oodrampi.com Open in urlscan Pro
139.45.197.239 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kuchawi.com/wp-content/uploads/2022/07/tekla_structures_191_64_bitfullrar.pdf
Effective URL:
https://oodrampi.com/4/6801597
Submission: On May 03 via api (May 3rd 2024, 10:35:20 pm UTC) from US — Scanned from FR

Summary HTTP 43 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 9 domains to perform 43 HTTP transactions. The main IP is 139.45.197.239, located in United Kingdom and belongs to RETN-AS, GB. The main domain is oodrampi.com.
TLS certificate: Issued by R3 on April 22nd 2024. Valid for: 3 months.

This is the only time oodrampi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2a02:4780:b:1... 2a02:4780:b:1104:0:2311:54fd:7	47583 (AS-HOSTINGER) (AS-HOSTINGER)
3	139.45.197.250 139.45.197.250	9002 (RETN-AS) (RETN-AS)
9	139.45.197.251 139.45.197.251	9002 (RETN-AS) (RETN-AS)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
6	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	149.100.151.88 149.100.151.88	47583 (AS-HOSTINGER) (AS-HOSTINGER)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
6	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
43	13

7 2a02:4780:b:1104:0:2311:54fd:7 (Phoenix, United States)

ASN47583 (AS-HOSTINGER, CY)

kuchawi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)

beevakum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)

jouteetu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ea1211de2941639832da1399411dff8f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.100.151.88 (La Courneuve, France)

ASN47583 (AS-HOSTINGER, CY)

kuchawi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

oodrampi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 ea1211de2941639832da1399411dff8f.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 164	209 KB
9	jouteetu.net jouteetu.net — Cisco Umbrella Rank: 30080
8	kuchawi.com kuchawi.com	73 KB
6	oodrampi.com oodrampi.com	15 KB
3	beevakum.net beevakum.net — Cisco Umbrella Rank: 317502	16 KB
2	gstatic.com fonts.gstatic.com	64 KB
2	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205	170 KB
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11492	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	1004 B
43	9

	Domain	Requested by
9	jouteetu.net	beevakum.net
8	kuchawi.com	beevakum.net kuchawi.com
6	oodrampi.com	kuchawi.com oodrampi.com
6	pagead2.googlesyndication.com	kuchawi.com pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	beevakum.net	kuchawi.com beevakum.net
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	securepubads.g.doubleclick.net	kuchawi.com securepubads.g.doubleclick.net
2	my.rtmark.net	beevakum.net oodrampi.com
1	ea1211de2941639832da1399411dff8f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	fonts.googleapis.com	kuchawi.com
43	11

This site contains no links.

Subject Issuer	Validity	Valid
kuchawi.com R3	`2024-03-21` - `2024-06-19`	3 months	crt.sh
beevakum.net R3	`2024-03-13` - `2024-06-11`	3 months	crt.sh
jouteetu.net R3	`2024-03-13` - `2024-06-11`	3 months	crt.sh
rtmark.net R3	`2024-03-02` - `2024-05-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
oodrampi.com R3	`2024-04-22` - `2024-07-21`	3 months	crt.sh

This page contains 5 frames:

Frame: https://oodrampi.com/?z=6801597&syncedCookie=true&rhd=false
Frame ID: 9ACC6B63532FB22F63564734617B45C7
Requests: 39 HTTP requests in this frame

