hunter505.com Open in urlscan Pro
2606:4700:90:0:b518:199c:8a1f:d33b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hunter505.com/
Effective URL:
https://hunter505.com/
Submission: On February 17 via api (February 17th 2022, 7:39:31 am UTC) from US — Scanned from DE

Summary HTTP 38 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 38 HTTP transactions. The main IP is 2606:4700:90:0:b518:199c:8a1f:d33b, located in United States and belongs to CLOUDFLARENET, US. The main domain is hunter505.com.
TLS certificate: Issued by R3 on February 16th 2022. Valid for: 3 months.

This is the only time hunter505.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	2606:4700:90:... 2606:4700:90:0:b518:199c:8a1f:d33b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6812:13d7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:400e:80f::200a	15169 (GOOGLE) (GOOGLE)
6	2600:9000:224... 2600:9000:224a:b400:7:2081:f100:21	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::282	54113 (FASTLY) (FASTLY)
6	2600:9000:231... 2600:9000:2315:2000:7:56a2:7e40:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3	35.183.219.224 35.183.219.224	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400e:80f::200e	15169 (GOOGLE) (GOOGLE)
38	11

4 2606:4700:90:0:b518:199c:8a1f:d33b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hunter505.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:13d7 (United States)

ASN13335 (CLOUDFLARENET, US)

assets-production.bndzgl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400e:80f::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:224a:b400:7:2081:f100:21 (United States)

ASN16509 (AMAZON-02, US)

d2tqm71z2plwas.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2315:2000:7:56a2:7e40:21 (United States)

ASN16509 (AMAZON-02, US)

d10j3mvrs1suex.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.183.219.224 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-183-219-224.ca-central-1.compute.amazonaws.com

stats.zoogletools.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:80f::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	cloudfront.net d2tqm71z2plwas.cloudfront.net d10j3mvrs1suex.cloudfront.net	3 MB
7	bndzgl.com assets-production.bndzgl.com — Cisco Umbrella Rank: 157549	279 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	3 KB
4	hunter505.com 1 redirects hunter505.com	17 KB
3	zoogletools.net stats.zoogletools.net — Cisco Umbrella Rank: 202550	1 KB
3	gstatic.com fonts.gstatic.com	44 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	36 KB
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1195	580 B
38	9

	Domain	Requested by
7	assets-production.bndzgl.com	hunter505.com assets-production.bndzgl.com
6	d10j3mvrs1suex.cloudfront.net	hunter505.com
6	d2tqm71z2plwas.cloudfront.net	hunter505.com d2tqm71z2plwas.cloudfront.net
5	fonts.googleapis.com	hunter505.com assets-production.bndzgl.com
4	hunter505.com	1 redirects assets-production.bndzgl.com
3	stats.zoogletools.net	hunter505.com stats.zoogletools.net
3	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.googletagmanager.com	hunter505.com
1	polyfill.io	hunter505.com
38	10

This site contains links to these domains. Also see Links.

Domain
instagram.com
facebook.com
open.spotify.com
itunes.apple.com
distrokid.com
bandzoogle.com

Subject Issuer	Validity	Valid
hunter505.com R3	`2022-02-16` - `2022-05-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-02` - `2022-06-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-06-04` - `2022-07-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
stats.zoogletools.net R3	`2021-12-30` - `2022-03-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://hunter505.com/
Frame ID: 0CCA13633CF8A6579325CC6FFC40FA07
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

hunter 505

Page URL History Show full URLs

http://hunter505.com/ HTTP 301
https://hunter505.com/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Page Statistics

38
Requests

97 %
HTTPS

90 %
IPv6

9
Domains

10
Subdomains

11
IPs

4
Countries

3537 kB
Transfer

4625 kB
Size

6
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://instagram.com/iamhunter505

Search URL Search Domain Scan URL

URL: http://facebook.com/iamhunter505

Search URL Search Domain Scan URL

URL: http://open.spotify.com/artist/4ZBjDAODFDakorq3HXaGIy?si=UP55j3duRyaDRvR7TviDuQ

Search URL Search Domain Scan URL

URL: http://itunes.apple.com/us/artist/hunter-505/1455142761

Search URL Search Domain Scan URL

URL: https://distrokid.com/hyperfollow/hunter505/doom
Title: stream now

Search URL Search Domain Scan URL

URL: https://bandzoogle.com/
Title: Powered by Bandzoogle

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hunter505.com/ HTTP 301
https://hunter505.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hunter505.com/
Redirect Chain

http://hunter505.com/
https://hunter505.com/

62 KB
15 KB

1327ms
1086ms

Document
text/html

2606:4700:90:0:b518:199c:8a1f:d33b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hunter505.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:b518:199c:8a1f:d33b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

a80897c1fec312e23082763304680f87f77452d00ae82f9171e077d22ce95615

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: openresty
date: Thu, 17 Feb 2022 07:39:25 GMT
content-type: text/html; charset=utf-8
cache-control: max-age=0, public, s-maxage=31556952
etag: W/"5aa32c66fe2bf6c91e95aa1510a7cea0"
last-modified: Wed, 16 Feb 2022 19:04:38 GMT
x-request-id: a95105e925160c7110a0209088f1650a a95105e925160c7110a0209088f1650a
x-runtime: 0.815318
x-content-digest: 3489b3ea79afbe0900e3f40b5a9023a68d45dec3
age: 0
x-rack-cache: miss, store
strict-transport-security: max-age=604800
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: frame-ancestors 'self'
x-clacks-overhead: GNU Terry Pratchett
content-encoding: gzip

Redirect headers

Server: openresty
Date: Thu, 17 Feb 2022 07:39:24 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://hunter505.com/
Cache-Control: no-cache
X-Request-Id: 9e9dd76d3444b28e62b6f8a31b68f9de 9e9dd76d3444b28e62b6f8a31b68f9de
X-Runtime: 0.031057
X-Rack-Cache: miss
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Content-Security-Policy: frame-ancestors 'self'
X-Clacks-Overhead: GNU Terry Pratchett

