateLimit-Reset
x-correlation-id: 4298fe3e-e5b2-4d30-937f-a6d7e1be900c
cf-cache-status: DYNAMIC
etag: W/"1a-pIPrt4esgEyEkX/w62Rnrj9XXdg"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 07:35:47 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cache-control: no-cache
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: no-referrer
x-download-options: noopen
cf-ray: 8e2553abf95c60fb-LHR
access-control-allow-origin: *
content-length: 26
x-xss-protection: 0, 1; mode=block
badi: Routing: lon-2=>lon-2; Version: 1d6b; Host: 7dbb898c5-q8wm6;
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 /
leadbooster-chat.pipedrive.com/chat-ui/playbooks/d72fa87e-e2bf-4ed5-a82c-0c973e391f5c/images/ Frame 1656 12 KB
13 KB 726ms
726ms Image
image/jpeg 104.18.189.228

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leadbooster-chat.pipedrive.com/chat-ui/playbooks/d72fa87e-e2bf-4ed5-a82c-0c973e391f5c/images/?companyId=7543750&imageUuid=844a031b-5245-448a-b950-0c7efe208d04&imageExtension=jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.189.228 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

1b44c26af06c9c4d81f973d668ded04d83e23c8e1cd80ff905a939067ce41e11

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers: X-RateLimit-Remaining, X-RateLimit-Limit, X-RateLimit-Reset
x-correlation-id: 5e68c9fd-a782-4288-8162-23803637118f
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 07:35:48 GMT
content-type: image/jpeg
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cache-control: max-age:604800, public
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: no-referrer
x-download-options: noopen
cf-ray: 8e2553ab8f9671ae-LHR
access-control-allow-origin: *
content-length: 12674
x-xss-protection: 0, 1; mode=block
badi: Routing: lon-2=>lon-2; Version: 1d6b; Host: 7dbb898c5-q8wm6;
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 OpenSans-Regular.woff2
leadbooster-chat.pipedrive.com/assets/ Frame 1656 19 KB
20 KB 121ms
121ms Font
font/woff2 104.18.189.228

General

Check archive.org

Show headers Download Go to

Full URL

https://leadbooster-chat.pipedrive.com/assets/OpenSans-Regular.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.189.228 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

516c7b2926dbd461e33f19ff05db8587e5990184dba657483d5a569cc099a8ee

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://138.68.180.92
Referer

Response headers

access-control-expose-headers: X-RateLimit-Remaining, X-RateLimit-Limit, X-RateLimit-Reset
x-correlation-id: f7671a90-20b5-44a1-9bf9-45f916db8a91
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 07:35:47 GMT
content-type: font/woff2
last-modified: Wed, 13 Nov 2024 12:28:40 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cache-control: public, max-age=2592000
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
referrer-policy: no-referrer
x-download-options: noopen
cf-ray: 8e2553ab88f360fb-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19392
x-xss-protection: 0, 1; mode=block
origin-agent-cluster: ?1
badi: Routing: lon-2=>lon-2; Version: 1d6b; Host: 7dbb898c5-k9zfj;
server: cloudflare

OPTIONS
H3 200 proactive
leadbooster-chat.pipedrive.com/api/v1/statistics/ Frame 0
0 90ms
90ms Preflight 104.18.189.228

General

Check archive.org

Show headers Download Go to

Full URL

https://leadbooster-chat.pipedrive.com/api/v1/statistics/proactive

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.189.228 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,leadbooster-chat-company-id,x-public-token
Access-Control-Request-Method: POST
Origin: https://138.68.180.92
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,leadbooster-chat-company-id,x-public-token
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
access-control-allow-origin: https://138.68.180.92
allow: GET, POST, PUT, DELETE, PATCH
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e2553ab88f660fb-LHR
content-length: 0
date: Thu, 14 Nov 2024 07:35:47 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 201 proactive Show response
leadbooster-chat.pipedrive.com/api/v1/statistics/ Frame 1656 26 B
970 B 84ms
83ms Fetch
application/json 104.18.189.228