Frame: https://ea1211de2941639832da1399411dff8f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8E45A247F9F48116EF8DA2ADB73D94B6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240501/r20110914/zrt_lookup_fy2021.html
Frame ID: 97490E0AF7C997B3490C8556D7743997
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7075811216414248&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1714775715&plat=8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C236x1080_r&format=0x0&url=https%3A%2F%2Fkuchawi.com%2Fwp-content%2Fuploads%2F2022%2F07%2Ftekla_structures_191_64_bitfullrar.pdf&pra=5&wgl=1&easpi=0&aihb=0&asro=0&saifgks=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMTE4IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4xMTgiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjExOCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714775715445&bpp=3&bdt=334&idt=205&shv=r20240501&mjsv=m202404300101&ptt=9&saldr=aa&abxe=1&eo_id_str=ID%3D8358250833a80050%3AT%3D1714775715%3ART%3D1714775715%3AS%3DAA-AfjbWFx6upI_3zOTzCzWKHY90&nras=1&correlator=6341238774474&frm=20&pv=2&ga_vid=1373351795.1714775716&ga_sid=1714775716&ga_hid=292901320&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95331286%2C31082702%2C95329718%2C95329831%2C95331982%2C31083289%2C95331043&oid=2&pvsid=237548316341910&tmod=1112343124&uas=0&nvt=1&fsapi=1&fc=1920&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=222
Frame ID: A1AA9F7AFE70121D186B2DE67D15ADD1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C843C2AF1A2FC5A9CAACEF4622AE2486
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Redirect

Page URL History Show full URLs

http://kuchawi.com/wp-content/uploads/2022/07/tekla_structures_191_64_bitfullrar.pdf HTTP 307
https://kuchawi.com/wp-content/uploads/2022/07/tekla_structures_191_64_bitfullrar.pdf Page URL
https://oodrampi.com/4/6801597 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

43
Requests

98 %
HTTPS

42 %
IPv6

9
Domains

11
Subdomains

13
IPs

4
Countries

549 kB
Transfer

1557 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kuchawi.com/wp-content/uploads/2022/07/tekla_structures_191_64_bitfullrar.pdf HTTP 307
https://kuchawi.com/wp-content/uploads/2022/07/tekla_structures_191_64_bitfullrar.pdf Page URL
https://oodrampi.com/4/6801597 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://kuchawi.com/wp-content/uploads/2022/07/tekla_structures_191_64_bitfullrar.pdf HTTP 307
https://kuchawi.com/wp-content/uploads/2022/07/tekla_structures_191_64_bitfullrar.pdf

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

tekla_structures_191_64_bitfullrar.pdf Show response
kuchawi.com/wp-content/uploads/2022/07/
Redirect Chain

http://kuchawi.com/wp-content/uploads/2022/07/tekla_structures_191_64_bitfullrar.pdf
https://kuchawi.com/wp-content/uploads/2022/07/tekla_structures_191_64_bitfullrar.pdf

106 KB
43 KB

669ms
282ms

Document
text/html

2a02:4780:b:1104:0:2311:54fd:7
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://kuchawi.com/wp-content/uploads/2022/07/tekla_structures_191_64_bitfullrar.pdf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1104:0:2311:54fd:7 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/8.0.30

Resource Hash

0327f3ef13f39681772a7e67f4a97516c7ddf6b76ed717c759600b2ef8d0ed0e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Fri, 03 May 2024 22:35:15 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://kuchawi.com/wp-json/>; rel="https://api.w.org/"
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding
x-litespeed-cache: miss
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: 90a_HTTP.404,90a_PGSRP,90a_404,90a_URL.d16a97f47c2615c7f27bb95f5d3b0b6f,90a_
x-powered-by: PHP/8.0.30

Redirect headers

Location: https://kuchawi.com/wp-content/uploads/2022/07/tekla_structures_191_64_bitfullrar.pdf
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 micro.tag.min.js Show response
beevakum.net/pfe/current/ 36 KB
15 KB 77ms
21ms Script
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=6911916&sw=/sw-check-permissions-69972.js&nouns=1
Requested by: Host: kuchawi.com
URL: https://kuchawi.com/wp-content/uploads/2022/07/tekla_structures_191_64_bitfullrar.pdf
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://kuchawi.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 03 May 2024 22:35:15 GMT
content-encoding: gzip
last-modified: Thu, 25 Apr 2024 10:48:52 GMT
server: nginx
etag: W/"662a3514-9116"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