GET
H2 200 application-ae7a79f4a71d015403eb7785c0eb7ba3a66ecdb8231a148b9db9071dbd79f46c.css
assets-production.bndzgl.com/assets/usersite/ 313 KB
44 KB 109ms
31ms Stylesheet
text/css 2606:4700::6812:13d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-production.bndzgl.com/assets/usersite/application-ae7a79f4a71d015403eb7785c0eb7ba3a66ecdb8231a148b9db9071dbd79f46c.css

Requested by

Host: hunter505.com
URL: https://hunter505.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae7a79f4a71d015403eb7785c0eb7ba3a66ecdb8231a148b9db9071dbd79f46c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hunter505.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 07:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 124618
access-control-request-method: *
vary: Accept-Encoding
content-length: 44490
x-xss-protection: 1; mode=block
x-request-id: 13728c1acb37e36d9871ed78b0786a42
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 15 Feb 2022 17:58:43 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
x-download-options: noopen
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self'
accept-ranges: bytes
cf-ray: 6ded5c9ebbabd618-MXP
expires: Sun, 15 Feb 2032 07:39:25 GMT

GET
H2 200 billboard-0416d83a.css
assets-production.bndzgl.com/packs/css/usersite/themes/ 111 KB
12 KB 111ms
34ms Stylesheet
text/css 2606:4700::6812:13d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-production.bndzgl.com/packs/css/usersite/themes/billboard-0416d83a.css

Requested by

Host: hunter505.com
URL: https://hunter505.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38d39202a126bbeffb9cfc9a5a58a37a684113499965579f6b526ccf853621c1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hunter505.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 07:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 39154
access-control-request-method: *
vary: Accept-Encoding
content-length: 11842
x-xss-protection: 1; mode=block
x-request-id: 1437af5b95ffc746135f20602876ba7d
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Wed, 16 Feb 2022 16:00:58 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
x-download-options: noopen
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self'
accept-ranges: bytes
cf-ray: 6ded5c9ebbacd618-MXP
expires: Sun, 15 Feb 2032 07:39:25 GMT

GET
H2 200 css2
fonts.googleapis.com/ 438 B
845 B 49ms
18ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Waiting+for+the+Sunrise&display=swap

Requested by

Host: hunter505.com
URL: https://hunter505.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ae316882f9fae7b3278dbd1c6f407dab1a179a80e06787befe9a3e9fe0ed184b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hunter505.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 07:39:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Feb 2022 07:39:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Feb 2022 07:39:25 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
648 B 50ms
19ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@700&display=swap

Requested by

Host: hunter505.com
URL: https://hunter505.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f9607ad5e8093eadc0fdc58c6dc119d5ab494c6f6a55b80cee3cb724d12024e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hunter505.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 07:35:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Feb 2022 07:39:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Feb 2022 07:39:25 GMT

GET
H2 200 stylesheet.css
d2tqm71z2plwas.cloudfront.net/user/11468/SegoeUI-Light/ 194 B
571 B 60ms
9ms Stylesheet
text/css 2600:9000:224a:b400:7:2081:f100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tqm71z2plwas.cloudfront.net/user/11468/SegoeUI-Light/stylesheet.css
Requested by: Host: hunter505.com
URL: https://hunter505.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b400:7:2081:f100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b4aae212aeebdfe4dea264602b4ff3a59b48cb1630a689da6481c253ef583ac4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hunter505.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 10:38:37 GMT
via: 1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront)
last-modified: Tue, 02 Apr 2019 13:04:08 GMT
server: AmazonS3
age: 680448
etag: "6ad4cf26363970f9b4210fb54579ab7a"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public,max-age=31536000
content-disposition: attachment
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 194
x-amz-cf-id: 8sirWGErf1rtLDM1QTVXet8TmOtDF-PR3HGdWuWQQ2osHh10xmO0AQ==

GET
H2 200 stylesheet.css
d2tqm71z2plwas.cloudfront.net/user/11471/SegoeUI-Bold/ 190 B
566 B 66ms
15ms Stylesheet
text/css 2600:9000:224a:b400:7:2081:f100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tqm71z2plwas.cloudfront.net/user/11471/SegoeUI-Bold/stylesheet.css
Requested by: Host: hunter505.com
URL: https://hunter505.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b400:7:2081:f100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9037f791c1441d644c941523d4a4b1fc7036e608a31f09e2d313e5fafd765d2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hunter505.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 19:07:48 GMT
via: 1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront)
last-modified: Tue, 02 Apr 2019 13:13:09 GMT
server: AmazonS3
age: 45098
etag: "9efea9b80442226923c895d1f7de25d5"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public,max-age=31536000
content-disposition: attachment
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 190
x-amz-cf-id: Bqxfhtn1H8zdvNP8PEf8IFSN3A1VcwKP68jQqyITv0AoYSuckmWaDg==

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
647 B 50ms
19ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro&display=swap

Requested by

Host: hunter505.com
URL: https://hunter505.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

89ea4eefdb4faf276353ffb9ee18e782dd52df580c93d3fb4bbd8275cfe2a8db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hunter505.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 05:41:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Feb 2022 07:39:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Feb 2022 07:39:25 GMT

GET
H2 200 stylesheet.css
d2tqm71z2plwas.cloudfront.net/stock/NanumBrushScript/regular/ 237 B
563 B 68ms
17ms Stylesheet
text/css 2600:9000:224a:b400:7:2081:f100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tqm71z2plwas.cloudfront.net/stock/NanumBrushScript/regular/stylesheet.css
Requested by: Host: hunter505.com
URL: https://hunter505.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b400:7:2081:f100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 96b9f29aaf56686d2c92e3512a7aad469bb2ae0605996ffd2943ebbc23d17453