General

Check archive.org

Show headers Download Go to

Full URL

https://leadbooster-chat.pipedrive.com/api/v1/statistics/proactive

Requested by

Host: leadbooster-chat.pipedrive.com
URL: https://leadbooster-chat.pipedrive.com/assets/main.js?version=a9522a5_11820056070

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.189.228 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

068111877fa6aa20ae61a6d184bc4b1f7081555e83df944cce03c4fdb2830fbc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0, 1; mode=block

Request headers

Referer
x-public-token: chatbot-d72fa87e-e2bf-4ed5-a82c-0c973e391f5c
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Leadbooster-Chat-Company-Id: 7543750

Response headers

access-control-expose-headers: X-RateLimit-Remaining, X-RateLimit-Limit, X-RateLimit-Reset
x-correlation-id: 90318d98-55cb-4771-afff-247097160645
cf-cache-status: DYNAMIC
etag: W/"1a-pIPrt4esgEyEkX/w62Rnrj9XXdg"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 07:35:47 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cache-control: no-cache
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: no-referrer
x-download-options: noopen
cf-ray: 8e2553ac297c60fb-LHR
access-control-allow-origin: *
content-length: 26
x-xss-protection: 0, 1; mode=block
badi: Routing: lon-2=>lon-2; Version: 1d6b; Host: 7dbb898c5-q8wm6;
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/58/11a/intl/en_gb/ 267 KB
56 KB 35ms
34ms Script
text/javascript 142.250.186.106

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/58/11a/intl/en_gb/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBSWNb9QbbUAgtqCf3nCRbGTS-wG1SV0KI&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.106 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

9058b3f279d0d7c25a01ecbccc063330fe13e8e1f0ae2b96316acbb2a695a2fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

content-encoding: br
age: 108467
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Thu, 13 Nov 2025 01:28:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 01:28:03 GMT
last-modified: Tue, 29 Oct 2024 22:44:00 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 56908
x-xss-protection: 0
server: sffe

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/58/11a/intl/en_gb/ 191 KB
58 KB 40ms
40ms Script
text/javascript 142.250.186.106

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/58/11a/intl/en_gb/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBSWNb9QbbUAgtqCf3nCRbGTS-wG1SV0KI&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.106 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

357d8e45f1e57d425b70772b9e8d45c28a1284599f5921cce7db057c1e0acbec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://138.68.180.92/

Response headers

content-encoding: br
age: 140625
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options: nosniff
expires: Wed, 12 Nov 2025 16:32:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 Nov 2024 16:32:05 GMT
last-modified: Tue, 29 Oct 2024 22:44:00 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges: bytes
content-length: 59478
x-xss-protection: 0
server: sffe

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: js.hs-scripts.com
URL: https://js.hs-scripts.com/6364002.js