POST
H2 200 custom
jouteetu.net/ 0
0 108ms
50ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=6911916&sw=/sw-check-permissions-69972.js&nouns=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://kuchawi.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 sw-check-permissions-69972.js
kuchawi.com/ 0
392 B 216ms
215ms Other
application/x-javascript 2a02:4780:b:1104:0:2311:54fd:7
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://kuchawi.com/sw-check-permissions-69972.js?zoneId=6911916

Requested by

Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=6911916&sw=/sw-check-permissions-69972.js&nouns=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1104:0:2311:54fd:7 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://kuchawi.com/wp-content/uploads/2022/07/tekla_structures_191_64_bitfullrar.pdf
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 22:35:15 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 15 Jan 2024 17:17:42 GMT
server: LiteSpeed
etag: "236-65a568b6-dfa03a2e249e2912;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 243
expires: Fri, 10 May 2024 22:35:15 GMT

POST
H2 200 custom
jouteetu.net/ 0
0 84ms
29ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=6911916&sw=/sw-check-permissions-69972.js&nouns=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://kuchawi.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 zone
beevakum.net/ 0
365 B 32ms
29ms Ping
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://beevakum.net/zone?&pub=0&zone_id=6911916&is_mobile=false&domain=kuchawi.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=7d6fc17e-4047-4a92-998e-3cd6c1608bff&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjQifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjQifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjQuMC42MzY3LjExOCJ9LHsiYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyNC4wLjYzNjcuMTE4In0seyJicmFuZCI6Ik5vdC1BLkJyYW5kIiwidmVyc2lvbiI6Ijk5LjAuMC4wIn1dLCJtb2JpbGUiOmZhbHNlLCJtb2RlbCI6IiIsInBsYXRmb3JtIjoiV2luMzIiLCJwbGF0Zm9ybVZlcnNpb24iOiIxMC4wLjAiLCJ3b3c2NCI6ZmFsc2V9

Requested by

Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=6911916&sw=/sw-check-permissions-69972.js&nouns=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://kuchawi.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-trace-id: 39edc5ac1a26c79773f498d6e83d11e9
date: Fri, 03 May 2024 22:35:15 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://kuchawi.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0

POST
H2 200 custom
jouteetu.net/ 0
0 84ms
30ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=6911916&sw=/sw-check-permissions-69972.js&nouns=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://kuchawi.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 105ms
51ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=6911916&sw=/sw-check-permissions-69972.js&nouns=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://kuchawi.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
541 B 87ms
23ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=6911916&checkDuplicate=true&ymid=&var=&source=pusher

Requested by

Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=6911916&sw=/sw-check-permissions-69972.js&nouns=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

3c174ce588b90d7ee3c9a452311c33cf6ab2ce73bea15dc83b7a1ff4dfc7bf2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://kuchawi.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 22:35:15 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://kuchawi.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST
H2 200 custom
jouteetu.net/ 0
0 106ms
52ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=6911916&sw=/sw-check-permissions-69972.js&nouns=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://kuchawi.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 86ms
49ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=6911916&sw=/sw-check-permissions-69972.js&nouns=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://kuchawi.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 zone Show response
beevakum.net/ 802 B
1 KB 76ms
30ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://beevakum.net/zone?&pub=0&zone_id=6911916&is_mobile=false&domain=kuchawi.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=7d6fc17e-4047-4a92-998e-3cd6c1608bff&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjQifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjQifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjQuMC42MzY3LjExOCJ9LHsiYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyNC4wLjYzNjcuMTE4In0seyJicmFuZCI6Ik5vdC1BLkJyYW5kIiwidmVyc2lvbiI6Ijk5LjAuMC4wIn1dLCJtb2JpbGUiOmZhbHNlLCJtb2RlbCI6IiIsInBsYXRmb3JtIjoiV2luMzIiLCJwbGF0Zm9ybVZlcnNpb24iOiIxMC4wLjAiLCJ3b3c2NCI6ZmFsc2V9

Requested by

Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=6911916&sw=/sw-check-permissions-69972.js&nouns=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

402ea760d83b31070fad94b61281f329e9fee82f88e55f7bc54533a7b2d8e9db

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://kuchawi.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-trace-id: a5c38b161ac0ba9d669ca8a495bd1f13
date: Fri, 03 May 2024 22:35:15 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type: application/json; charset=utf-8
access-control-allow-origin: https://kuchawi.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 802