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hunter505.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 07:39:25 GMT
via: 1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront)
last-modified: Wed, 18 Mar 2020 19:24:31 GMT
server: AmazonS3
age: 25458
etag: "94a9fbb7d094b7a320ba2bdc81c675d3"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 237
x-amz-cf-id: YuC_rQPlJeZbfBwZS_KHJ7P1afqUxP7UW1TYnzSMH6FiHyTJU891xw==

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
709 B 50ms
20ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@700&display=swap

Requested by

Host: hunter505.com
URL: https://hunter505.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

11e54c820599ba4e09c6e7ecc8e8dcafa634bc55e0cb530622e9d835ffadc680

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hunter505.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 07:37:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Feb 2022 07:39:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Feb 2022 07:39:25 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
580 B 71ms
17ms Script
text/javascript 2a04:4e42:400::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=default

Requested by

Host: hunter505.com
URL: https://hunter505.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b4c9b940ff725bf2c2c73932c44d43b5ca6aa4302cd2e0ee6648d80ffa52c3ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hunter505.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 245442
detected-user-agent: Chrome/98.0.4758
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 94
referrer-policy: origin-when-cross-origin
last-modified: Mon, 14 Feb 2022 10:57:33 GMT
date: Thu, 17 Feb 2022 07:39:25 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/98.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 application-7c39767fd2a5a1290bbccf72d385a301a2c286f051f17d0b958d117a30f0714d.js Show response
assets-production.bndzgl.com/assets/usersite/ 403 KB
128 KB 122ms
46ms Script
application/javascript 2606:4700::6812:13d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-production.bndzgl.com/assets/usersite/application-7c39767fd2a5a1290bbccf72d385a301a2c286f051f17d0b958d117a30f0714d.js

Requested by

Host: hunter505.com
URL: https://hunter505.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c39767fd2a5a1290bbccf72d385a301a2c286f051f17d0b958d117a30f0714d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hunter505.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 07:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 133264
access-control-request-method: *
vary: Accept-Encoding
content-length: 130482
x-xss-protection: 1; mode=block
x-request-id: 3668fb3b4ed3aed2fe71d56a2ea6c6ce
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 15 Feb 2022 11:11:59 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self'
accept-ranges: bytes
cf-ray: 6ded5c9ebbb1d618-MXP
expires: Sun, 15 Feb 2032 07:39:25 GMT

GET
H2 200 usersite-d7e2e752e67012c083f2.js Show response
assets-production.bndzgl.com/packs/js/ 368 KB
75 KB 34ms
34ms Script
application/javascript 2606:4700::6812:13d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-production.bndzgl.com/packs/js/usersite-d7e2e752e67012c083f2.js

Requested by

Host: hunter505.com
URL: https://hunter505.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac4e2e0025cec8fb458a78f2a8c3b0c6caa28aac0562b7791ab3f46ac585790d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hunter505.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 07:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 730749
access-control-request-method: *
vary: Accept-Encoding
content-length: 76121
x-xss-protection: 1; mode=block
x-request-id: 1052f09853848ad5337a376463d5242a
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 08 Feb 2022 15:40:29 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
x-download-options: noopen
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self'
accept-ranges: bytes
cf-ray: 6ded5c9efc41d618-MXP
expires: Sun, 15 Feb 2032 07:39:25 GMT

GET
H2 200 usersite-453c18e4.css
assets-production.bndzgl.com/packs/css/ 14 KB
3 KB 106ms
31ms Stylesheet
text/css 2606:4700::6812:13d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-production.bndzgl.com/packs/css/usersite-453c18e4.css

Requested by

Host: hunter505.com
URL: https://hunter505.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a7c6a263b07b6622ca12043c6081ce6143f25caf44395c64b9cc87a9a04041c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hunter505.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 07:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 55478
access-control-request-method: *
vary: Accept-Encoding
content-length: 2524
x-xss-protection: 1; mode=block
x-request-id: ae9c8502730f9339a95ed735654b6dcd
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Wed, 16 Feb 2022 16:00:58 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
x-download-options: noopen
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self'
accept-ranges: bytes
cf-ray: 6ded5c9ebbafd618-MXP
expires: Sun, 15 Feb 2032 07:39:25 GMT

GET
H2 200 meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/u/357171/954c5f8ef7d1993624c8d59f7211c0c37ac54c19/original/4-wake-up.jpeg/!!/b%3AW1sicmVzaXplIiwxODAwXSxbIm1heCJdLFsid2UiXV0%3D/ 1 MB
1 MB 90ms
43ms Image
image/webp 2600:9000:2315:2000:7:56a2:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10j3mvrs1suex.cloudfront.net/u/357171/954c5f8ef7d1993624c8d59f7211c0c37ac54c19/original/4-wake-up.jpeg/!!/b%3AW1sicmVzaXplIiwxODAwXSxbIm1heCJdLFsid2UiXV0%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by: Host: hunter505.com
URL: https://hunter505.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:2000:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Fly/019f8a95 (2022-02-15) / Express
Resource Hash: 102bfe122d51bec37f2e41ca0a62d4ef2de1bb51339e7bfa4116a0a6c6d7bd06

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hunter505.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 01:47:46 GMT
via: 1.1 fly.io, 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
fly-request-id: 01FW2NVF1Q02SQXKPGSDRB242S-fra
server: Fly/019f8a95 (2022-02-15)
age: 21099
x-powered-by: Express
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: Dym0qaQhaDGdAcfWMjvruf4Qtp_QzIpGZ7scoVcfCzqQLH-i0ZnDHw==
x-zoogle-commands: {"base":"u/357171/954c5f8ef7d1993624c8d59f7211c0c37ac54c19/original/4-wake-up.jpeg/!!/b:W1sicmVzaXplIiwxODAwXSxbIm1heCJdLFsid2UiXV0=/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/357171/954c5f8ef7d1993624c8d59f7211c0c37ac54c19/original/4-wake-up.jpeg","contentType":"image/webp","ext":"webp","commands":[["resize",1800,null,{"fit":"inside","withoutEnlargement":true}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"}}