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.calendly.com/	1969-12-31 23:59:59	Name: _cfuvid Value: OH79ToyGlHOvTDdY_a1jPN6dbHQDyRjXY8KOcJtbN4I-1731569745602-0.0.1.1-604800000
138.68.180.92/	1970-01-21 03:09:05	Name: _gcl_au Value: 1.1.268112828.1731569746
138.68.180.92/	1970-01-21 10:35:29	Name: _ga Value: GA1.1.159349648.1731569746
138.68.180.92/	1970-01-21 01:00:56	Name: _gid Value: GA1.1.1208951347.1731569746
138.68.180.92/	1970-01-21 00:59:29	Name: _gat_gtag_UA_143439240_1 Value: 1
138.68.180.92/	1970-01-21 10:35:29	Name: _ga_4SQ4LF65VB Value: GS1.1.1731569746.1.0.1731569746.60.0.0
.doubleclick.net/	1970-01-21 10:21:05	Name: IDE Value: AHWqTUkLuB0Cx49J448fFQl3fA93srfC54r6Fn7ufYeTx1jyFMgPpXW4m55ENgQL
138.68.180.92/	1970-01-21 03:09:05	Name: _fbp Value: fb.3.1731569746660.225714815306809360
.linkedin.com/	1970-01-21 09:45:05	Name: bcookie Value: "v=2&230d16db-1d2a-423c-89cf-fb61bb0f9b6c"
.linkedin.com/	1970-01-21 05:18:41	Name: li_gc Value: MTswOzE3MzE1Njk3NDY7MjswMjHjzwIUKwZIGRh3cbFyUJmiMWoczZjZH/IhPWwbGYksfg==
.linkedin.com/	1970-01-21 01:00:56	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=3401:u=1:x=1:i=1731569746:t=1731656146:v=2:sig=AQFIPYSB5Ps1Rf37D_gkXcLN7JtSqirv"
prism.app-us1.com/	1970-01-21 01:42:41	Name: prism_224516993 Value: 4a260226-8591-42c9-9c7c-723e9baa7137
.pipedrive.com/	1970-01-21 00:59:31	Name: __cf_bm Value: WY6piw2tHZFFJhjJjDLMnXP112_MLJG3stVvwHuutQg-1731569747-1.0.1.1-79MNAJK5Vsx4j4Hlv2JKko3CdXVNkZjgSdufsexsj1jJXRKa6_nBzye5PPWAJKbKb2UQw0h_YMqspv0Jpk3i.A
m.stripe.com/	1970-01-21 10:35:29	Name: m Value: ac5b065d-1f59-4eb2-b439-2d5d4bf419a64ee669