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 121ms
52ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7075811216414248

Requested by

Host: kuchawi.com
URL: https://kuchawi.com/wp-content/uploads/2022/07/tekla_structures_191_64_bitfullrar.pdf

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

247003ebfcf20855f0e7a6f9535ced05e1d01b05fd764f6092c127790b04d0ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://kuchawi.com/
Origin: https://kuchawi.com
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 22:35:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51530
x-xss-protection: 0
server: cafe
etag: 12405218361455583231
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 03 May 2024 22:35:15 GMT

GET
H2 200 style.min.css
kuchawi.com/wp-includes/css/dist/block-library/ 111 KB
14 KB 173ms
173ms Stylesheet
text/css 2a02:4780:b:1104:0:2311:54fd:7
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://kuchawi.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2

Requested by

Host: kuchawi.com
URL: https://kuchawi.com/wp-content/uploads/2022/07/tekla_structures_191_64_bitfullrar.pdf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1104:0:2311:54fd:7 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://kuchawi.com/wp-content/uploads/2022/07/tekla_structures_191_64_bitfullrar.pdf
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 22:35:15 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 28 Apr 2024 01:08:13 GMT
server: LiteSpeed
etag: "1bae5-662da17d-c22355c22012f915;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 13792
expires: Fri, 10 May 2024 22:35:15 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1004 B 103ms
34ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu%3A400%2C700&subset=latin%2Clatin-ext

Requested by

Host: kuchawi.com
URL: https://kuchawi.com/wp-content/uploads/2022/07/tekla_structures_191_64_bitfullrar.pdf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b161bff030bb7d9d7128fd5902566ab087e590bc341fa81ff07205ae6d31b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://kuchawi.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 May 2024 22:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 May 2024 20:58:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 May 2024 22:35:15 GMT

GET
H2 200 style.css
kuchawi.com/wp-content/themes/iconic-one/ 39 KB
9 KB 180ms
179ms Stylesheet
text/css 2a02:4780:b:1104:0:2311:54fd:7
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://kuchawi.com/wp-content/themes/iconic-one/style.css?ver=2.4

Requested by

Host: kuchawi.com
URL: https://kuchawi.com/wp-content/uploads/2022/07/tekla_structures_191_64_bitfullrar.pdf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1104:0:2311:54fd:7 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

93dca70cd508572b315e1b5df37691ef1b77c91e49a881cc0c5478bc0983cc42

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://kuchawi.com/wp-content/uploads/2022/07/tekla_structures_191_64_bitfullrar.pdf
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 22:35:15 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 26 Jul 2023 04:23:56 GMT
server: LiteSpeed
etag: "9d9c-64c09fdc-a90dafc29c31b648;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 9018
expires: Fri, 10 May 2024 22:35:15 GMT

GET
H2 200 custom.css
kuchawi.com/wp-content/themes/iconic-one/ 69 B
128 B 181ms
180ms Stylesheet
text/css 2a02:4780:b:1104:0:2311:54fd:7
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://kuchawi.com/wp-content/themes/iconic-one/custom.css?ver=6.5.2

Requested by

Host: kuchawi.com
URL: https://kuchawi.com/wp-content/uploads/2022/07/tekla_structures_191_64_bitfullrar.pdf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1104:0:2311:54fd:7 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

14b9bdc15584540d4e072ff690279f5bc8b15df337b227115bb12af5acb2c704

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://kuchawi.com/wp-content/uploads/2022/07/tekla_structures_191_64_bitfullrar.pdf
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 22:35:15 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 26 Jul 2023 04:23:56 GMT
server: LiteSpeed
etag: "45-64c09fdc-5475e5ffef032e4;;;"
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 69
expires: Fri, 10 May 2024 22:35:15 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 94 KB
29 KB 109ms
41ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: kuchawi.com
URL: https://kuchawi.com/wp-content/uploads/2022/07/tekla_structures_191_64_bitfullrar.pdf