GET
H2 200 meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/u/357171/af05faaeb0b8cd75b1b850ec7b31b0482b092a83/original/5-love-nightmares.jpg/!!/b%3AW1sicmVzaXplIiwxMzU4XSxbIm1heCJdLFsid2UiXV0%3D/ 248 KB
249 KB 49ms
46ms Image
image/webp 2600:9000:2315:2000:7:56a2:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10j3mvrs1suex.cloudfront.net/u/357171/af05faaeb0b8cd75b1b850ec7b31b0482b092a83/original/5-love-nightmares.jpg/!!/b%3AW1sicmVzaXplIiwxMzU4XSxbIm1heCJdLFsid2UiXV0%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by: Host: hunter505.com
URL: https://hunter505.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:2000:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Fly/019f8a95 (2022-02-15) / Express
Resource Hash: 396dbd14442801e517b595d060dfacf010e0d73e288ba70104f19cb04bbc2956

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hunter505.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 01:47:45 GMT
via: 1.1 fly.io, 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
fly-request-id: 01FW2NVF2ZHA5F43E7NR1JHFP4-fra
server: Fly/019f8a95 (2022-02-15)
age: 21101
x-powered-by: Express
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: I3InHtz56QEuUcVodFRrsqadqm_4JLf0lJcy9z7ds9ibtFaWdLg_OA==
x-zoogle-commands: {"base":"u/357171/af05faaeb0b8cd75b1b850ec7b31b0482b092a83/original/5-love-nightmares.jpg/!!/b:W1sicmVzaXplIiwxMzU4XSxbIm1heCJdLFsid2UiXV0=/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/357171/af05faaeb0b8cd75b1b850ec7b31b0482b092a83/original/5-love-nightmares.jpg","contentType":"image/webp","ext":"webp","commands":[["resize",1358,null,{"fit":"inside","withoutEnlargement":true}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"}}

GET
H2 200 meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/u/357171/af05faaeb0b8cd75b1b850ec7b31b0482b092a83/original/5-love-nightmares.jpg/!!/b%3AW1sicmVzaXplIiwxMzQwXSxbIm1heCJdLFsid2UiXV0%3D/ 242 KB
243 KB 20ms
17ms Image
image/webp 2600:9000:2315:2000:7:56a2:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10j3mvrs1suex.cloudfront.net/u/357171/af05faaeb0b8cd75b1b850ec7b31b0482b092a83/original/5-love-nightmares.jpg/!!/b%3AW1sicmVzaXplIiwxMzQwXSxbIm1heCJdLFsid2UiXV0%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by: Host: hunter505.com
URL: https://hunter505.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:2000:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Fly/019f8a95 (2022-02-15) / Express
Resource Hash: c3ce9cf4721b18554abad20e1fbc1bfa68176dfce648d7f6bf1880a1fe7f976e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hunter505.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 01:47:44 GMT
via: 1.1 fly.io, 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
fly-request-id: 01FW2NVCFMQK7CZ5HD5XEKV61Q-fra
server: Fly/019f8a95 (2022-02-15)
age: 21101
x-powered-by: Express
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: kXr6gp-BcXhTWtrnc2WyjV5h9VVdThvQ-p5tlEzpKE-yZ8WR5tc1cw==
x-zoogle-commands: {"base":"u/357171/af05faaeb0b8cd75b1b850ec7b31b0482b092a83/original/5-love-nightmares.jpg/!!/b:W1sicmVzaXplIiwxMzQwXSxbIm1heCJdLFsid2UiXV0=/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/357171/af05faaeb0b8cd75b1b850ec7b31b0482b092a83/original/5-love-nightmares.jpg","contentType":"image/webp","ext":"webp","commands":[["resize",1340,null,{"fit":"inside","withoutEnlargement":true}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"}}

GET
H2 200 meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/u/357171/28e1a5a6050f97c518b089459f4c1187e6663a4b/original/1-doomville.jpg/!!/b%3AW1sicmVzaXplIiw2NjBdLFsibWF4Il0sWyJ3ZSJdXQ%3D%3D/ 110 KB
111 KB 30ms
27ms Image
image/webp 2600:9000:2315:2000:7:56a2:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10j3mvrs1suex.cloudfront.net/u/357171/28e1a5a6050f97c518b089459f4c1187e6663a4b/original/1-doomville.jpg/!!/b%3AW1sicmVzaXplIiw2NjBdLFsibWF4Il0sWyJ3ZSJdXQ%3D%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by: Host: hunter505.com
URL: https://hunter505.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:2000:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Fly/019f8a95 (2022-02-15) / Express
Resource Hash: 797a5393145756fd06bb7a2080a30d33e53546af2fe27b4303142c66cedc5996

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hunter505.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 01:47:46 GMT
via: 1.1 fly.io, 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
fly-request-id: 01FW2NVF41J0GQHYF3Q9FVMMN4-fra
server: Fly/019f8a95 (2022-02-15)
age: 21099
x-powered-by: Express
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: tyuLcFTuslyQBBJOO70L4S0J4WXpH3F7tlJaHMt7B1Xf1tl6wY3ppw==
x-zoogle-commands: {"base":"u/357171/28e1a5a6050f97c518b089459f4c1187e6663a4b/original/1-doomville.jpg/!!/b:W1sicmVzaXplIiw2NjBdLFsibWF4Il0sWyJ3ZSJdXQ==/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/357171/28e1a5a6050f97c518b089459f4c1187e6663a4b/original/1-doomville.jpg","contentType":"image/webp","ext":"webp","commands":[["resize",660,null,{"fit":"inside","withoutEnlargement":true}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"}}