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://138.68.180.92/dota3.tar.gz Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://s7.addthis.com/js/300/addthis_widget.js#pubid=ra-5d0e4d54401a79eb#async=1 Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
recommendation	verbose	URL: https://138.68.180.92/dota3.tar.gz Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
rendering	warning	URL: https://138.68.180.92/dota3.tar.gz Message: [GroupMarkerNotSet(crbug.com/242999)!:A0101D00E4070000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://138.68.180.92/dota3.tar.gz Message: [GroupMarkerNotSet(crbug.com/242999)!:A0E01C00E4070000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.livechatinc.com
assets.calendly.com
cdn.firstpromoter.com
cdn.livechatinc.com
cdnjs.cloudflare.com
checkout.stripe.com
connect.facebook.net
diffuser-cdn.app-us1.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.hs-scripts.com
leadbooster-chat.pipedrive.com
maps.googleapis.com
prism.app-us1.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.stripe.com
region1.analytics.google.com
s7.addthis.com
script.tapfiliate.com
snap.licdn.com
stackpath.bootstrapcdn.com
static.filestackapi.com
stats.g.doubleclick.net
td.doubleclick.net
unpkg.com
v2.clickguardian.app
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.gstatic.com
js.hs-scripts.com
104.17.24.14
104.18.10.207
104.18.189.228
104.75.90.86
13.107.42.14
138.68.180.92
142.250.181.226
142.250.184.232
142.250.185.195
142.250.185.99
142.250.186.106
142.250.186.67
151.101.128.176
151.101.194.133
157.240.251.35
157.240.251.9
172.217.16.202
2001:4860:4802:32::36
216.58.212.132
23.53.43.59
2600:9000:237d:dc00:1e:b6b6:9ac0:93a1
2606:4700:4400::ac40:9251
2606:4700::6811:1fae
2606:4700::6811:f9cb
2606:4700::6812:80d8
2606:4700::6812:bce4
2620:1ec:21::14
2a00:1450:4001:80b::2002
2a00:1450:4001:812::200a
2a00:1450:4001:829::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2008
2a00:1450:400c:c06::9a
2a02:26f0:3500:10::210:a99
2a03:b0c0:1:e0::2c8:7001
54.187.119.242
54.230.228.28
65.9.66.16
068111877fa6aa20ae61a6d184bc4b1f7081555e83df944cce03c4fdb2830fbc
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0aaa4cf927b0e3631cffbe62f6786810aa65348483cd950e49f634a0881b16b4
176d3cc5acf97cbf61f221ac467577b10fdd75567a7c98f05f47743bf76c5970
1870b7c456eb7af4346917168392449543a7717617c53b4c3ae03be1c5803d3c
18c6f9fae85d6c3ce7c19f694a86603df2cadb3807e52b4db404e0cbe83a4170
1b44c26af06c9c4d81f973d668ded04d83e23c8e1cd80ff905a939067ce41e11
1c9c5272136c7ebb6df65a9f5f7e30afe147971ec8d417412e7e5cbc3c51b77c
1dfa83a1b50579ad4ecf77af193b842488d0c7d9baaed86c82b7bc6ed2b0edc6
2167b50217c2463161465507a5cc12797b1c5b2aae1d3063a2ce1540e5b28ae6
21b824fca03676cd5a939d08ced8499fa6d8a7de0ee10f4da8c229c8a8d95650
26db36707844fa367f47c47b4b614db27a608286fe71d9ff8c3012dbe71c5499
27b44ef48fc6461a9d319828f694302116df37e65a2ac99b9676d68cf884083b
2c49f60dd412f7a0712680dde43424d57eaa64f26e250c17814d7a53800115eb
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
31e49ff119a0ddbe6a2c59628e7a7193a97e20992247dd7ffd818f0ab0a6a205
33c1395b40663c2b0ebfbfd6729617cb93333e7539d07decf54bf8b1337f0510
34e8d4f4b1913602498507ec7ad221545ac4a3710cba485cae0c3775f81977cc
357d8e45f1e57d425b70772b9e8d45c28a1284599f5921cce7db057c1e0acbec
37cd83f5fb8a7197cfb3545388594f601b4aa7575b639710a1d99a1e7f8df8d2
423513005af65219232f09f3ac27369b7ec1738e64598fc74f3535ec8278ddfe
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48776ebc35286a1861f136aff66c03c81bc7a614ba29517ece619dd9d6f56147
4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f
516c7b2926dbd461e33f19ff05db8587e5990184dba657483d5a569cc099a8ee
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
52af8b747c2a7c230e4778dc83436648aa48129a900c8ec14d980cdaf6ceb209
52bd1b3908d6ccb0f8639118d78a40fb242826a56e87f0563105f86df6133aad
5a3535bf9c68a69732cec8f625abb8a79db09a0466d0793f491a9193710aff92
5dff4ea3d2cfe3a8bd35c4a70ca732db605b9ea1438d63fa5a6c9bee57beb1d2
61bc467a593d20f32dd6656b5b0ea13ec651c5900df97ccf6e95a7d15dc4fd63
65fb32d698f81db6f5404785a68784bf138a02787c400552a3628471c1f2c301