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

7d27de7f8d70078009c952cae3977cab8571236ff2b7fc77f93df3452f82fe28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://kuchawi.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 22:35:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30112
x-xss-protection: 0
server: cafe
etag: 87 / 19846 / m202404300101 / config-hash: 9515076314516486235
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 03 May 2024 22:35:15 GMT

GET
H2 200 selectnav.js Show response
kuchawi.com/wp-content/themes/iconic-one/js/ 4 KB
1 KB 178ms
178ms Script
application/x-javascript 2a02:4780:b:1104:0:2311:54fd:7
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://kuchawi.com/wp-content/themes/iconic-one/js/selectnav.js?ver=1.0

Requested by

Host: kuchawi.com
URL: https://kuchawi.com/wp-content/uploads/2022/07/tekla_structures_191_64_bitfullrar.pdf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1104:0:2311:54fd:7 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

fa74e2efe166bec2fe4d9a036c2de5bab6837a4d6da7c56bf41cc8697edb9d3d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://kuchawi.com/wp-content/uploads/2022/07/tekla_structures_191_64_bitfullrar.pdf
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 22:35:15 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 26 Jul 2023 04:23:56 GMT
server: LiteSpeed
etag: "1063-64c09fdc-55669941e67bddea;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1383
expires: Fri, 10 May 2024 22:35:15 GMT

GET
BLOB 200
OK e6ce00b5-b1fc-497d-aa47-0cd998c6eb76
https://kuchawi.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://kuchawi.com/e6ce00b5-b1fc-497d-aa47-0cd998c6eb76
Requested by: Host: kuchawi.com
URL: https://kuchawi.com/wp-content/uploads/2022/07/tekla_structures_191_64_bitfullrar.pdf
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

POST
H2 200 custom
jouteetu.net/ 0
0 22ms
22ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=6911916&sw=/sw-check-permissions-69972.js&nouns=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://kuchawi.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 22ms
21ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=6911916&sw=/sw-check-permissions-69972.js&nouns=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://kuchawi.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404300101/ 452 KB
141 KB 28ms
28ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404300101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

d984ca6d8941a42d14d72840922ab456749ffe0fbfc734cd583b8a0b095386fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://kuchawi.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 10:55:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41976
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 144216
x-xss-protection: 0
server: cafe
etag: 9149044719003253135
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 03 May 2025 10:55:39 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404300101/ 411 KB
139 KB 130ms
63ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7075811216414248&plah=kuchawi.com&aplac=true&bust=31083289

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7075811216414248

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

d6ef7af188aefea18c7cc36e3f2d31a3281a4c0860d4d57d251aeca7411073c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://kuchawi.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 22:35:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142485
x-xss-protection: 0
server: cafe
etag: 15233887116492123746
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 03 May 2024 22:35:15 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 34 KB
34 KB 114ms
54ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu%3A400%2C700&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://kuchawi.com
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:39:36 GMT
x-content-type-options: nosniff
age: 10539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 May 2025 19:39:36 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 29 KB
30 KB 87ms
27ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu%3A400%2C700&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://kuchawi.com
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 10:11:44 GMT
x-content-type-options: nosniff
age: 563011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Apr 2025 10:11:44 GMT

GET
H2 200 wp-emoji-release.min.js Show response
kuchawi.com/wp-includes/js/ 18 KB
5 KB 173ms
171ms Script
application/x-javascript 2a02:4780:b:1104:0:2311:54fd:7
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://kuchawi.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2