GET
H2 200 meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/u/357171/97b87e26135f567c3463d23b255f90599d9f9d2b/original/2-trying-to-connect.jpg/!!/b%3AW1sicmVzaXplIiw2NjBdLFsibWF4Il0sWyJ3ZSJdXQ%3D%3D/ 86 KB
87 KB 20ms
17ms Image
image/webp 2600:9000:2315:2000:7:56a2:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10j3mvrs1suex.cloudfront.net/u/357171/97b87e26135f567c3463d23b255f90599d9f9d2b/original/2-trying-to-connect.jpg/!!/b%3AW1sicmVzaXplIiw2NjBdLFsibWF4Il0sWyJ3ZSJdXQ%3D%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by: Host: hunter505.com
URL: https://hunter505.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:2000:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Fly/019f8a95 (2022-02-15) / Express
Resource Hash: c18a821de0d5982cb2166465a332a83c30818da2afb0e6d38b1b63fe1c8d3a0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hunter505.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 01:47:44 GMT
via: 1.1 fly.io, 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
fly-request-id: 01FW2NVCPGCBDBEJT8JJ1PQM67-fra
server: Fly/019f8a95 (2022-02-15)
age: 21101
x-powered-by: Express
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: jXxsZy8AR4fYXskcuaoTyVibBnytiBekD70vErRdA1jl_0QBwKESDA==
x-zoogle-commands: {"base":"u/357171/97b87e26135f567c3463d23b255f90599d9f9d2b/original/2-trying-to-connect.jpg/!!/b:W1sicmVzaXplIiw2NjBdLFsibWF4Il0sWyJ3ZSJdXQ==/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/357171/97b87e26135f567c3463d23b255f90599d9f9d2b/original/2-trying-to-connect.jpg","contentType":"image/webp","ext":"webp","commands":[["resize",660,null,{"fit":"inside","withoutEnlargement":true}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"}}

GET
H2 200 meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/u/357171/f4081f2647a812fd327b7d9e4b2c4db284cc6528/original/3-triangle.jpg/!!/b%3AW1sicmVzaXplIiw2NjBdLFsibWF4Il0sWyJ3ZSJdXQ%3D%3D/ 38 KB
38 KB 64ms
61ms Image
image/webp 2600:9000:2315:2000:7:56a2:7e40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10j3mvrs1suex.cloudfront.net/u/357171/f4081f2647a812fd327b7d9e4b2c4db284cc6528/original/3-triangle.jpg/!!/b%3AW1sicmVzaXplIiw2NjBdLFsibWF4Il0sWyJ3ZSJdXQ%3D%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by: Host: hunter505.com
URL: https://hunter505.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:2000:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Fly/019f8a95 (2022-02-15) / Express
Resource Hash: b42b455e9440c8a8bcea5d862cb0f4556ad57e5aac5fc5cdfd388c88291d1702

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hunter505.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 01:47:44 GMT
via: 1.1 fly.io, 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
fly-request-id: 01FW2NT8HBVAQ8RNSVGHV6N95B-fra
server: Fly/019f8a95 (2022-02-15)
age: 21102
x-powered-by: Express
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: MFZdKySPlGHs38nhX-OqWB_GaZjd4wIGsphcsRN6wQzusJAh7IYLJA==
x-zoogle-commands: {"base":"u/357171/f4081f2647a812fd327b7d9e4b2c4db284cc6528/original/3-triangle.jpg/!!/b:W1sicmVzaXplIiw2NjBdLFsibWF4Il0sWyJ3ZSJdXQ==/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/357171/f4081f2647a812fd327b7d9e4b2c4db284cc6528/original/3-triangle.jpg","contentType":"image/webp","ext":"webp","commands":[["resize",660,null,{"fit":"inside","withoutEnlargement":true}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"}}

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 56ms
34ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137892719-1

Requested by

Host: hunter505.com
URL: https://hunter505.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d96ee5d4d400a417a8ff1e84f67fa6cd3616526018f7a0069ce065c362bfcb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hunter505.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 07:39:26 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36137
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Feb 2022 07:39:26 GMT

GET
H2 200 usersite_print-898d57949af0ad2bc4f547f83dd6ff3afcc8a33f1513e732d597872e7fa68553.css
assets-production.bndzgl.com/assets/ 67 B
256 B 28ms
28ms Stylesheet
text/css 2606:4700::6812:13d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-production.bndzgl.com/assets/usersite_print-898d57949af0ad2bc4f547f83dd6ff3afcc8a33f1513e732d597872e7fa68553.css

Requested by

Host: hunter505.com
URL: https://hunter505.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

898d57949af0ad2bc4f547f83dd6ff3afcc8a33f1513e732d597872e7fa68553

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hunter505.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 07:39:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 4898383
access-control-request-method: *
vary: Accept-Encoding
content-length: 81
x-xss-protection: 1; mode=block
x-request-id: 709329b80269fb4267f5b43380cbc93f
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 03 Aug 2021 13:05:16 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
x-download-options: noopen
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self'
accept-ranges: bytes
cf-ray: 6ded5c9f7d0ed618-MXP
expires: Sun, 15 Feb 2032 07:39:26 GMT

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 css2
fonts.googleapis.com/ 258 B
316 B 20ms
19ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@600&display=swap&text=0123456789

Requested by

Host: assets-production.bndzgl.com
URL: https://assets-production.bndzgl.com/packs/css/usersite-453c18e4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

914d45e3ac5c90debd937cc1edbd8dc918451b4a8170020eb05afd03796d3238

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets-production.bndzgl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 07:39:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 17 Feb 2022 07:39:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Feb 2022 07:39:25 GMT