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ea55ea86749ee1fe560fabac6b3effd81b33046fa74dc657e24d41d28110a9f
6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7
6fef4d16009dd3157897c77a8a193e6c6b6d9f28ff7ea85cdc887a3d5dc78cf7
704d4f221b33a4d6a5ee5eb88f7e1607432260727b59bc395a944a396ddac9bb
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7fdc101978dcecc1d6b81431a79491cfd1ed4a7c7582bbbf3f5252cb7020a35a
83b2dea489b58a9dcbb77fc883fc74cf5c2fe8cdef74ecabc959f59a54dd1b6f
8a051cd343d7193d5804bd7f29fed0632f5f3e52ea64a7041ab0aa0f3dc41432
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8a3195b22bc399b5e8e5ec8f9f9efe01669a314d20b1016ee65d32baadf079bd
8ceec3ddf22c02afa307c5eddcd239bc17f7938b6fb47c33a7c2122d01b85165
8fdd95ae4f3e6ffb22108c9e0daf1164ae681f3c61da873283c488d997f8b1ad
9058b3f279d0d7c25a01ecbccc063330fe13e8e1f0ae2b96316acbb2a695a2fc
91be5bf99536ef0317a3845a6282f70c8176b52294c433a6d902411ef5047248
93a27ec1146fd276bd0aad6e767f1c069d820b5606cbac8ae3ba69f54608b3b9
95e82d3000d61146095f95d70495499e4025b0be5fa1864e82eb144f059dd864
99ee0d0d184a21926f941bafc1808f3e6465bfd681b2e22ef9465c6840857ded
9a12aa3130137548d71f7e0c6c2ebe34cee37479220a9f28fec66dd7e3815928
9b4ef69043190128f5b7bbdd7fb5b312c3adf115a198a2a02cc37596dc3b185e
a226dd3f668fe50a3af881c710b4fb9f1f5bda4a4b3a58ad243dcf4b427b5ebe
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
a43f4a6446508a64cb40e3134fdf65061193ec05f230fcf783dd86d62c9de3bd
a4b29d1eb8f2dad15b9915f39a913ed02bb12f36474053fffa7f183afb71dd8a
a68c0f6f8c3c9092486e0c8d3560c82b816dd51e42ca68bba9ddf30f06b40cd8
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd3e93477d8e243fc4e3512a95e57833027194c525f90305efcf7add4885ea9
ae3ce17d36d32a00d80a6dc45e36f595c5c942039e449fb1b9c284c912005abc
af0209395bfd26c60e5a960470f0e5f50732f136c06ece0f17f7abf026ca0973
b6ad97402eddb903e7a5d7a73ee47a679204efbdda4521a391cbad9df509b932
b8dbfba93def9e0fbd78b8015493daa7e834469e9a2d231dd0a8ba8fb51a9922
b969ab0dee9fa9bad0e4ad58246ff9a85c2f73a36377b2a5fda4e07895e68799
bd49024ca65f46df8a20fc625c35498b1d8f2de66acc6a7e2020e559f57d54f4
c49e6c18ff132b6071846b42440de77720c666a49f51058d847f6e5f5a49985e
c4be827d1d6d1a6180cd57cdbc39833a9084575d5c9d292fc2b395a77454831b
c630aa0b5599b658486ab0b7af79e01cea0845409e65da7bb8696e2699944552
c809a67e53940442754061d8dfdc6afbf42cda57a29a0d1390b1956d3ab26130
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb368b8f207b2c6f042e5b7b9ff88ffcb299035fece18c2f2a5ef04bd10eac69
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cef1db766189a35903b34a927afed955b46ea9eff2cbd2eb08a1d7539e65b89b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d20205b4285d5bb945d8bbe1f35340d7c15cc15277fc89c17d86fdb6c8179dba
dcdf62f54440f8c224dcdfb6453c53106600c573d3cb5e4c0ba0d1cafcda3edc
ddf4a721040f8bbf2a8364342b6f0d2c8f747122108ce7f71ff27a5835fe1aae
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1e00b8922063f30abea75ef026a36c9ce92752992dd1583af0342a6f460b186
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43acd851ecab7af83dc0e2d72eb34bfecf8016239bdcb9f89da6c817ed35531
ed0ab619af3874d3adc72aef6321160bd39e547ee12ddf5a59054809c288bc73
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063
f204a36fa9d74e307330a5cb19f5c180efdbb85aec1e5774dcb887f5a8462be2
f4fb79f65150c8f5d0d9ff24d13160dca998959e970adaad2279cd915fc4b934
f637fb2c8c92787b9df28efbc50f590a3876195c593e8aed7b2cd56456a53ea2
f8e5f5ce9ff44073cff24bcd3d2b8aa4e67b67891b14ff929fe4743880fdf82e

138.68.180.92 Open in urlscan Pro 138.68.180.92 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

113 Requests

67 %HTTPS

42 %IPv6

25 Domains

34 Subdomains

39 IPs

5 Countries

2658 kBTransfer

9677 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

113 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

138.68.180.92 Open in urlscan Pro
138.68.180.92 Public Scan

Screenshot
Live screenshot

Full Image

113
Requests

67 %
HTTPS

42 %
IPv6

25
Domains

34
Subdomains

39
IPs

5
Countries

2658 kB
Transfer

9677 kB
Size

14
Cookies

113 HTTP transactions
0 data transactions