Requested by

Host: kuchawi.com
URL: https://kuchawi.com/wp-content/uploads/2022/07/tekla_structures_191_64_bitfullrar.pdf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1104:0:2311:54fd:7 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://kuchawi.com/wp-content/uploads/2022/07/tekla_structures_191_64_bitfullrar.pdf
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 22:35:15 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sun, 28 Apr 2024 01:08:13 GMT
server: LiteSpeed
etag: "4926-662da17d-3844c798fdb0f37c;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 4619
expires: Fri, 10 May 2024 22:35:15 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 513 B
243 B 56ms
56ms Fetch
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=237548316341910&correlator=3354725699639297&eid=31082700%2C31082904&output=ldjh&gdfp_req=1&vrg=202404300101&ptt=17&impl=fif&ltd_cs=1&iu_parts=22966191220%2C300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=2&sfv=1-0-40&sc=1&abxe=1&dt=1714775715528&lmt=1714775715&adxs=1000&adys=950&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMTE4IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4xMTgiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjExOCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fkuchawi.com%2Fwp-content%2Fuploads%2F2022%2F07%2Ftekla_structures_191_64_bitfullrar.pdf&vis=1&psz=297x600&msz=300x600&fws=4&ohw=1600&ga_vid=1373351795.1714775716&ga_sid=1714775716&ga_hid=292901320&ga_fc=false&dlt=1714775715112&idt=398&adks=1221562509&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

bf3689ff2895dc1e78f92f0870816a89f84b35b516b30de139483a9f29d0ff6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://kuchawi.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 22:35:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 214
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kuchawi.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
ea1211de2941639832da1399411dff8f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8E45 0
0 106ms
32ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ea1211de2941639832da1399411dff8f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://kuchawi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 May 2024 22:35:15 GMT
expires: Sat, 03 May 2025 22:35:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240501/r20110914/ Frame 9749 0
0 87ms
31ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240501/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7075811216414248&plah=kuchawi.com&aplac=true&bust=31083289

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://kuchawi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 14519
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 May 2024 18:33:16 GMT
etag: 5035419970550746386
expires: Fri, 17 May 2024 18:33:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame A1AA 0
0 230ms
182ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7075811216414248&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1714775715&plat=8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1080_l%7C236x1080_r&format=0x0&url=https%3A%2F%2Fkuchawi.com%2Fwp-content%2Fuploads%2F2022%2F07%2Ftekla_structures_191_64_bitfullrar.pdf&pra=5&wgl=1&easpi=0&aihb=0&asro=0&saifgks=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMTE4IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4xMTgiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjExOCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1714775715445&bpp=3&bdt=334&idt=205&shv=r20240501&mjsv=m202404300101&ptt=9&saldr=aa&abxe=1&eo_id_str=ID%3D8358250833a80050%3AT%3D1714775715%3ART%3D1714775715%3AS%3DAA-AfjbWFx6upI_3zOTzCzWKHY90&nras=1&correlator=6341238774474&frm=20&pv=2&ga_vid=1373351795.1714775716&ga_sid=1714775716&ga_hid=292901320&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95331286%2C31082702%2C95329718%2C95329831%2C95331982%2C31083289%2C95331043&oid=2&pvsid=237548316341910&tmod=1112343124&uas=0&nvt=1&fsapi=1&fc=1920&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=222

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://kuchawi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 May 2024 22:35:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 43ms
40ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202404300101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404300101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

5627139965ec275c3b2cfca6303111f3905f739b0b7ba419e6c47802bae1d46b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://kuchawi.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 22:35:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12400
x-xss-protection: 0

GET
H3 404 favicon.ico
kuchawi.com/ 2 KB
1 KB 194ms
193ms Other
text/html 149.100.151.88
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://kuchawi.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

149.100.151.88 La Courneuve, France, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://kuchawi.com/wp-content/uploads/2022/07/tekla_structures_191_64_bitfullrar.pdf
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 22:35:16 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Mon, 15 May 2023 14:25:02 GMT
server: LiteSpeed
etag: "999-646240be-f66a45876a54b9b3;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 912

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 194ms
47ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404300101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://kuchawi.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 22:35:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 03 May 2024 22:35:16 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C843 0
0 85ms
26ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://kuchawi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 46902
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 03 May 2024 09:33:34 GMT
expires: Sat, 03 May 2025 09:33:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 custom
jouteetu.net/ 0
0 21ms
21ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: beevakum.net
URL: https://beevakum.net/pfe/current/micro.tag.min.js?z=6911916&sw=/sw-check-permissions-69972.js&nouns=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://kuchawi.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 Primary Request 6801597 Show response
oodrampi.com/4/ 33 KB
14 KB 99ms
46ms Document
text/html 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oodrampi.com/4/6801597