GET
H2 200 WBL1rFvOYl9CEv2i1mO6KUW8RKWJ2zoXoz5JsbZX_B4.woff2
fonts.gstatic.com/s/waitingforthesunrise/v14/ 18 KB
18 KB 32ms
9ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/waitingforthesunrise/v14/WBL1rFvOYl9CEv2i1mO6KUW8RKWJ2zoXoz5JsbZX_B4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Waiting+for+the+Sunrise&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03ee8b42e5dcb6f3cb2d1d8f35213daf5804aebbca430894a45936845a34ae68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hunter505.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 05:56:11 GMT
x-content-type-options: nosniff
age: 6195
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18020
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 21:57:54 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 17 Feb 2023 05:56:11 GMT

GET
H2 200 SegoeUI-Light.woff2
d2tqm71z2plwas.cloudfront.net/user/11468/SegoeUI-Light/ 18 KB
18 KB 93ms
70ms Font
application/octet-stream 2600:9000:224a:b400:7:2081:f100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tqm71z2plwas.cloudfront.net/user/11468/SegoeUI-Light/SegoeUI-Light.woff2
Requested by: Host: d2tqm71z2plwas.cloudfront.net
URL: https://d2tqm71z2plwas.cloudfront.net/user/11468/SegoeUI-Light/stylesheet.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b400:7:2081:f100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0c93a2f689c74352cf4349b73df78133fe71b92b45bf5ab4116dc9e5cd094990

Request headers

Referer: https://d2tqm71z2plwas.cloudfront.net/user/11468/SegoeUI-Light/stylesheet.css
Origin: https://hunter505.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:35:30 GMT
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
age: 108236
x-cache: Hit from cloudfront
content-disposition: attachment
content-length: 18364
last-modified: Tue, 02 Apr 2019 13:04:08 GMT
server: AmazonS3
etag: "46cb063c1720d606ce1f2a59af44de64"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
cache-control: public,max-age=31536000
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: QR-RsLuAdUu1E3XKjnCkmvacxKpNutC9WCnh941wuGfdAdLjjvMTtA==

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 13 KB
13 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hunter505.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 14:56:27 GMT
x-content-type-options: nosniff
age: 60179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13080
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 14:56:27 GMT

GET
H2 200 SegoeUI-Bold.woff2
d2tqm71z2plwas.cloudfront.net/user/11471/SegoeUI-Bold/ 16 KB
16 KB 71ms
48ms Font
application/octet-stream 2600:9000:224a:b400:7:2081:f100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tqm71z2plwas.cloudfront.net/user/11471/SegoeUI-Bold/SegoeUI-Bold.woff2
Requested by: Host: d2tqm71z2plwas.cloudfront.net
URL: https://d2tqm71z2plwas.cloudfront.net/user/11471/SegoeUI-Bold/stylesheet.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b400:7:2081:f100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae355d3d4c7637aec83a8d8897a17e969e0c0dc1735eeda7541102ad19b3961a

Request headers

Referer: https://d2tqm71z2plwas.cloudfront.net/user/11471/SegoeUI-Bold/stylesheet.css
Origin: https://hunter505.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:35:30 GMT
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
age: 108236
x-cache: Hit from cloudfront
content-disposition: attachment
content-length: 16284
last-modified: Tue, 02 Apr 2019 13:13:09 GMT
server: AmazonS3
etag: "0504b0ac8f4afe210d4a0c8c1a452d6a"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
cache-control: public,max-age=31536000
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: RKr2iXH3oE05Ji2r2AuEjLqitjkDKLsNiZW_E11OxFlEIGGy89IUIw==

GET NanumBrushScript.woff2
d2tqm71z2plwas.cloudfront.net/stock/NanumBrushScript/regular/ 0
0

GET
H2 200 font-icons-027b2ac2809e314a825179854ed16d55e5d89111f7f9850d7f80eb97a5390de5.woff
assets-production.bndzgl.com/assets/ 33 KB
18 KB 286ms
245ms Font
application/font-woff 2606:4700::6812:13d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets-production.bndzgl.com/assets/font-icons-027b2ac2809e314a825179854ed16d55e5d89111f7f9850d7f80eb97a5390de5.woff

Requested by

Host: assets-production.bndzgl.com
URL: https://assets-production.bndzgl.com/assets/usersite/application-ae7a79f4a71d015403eb7785c0eb7ba3a66ecdb8231a148b9db9071dbd79f46c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13d7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

027b2ac2809e314a825179854ed16d55e5d89111f7f9850d7f80eb97a5390de5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://assets-production.bndzgl.com/assets/usersite/application-ae7a79f4a71d015403eb7785c0eb7ba3a66ecdb8231a148b9db9071dbd79f46c.css
Origin: https://hunter505.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 07:39:26 GMT
access-control-request-method: *
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
content-encoding: gzip
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 170d5762e4d0e873079727be1ce8ef53
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead: GNU Terry Pratchett
last-modified: Fri, 21 Jan 2022 04:16:29 GMT
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
x-download-options: noopen
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-security-policy: frame-ancestors 'self'
cf-ray: 6ded5c9fc9baf917-MXP
expires: Sun, 15 Feb 2032 07:39:26 GMT

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 stats.js Show response
stats.zoogletools.net/ 2 KB
1 KB 424ms
105ms Script
application/javascript 35.183.219.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.zoogletools.net/stats.js?v=1

Requested by

Host: hunter505.com
URL: https://hunter505.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.183.219.224 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-219-224.ca-central-1.compute.amazonaws.com

Software

openresty/1.15.8.2 /

Resource Hash

7f756b573409469d742597a0085c346279500765f809d3d074e408b914492488

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hunter505.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 07:39:26 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
last-modified: Thu, 16 Dec 2021 23:32:39 GMT
server: openresty/1.15.8.2
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript

GET
H2 200 NanumBrushScript.woff
d2tqm71z2plwas.cloudfront.net/stock/NanumBrushScript/regular/ 1 MB
1 MB 29ms
28ms Font
application/font-woff 2600:9000:224a:b400:7:2081:f100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tqm71z2plwas.cloudfront.net/stock/NanumBrushScript/regular/NanumBrushScript.woff
Requested by: Host: d2tqm71z2plwas.cloudfront.net
URL: https://d2tqm71z2plwas.cloudfront.net/stock/NanumBrushScript/regular/stylesheet.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b400:7:2081:f100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7294306571dcef9190b723b9fa7a1b2b176cc17b9ab4c4922b5449bcf361a07a

Request headers

Referer: https://d2tqm71z2plwas.cloudfront.net/stock/NanumBrushScript/regular/stylesheet.css
Origin: https://hunter505.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 08:56:17 GMT
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
last-modified: Wed, 18 Mar 2020 19:23:15 GMT
server: AmazonS3
age: 81790
etag: "cb054229073343b6cec436bf418c1aab"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/font-woff
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 1376812
x-amz-cf-id: q8gp0pDvw_PCFHkNWqSp0EpjljMdcm574Djn8UTCrqcB14zFBzYEtw==

GET
H2 200 badge Show response
hunter505.com/api/cart/ 1 KB
1 KB 173ms
173ms Fetch
text/html 2606:4700:90:0:b518:199c:8a1f:d33b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hunter505.com/api/cart/badge

Requested by

Host: assets-production.bndzgl.com
URL: https://assets-production.bndzgl.com/packs/js/usersite-d7e2e752e67012c083f2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:b518:199c:8a1f:d33b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

f5f8cff4b618bcba4f59745c018d451fd46a9d3eed8b8eeb1c91384a664b6c98

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hunter505.com/
X-CSRF-Token: P6QG4QUXLxiYVmaTacGosbBYQAJEefs2WaC1gigBMpvEOl5v/dTH+t3kfCcBZIzNvE11Sig/8AymyxcB4UfRnA==
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/html

Response headers

date: Thu, 17 Feb 2022 07:39:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-runtime: 0.035012
x-clacks-overhead: GNU Terry Pratchett
server: openresty
x-frame-options: DENY
etag: W/"f5f8cff4b618bcba4f59745c018d451f"
x-download-options: noopen
strict-transport-security: max-age=604800
content-type: text/html; charset=utf-8
pragma: no-cache
cache-control: no-cache, no-store
content-security-policy: frame-ancestors 'self'
x-request-id: 3276cd844063b9e21c5b9fb50a54048b, 3276cd844063b9e21c5b9fb50a54048b
x-rack-cache: miss
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 13 KB
13 KB 23ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7209c26bc245ae1b293f4b9622201b1dc97282229a2e8fcae555f36caa8650e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hunter505.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 14:06:47 GMT
x-content-type-options: nosniff
age: 149559
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13008
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 14:06:47 GMT

GET
H2 200 profile Show response
hunter505.com/go/member/ 17 B
600 B 156ms
156ms Fetch
application/json 2606:4700:90:0:b518:199c:8a1f:d33b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hunter505.com/go/member/profile

Requested by

Host: assets-production.bndzgl.com
URL: https://assets-production.bndzgl.com/packs/js/usersite-d7e2e752e67012c083f2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700:90:0:b518:199c:8a1f:d33b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

openresty /

Resource Hash

06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hunter505.com/
X-CSRF-Token: P6QG4QUXLxiYVmaTacGosbBYQAJEefs2WaC1gigBMpvEOl5v/dTH+t3kfCcBZIzNvE11Sig/8AymyxcB4UfRnA==
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/json

Response headers

date: Thu, 17 Feb 2022 07:39:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-runtime: 0.024832
x-clacks-overhead: GNU Terry Pratchett
server: openresty
x-frame-options: DENY
etag: W/"06e5f7e2d702e0110271dd33c198e1f3"
x-download-options: noopen
strict-transport-security: max-age=604800
content-type: application/json; charset=utf-8
pragma: no-cache
cache-control: no-cache, no-store
content-security-policy: frame-ancestors 'self'
x-request-id: c6e61d671465ad8a438d4f61012a7d9a, c6e61d671465ad8a438d4f61012a7d9a
x-rack-cache: miss
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 45ms
13ms Script
text/javascript 2a00:1450:400e:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137892719-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hunter505.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5030
date: Thu, 17 Feb 2022 06:15:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 17 Feb 2022 08:15:36 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 47ms
29ms XHR
text/plain 2a00:1450:400e:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=415661937&t=pageview&_s=1&dl=https%3A%2F%2Fhunter505.com%2F&ul=en-us&de=UTF-8&dt=hunter%20505&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1058323245&gjid=523377522&cid=461413970.1645083566&tid=UA-137892719-1&_gid=1004465727.1645083566&_r=1&gtm=2ou290&z=408177545

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80f::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hunter505.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Feb 2022 07:39:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hunter505.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visits
stats.zoogletools.net/ 0
0 117ms
117ms Fetch
application/json 35.183.219.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.zoogletools.net/visits

Requested by

Host: stats.zoogletools.net
URL: https://stats.zoogletools.net/stats.js?v=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.183.219.224 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-219-224.ca-central-1.compute.amazonaws.com

Software

openresty/1.15.8.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hunter505.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 17 Feb 2022 07:39:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
x-request-id: e3b55386c2b942452905121763991eae
x-runtime: 0.011674
referrer-policy: strict-origin-when-cross-origin
server: openresty/1.15.8.2
x-frame-options: SAMEORIGIN
x-download-options: noopen
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: no-cache

OPTIONS
H2 200 visits
stats.zoogletools.net/ 0
0 317ms
106ms Preflight 35.183.219.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.zoogletools.net/visits

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.183.219.224 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-183-219-224.ca-central-1.compute.amazonaws.com

Software

openresty/1.15.8.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://hunter505.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: openresty/1.15.8.2
date: Thu, 17 Feb 2022 07:39:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers
access-control-max-age: 7200
access-control-allow-headers: content-type