Requested by

Host: kuchawi.com
URL: https://kuchawi.com/wp-content/uploads/2022/07/tekla_structures_191_64_bitfullrar.pdf

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

0c26250aff742cc186f285bb9edbce422a95cc8ebc6d49945448012c1bcc44df

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer: https://kuchawi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Fri, 03 May 2024 22:35:16 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: a5a82a9f1aa1a5ab167aaed3f02929fb

POST
H2 200 sftouch
oodrampi.com/ 2 B
602 B 33ms
33ms Ping
text/plain 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oodrampi.com/sftouch?userId=0080511a6fb54307e8347e4d85e5b1d1&z=6801597&p_rid=9eda2f91-58af-4d1c-8026-1b67b5e3af97&p_src=sf&branchId=0&rb=Ee_aD1pYjGnX5tjTJalG4u0lLcP87o2hRX3XNN6lL-4O85re5i3kmPM4TQQV1lm0otwzZepOItfaqfHLJvTNAR5V2zqXrg5Vy0lqO6EgPFLa71ww4ksL5Sp4j115shhPZVXFghIWAtsEw4ljkMtCHaJZ_raVeIpoWZK6mQXtJBwSPmDtghqYER2yAahdobmR7ZU-Ba6pMdVdmitJJP9znFI-EikDZ7L_3Ix9ulQV9B6M3cUmGLJCLrV7ZTeITIGrNIPzBTpGdqG_XjFwHpf4_Hki31U1MFXnZURR0VrW8xOjWdK7Yfe-bN-C0xFmZ5XWEm0wMw==

Requested by

Host: oodrampi.com
URL: https://oodrampi.com/4/6801597

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "124.0.6367.118"
Referer: https://oodrampi.com/4/6801597
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 22:35:16 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-length: 2
x-trace-id: 790898885e5bf41ff01dc013902ca4e4
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: https://oodrampi.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 img.gif
my.rtmark.net/ 43 B
491 B 69ms
23ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=0080511a6fb54307e8347e4d85e5b1d1&z=6801597&p_rid=9eda2f91-58af-4d1c-8026-1b67b5e3af97&p_src=sf

Requested by

Host: oodrampi.com
URL: https://oodrampi.com/4/6801597

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://oodrampi.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 22:35:16 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

POST
H2 200 add Show response
oodrampi.com/log/ 12 B
382 B 28ms
28ms XHR
application/json 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oodrampi.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=9eda2f91-58af-4d1c-8026-1b67b5e3af97

Requested by

Host: oodrampi.com
URL: https://oodrampi.com/4/6801597

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "124.0.6367.118"
Content-Type: text/plain;charset=UTF-8
Referer: https://oodrampi.com/4/6801597
sec-ch-ua-full-version-list: "Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 22:35:16 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://oodrampi.com
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
content-length: 12

GET
H2 204 favicon.ico
oodrampi.com/ 0
150 B 22ms
22ms Other
text/plain 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oodrampi.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "124.0.6367.118"
Referer: https://oodrampi.com/4/6801597
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Fri, 03 May 2024 22:35:16 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
server: nginx
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 204 /
oodrampi.com/ 0
0 26ms
26ms Document
text/plain 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oodrampi.com/?z=6801597&syncedCookie=true&rhd=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Content-Type: application/x-www-form-urlencoded
Origin: https://oodrampi.com
Referer: https://oodrampi.com/afu.php?zoneid=6801597&var=6801597&rid=BPTR34PbLD67mf1dYD5JaA%3D%3D&rhd=false&ab2r=0&sf=1&os=win32&os_version=10.0.0&is_mobile=false&browser_version=124.0.6367.118
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-arch: "x86"
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version: "124.0.6367.118"
sec-ch-ua-full-version-list: "Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-mobile: ?0
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://oodrampi.com
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
date: Fri, 03 May 2024 22:35:16 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff

GET
H2 204 favicon.ico
oodrampi.com/ 0
0 3ms
3ms Other
text/plain 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oodrampi.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "124.0.6367.118"
Referer: https://oodrampi.com/afu.php?zoneid=6801597&var=6801597&rid=BPTR34PbLD67mf1dYD5JaA%3D%3D&rhd=false&ab2r=0&sf=1&os=win32&os_version=10.0.0&is_mobile=false&browser_version=124.0.6367.118
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Fri, 03 May 2024 22:35:16 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
server: nginx
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __ds3dcV__

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
my.rtmark.net/	1970-01-21 05:05:11	Name: ID Value: 018051547f874c94efb72407efee156f
.kuchawi.com/	1970-01-21 00:38:47	Name: __eoi Value: ID=8358250833a80050:T=1714775715:RT=1714775715:S=AA-AfjbWFx6upI_3zOTzCzWKHY90
oodrampi.com/	1970-01-21 05:05:11	Name: OAID Value: 0080511a6fb54307e8347e4d85e5b1d1
oodrampi.com/	1970-01-21 05:05:11	Name: oaidts Value: 1714775716

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://kuchawi.com/wp-content/uploads/2022/07/tekla_structures_191_64_bitfullrar.pdf Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://kuchawi.com/wp-content/uploads/2022/07/tekla_structures_191_64_bitfullrar.pdf Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://kuchawi.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://oodrampi.com/4/6801597 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://oodrampi.com/4/6801597 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beevakum.net
ea1211de2941639832da1399411dff8f.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
jouteetu.net
kuchawi.com
my.rtmark.net
oodrampi.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
139.45.195.8
139.45.197.239
139.45.197.250
139.45.197.251
142.250.185.130
142.250.186.98
149.100.151.88
2a00:1450:4001:811::2001
2a00:1450:4001:812::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:830::2001
2a02:4780:b:1104:0:2311:54fd:7
0327f3ef13f39681772a7e67f4a97516c7ddf6b76ed717c759600b2ef8d0ed0e
0b161bff030bb7d9d7128fd5902566ab087e590bc341fa81ff07205ae6d31b21
0c26250aff742cc186f285bb9edbce422a95cc8ebc6d49945448012c1bcc44df
14b9bdc15584540d4e072ff690279f5bc8b15df337b227115bb12af5acb2c704
247003ebfcf20855f0e7a6f9535ced05e1d01b05fd764f6092c127790b04d0ae
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3c174ce588b90d7ee3c9a452311c33cf6ab2ce73bea15dc83b7a1ff4dfc7bf2c
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e
402ea760d83b31070fad94b61281f329e9fee82f88e55f7bc54533a7b2d8e9db
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5627139965ec275c3b2cfca6303111f3905f739b0b7ba419e6c47802bae1d46b
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7d27de7f8d70078009c952cae3977cab8571236ff2b7fc77f93df3452f82fe28
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
93dca70cd508572b315e1b5df37691ef1b77c91e49a881cc0c5478bc0983cc42
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de
bf3689ff2895dc1e78f92f0870816a89f84b35b516b30de139483a9f29d0ff6e
d6ef7af188aefea18c7cc36e3f2d31a3281a4c0860d4d57d251aeca7411073c4
d984ca6d8941a42d14d72840922ab456749ffe0fbfc734cd583b8a0b095386fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa74e2efe166bec2fe4d9a036c2de5bab6837a4d6da7c56bf41cc8697edb9d3d
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

oodrampi.com Open in urlscan Pro 139.45.197.239 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

98 %HTTPS

42 %IPv6

9 Domains

11 Subdomains

13 IPs

4 Countries

549 kBTransfer

1557 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

oodrampi.com Open in urlscan Pro
139.45.197.239 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

98 %
HTTPS

42 %
IPv6

9
Domains

11
Subdomains

13
IPs

4
Countries

549 kB
Transfer

1557 kB
Size

4
Cookies

43 HTTP transactions
0 data transactions