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d2tqm71z2plwas.cloudfront.net
URL: https://d2tqm71z2plwas.cloudfront.net/stock/NanumBrushScript/regular/NanumBrushScript.woff2

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hunter505.com/	1969-12-31 23:59:59	Name: guid Value: e7647f82-93e5-4948-a2a7-412e0bd69fc6
.hunter505.com/	1970-01-20 18:29:15	Name: _ga Value: GA1.2.461413970.1645083566
.hunter505.com/	1970-01-20 00:59:29	Name: _gid Value: GA1.2.1004465727.1645083566
.hunter505.com/	1970-01-20 00:58:03	Name: _gat_gtag_UA_137892719_1 Value: 1
hunter505.com/	1970-01-20 03:50:51	Name: uid_359292 Value: 1
hunter505.com/	1970-01-20 00:59:29	Name: sid_359292 Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://hunter505.com/ Message: Access to font at 'https://d2tqm71z2plwas.cloudfront.net/stock/NanumBrushScript/regular/NanumBrushScript.woff2' from origin 'https://hunter505.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://d2tqm71z2plwas.cloudfront.net/stock/NanumBrushScript/regular/NanumBrushScript.woff2 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets-production.bndzgl.com
d10j3mvrs1suex.cloudfront.net
d2tqm71z2plwas.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
hunter505.com
polyfill.io
stats.zoogletools.net
www.google-analytics.com
www.googletagmanager.com
d2tqm71z2plwas.cloudfront.net
2600:9000:224a:b400:7:2081:f100:21
2600:9000:2315:2000:7:56a2:7e40:21
2606:4700:90:0:b518:199c:8a1f:d33b
2606:4700::6812:13d7
2a00:1450:4001:803::2003
2a00:1450:4001:808::2008
2a00:1450:400e:80f::200a
2a00:1450:400e:80f::200e
2a04:4e42:400::282
35.183.219.224
027b2ac2809e314a825179854ed16d55e5d89111f7f9850d7f80eb97a5390de5
03ee8b42e5dcb6f3cb2d1d8f35213daf5804aebbca430894a45936845a34ae68
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03
0c93a2f689c74352cf4349b73df78133fe71b92b45bf5ab4116dc9e5cd094990
102bfe122d51bec37f2e41ca0a62d4ef2de1bb51339e7bfa4116a0a6c6d7bd06
11e54c820599ba4e09c6e7ecc8e8dcafa634bc55e0cb530622e9d835ffadc680
1d96ee5d4d400a417a8ff1e84f67fa6cd3616526018f7a0069ce065c362bfcb7
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
38d39202a126bbeffb9cfc9a5a58a37a684113499965579f6b526ccf853621c1
396dbd14442801e517b595d060dfacf010e0d73e288ba70104f19cb04bbc2956
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
6a7c6a263b07b6622ca12043c6081ce6143f25caf44395c64b9cc87a9a04041c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7209c26bc245ae1b293f4b9622201b1dc97282229a2e8fcae555f36caa8650e8
7294306571dcef9190b723b9fa7a1b2b176cc17b9ab4c4922b5449bcf361a07a
797a5393145756fd06bb7a2080a30d33e53546af2fe27b4303142c66cedc5996
7c39767fd2a5a1290bbccf72d385a301a2c286f051f17d0b958d117a30f0714d
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
7f756b573409469d742597a0085c346279500765f809d3d074e408b914492488
898d57949af0ad2bc4f547f83dd6ff3afcc8a33f1513e732d597872e7fa68553
89ea4eefdb4faf276353ffb9ee18e782dd52df580c93d3fb4bbd8275cfe2a8db
9037f791c1441d644c941523d4a4b1fc7036e608a31f09e2d313e5fafd765d2f
914d45e3ac5c90debd937cc1edbd8dc918451b4a8170020eb05afd03796d3238
96b9f29aaf56686d2c92e3512a7aad469bb2ae0605996ffd2943ebbc23d17453
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a80897c1fec312e23082763304680f87f77452d00ae82f9171e077d22ce95615
ac4e2e0025cec8fb458a78f2a8c3b0c6caa28aac0562b7791ab3f46ac585790d
ae316882f9fae7b3278dbd1c6f407dab1a179a80e06787befe9a3e9fe0ed184b
ae355d3d4c7637aec83a8d8897a17e969e0c0dc1735eeda7541102ad19b3961a
ae7a79f4a71d015403eb7785c0eb7ba3a66ecdb8231a148b9db9071dbd79f46c
b42b455e9440c8a8bcea5d862cb0f4556ad57e5aac5fc5cdfd388c88291d1702
b4aae212aeebdfe4dea264602b4ff3a59b48cb1630a689da6481c253ef583ac4
b4c9b940ff725bf2c2c73932c44d43b5ca6aa4302cd2e0ee6648d80ffa52c3ea
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c18a821de0d5982cb2166465a332a83c30818da2afb0e6d38b1b63fe1c8d3a0b
c3ce9cf4721b18554abad20e1fbc1bfa68176dfce648d7f6bf1880a1fe7f976e
f5f8cff4b618bcba4f59745c018d451fd46a9d3eed8b8eeb1c91384a664b6c98
f9607ad5e8093eadc0fdc58c6dc119d5ab494c6f6a55b80cee3cb724d12024e8

hunter505.com Open in urlscan Pro 2606:4700:90:0:b518:199c:8a1f:d33b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

38 Requests

97 %HTTPS

90 %IPv6

9 Domains

10 Subdomains

11 IPs

4 Countries

3537 kBTransfer

4625 kBSize

6 Cookies

6 Outgoing links

Page URL History

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hunter505.com Open in urlscan Pro
2606:4700:90:0:b518:199c:8a1f:d33b Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

97 %
HTTPS

90 %
IPv6

9
Domains

10
Subdomains

11
IPs

4
Countries

3537 kB
Transfer

4625 kB
Size

6
Cookies

38 HTTP transactions
4 data transactions