urlscan.io logo urlscan.io
SecurityTrails logo

gestyy.com Open in urlscan Pro
2606:4700:20::681a:99b  Public Scan

Go To Rescan Add Verdict Report
URL: http://gestyy.com/ee22sF
Submission Tags: falconsandbox
Submission: On October 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 3 countries across 16 domains to perform 40 HTTP transactions. The main IP is 2606:4700:20::681a:99b, located in United States and belongs to CLOUDFLARENET, US. The main domain is gestyy.com.
This is the only time gestyy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 109.206.162.83 50245 (SERVEREL-AS)
2 13.32.118.230 16509 (AMAZON-02)
2 2600:9000:225... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
6 13.224.193.75 16509 (AMAZON-02)
6 143.204.98.122 16509 (AMAZON-02)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 151.101.2.137 54113 (FASTLY)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 162.247.243.147 13335 (CLOUDFLAR...)
1 52.92.130.10 16509 (AMAZON-02)
40 18
4    2606:4700:20::681a:99b (United States)

ASN13335 (CLOUDFLARENET, US)
gestyy.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700:20::ac43:44fa (United States)

ASN13335 (CLOUDFLARENET, US)
static.sh.st
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    109.206.162.83 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 83.162.serverel.net
dendranthe4edm7um.com
ilusors.com
2    13.32.118.230 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-230.fra60.r.cloudfront.net
d3ud741uvs727m.cloudfront.net
2    2600:9000:2251:fc00:b:b271:7c80:21 (United States)

ASN16509 (AMAZON-02, US)
d26adrx9c3n0mq.cloudfront.net
1    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:20::681a:56b (United States)

ASN13335 (CLOUDFLARENET, US)
analytics.shorte.st
6    13.224.193.75 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-75.fra2.r.cloudfront.net
kontadequality.xyz
6    143.204.98.122 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-122.fra50.r.cloudfront.net
microusconvilla.xyz
2    2606:4700:3030::ac43:dadd (United States)

ASN13335 (CLOUDFLARENET, US)
freychang.fun
1    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    2606:4700:20::ac43:4a21 (United States)

ASN13335 (CLOUDFLARENET, US)
ads.shorte.st
1    162.247.243.147 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
bam-cell.nr-data.net
1    52.92.130.10 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
webpick-cdn.s3.us-west-2.amazonaws.com
Domain Requested by
6 microusconvilla.xyz gestyy.com
d26adrx9c3n0mq.cloudfront.net
6 kontadequality.xyz d3ud741uvs727m.cloudfront.net
d26adrx9c3n0mq.cloudfront.net
4 gestyy.com gestyy.com
3 static.sh.st gestyy.com
2 freychang.fun d3ud741uvs727m.cloudfront.net
d26adrx9c3n0mq.cloudfront.net
2 d26adrx9c3n0mq.cloudfront.net gestyy.com
kontadequality.xyz
2 d3ud741uvs727m.cloudfront.net gestyy.com
kontadequality.xyz
2 dendranthe4edm7um.com gestyy.com
dendranthe4edm7um.com
2 www.google-analytics.com gestyy.com
www.google-analytics.com
1 webpick-cdn.s3.us-west-2.amazonaws.com d26adrx9c3n0mq.cloudfront.net
1 bam-cell.nr-data.net js-agent.newrelic.com
1 ads.shorte.st static.sh.st
1 js-agent.newrelic.com gestyy.com
1 ilusors.com dendranthe4edm7um.com
1 analytics.shorte.st static.sh.st
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com gestyy.com
1 fonts.googleapis.com gestyy.com
40 18

This site contains links to these domains. Also see Links.

Domain
shorte.st
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
dendranthe4edm7um.com
R3		 2021-10-04 -
2022-01-02		 3 months crt.sh
ilusors.com
R3		 2021-09-18 -
2021-12-17		 3 months crt.sh
kontadequality.xyz
Amazon		 2021-09-01 -
2022-09-30		 a year crt.sh
microusconvilla.xyz
Amazon		 2021-09-01 -
2022-09-30		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-10-16 -
2022-10-15		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-06 -
2022-11-07		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh
*.s3-us-west-2.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh

This page contains 6 frames:

Primary Page: http://gestyy.com/ee22sF
Frame ID: FC3A74D4EF5ED5BCF0FA5689E7D15AC4
Requests: 33 HTTP requests in this frame

Frame: http://kontadequality.xyz/dWR3YjgUBhQPBxRZFURNBwhKRwozQUUkXEYRE1UMRBEBEQ9HUxpMWxkLAgZeBwsZFhYbAQNHCjM9ODR+LQUwU1klDhwtbR5UQy8JIwU0JVwZM0ZWXjodJip5RQgEKkBBPiRQdhgxNVZ5OwNGLX8gKUYDVB0oITZ5QCBGI147IBwubTQMRCxfAjQ1JW4NLDVTbzoJGAd+IyFCLmkwISMYW0cwHwphFyAYKn5EJU4tTxktNBpcHDYbUlssVhMjfxklUlB+OBMUA2sbNhs1eTsqEyVuLDw2Dh1HIi1SCRABRDBUIiYHM2hHIhQxeRowFA5IETUgBlIkMRAuYSFJLjtwIzFHK3lFNCIIXx8wIVsdRyItJWoTNQASVhYIBwZ9IQtSUH49JTU0XDIxBTF5AQw4FX0yPD8wVCIlBwF1HxM/MHoNDi0VSzM3DVYOMTEQLn5HURUzTxlBRSRhRFUWJlZMDCBSXzk9JDNyNlUQCGgeVREECicPL1J1Pj5EJ1wgJVEISxoKB19wAxAFUAlNF04FYg
Frame ID: 836A9CB4D928B991E3FA1E3364226B25
Requests: 2 HTTP requests in this frame

Frame: http://kontadequality.xyz/cGxld1MRDgYabBFRB1EmAgBYUmE2SVcxN0JaBBMhCFUGRD1AARRZMBwDEBM1AgMLA30eCRFSYTYhByMwQCExHBwnKhUvERgAACISBy09AGs1LTQfHyg5ARIFCFwuID8AXzVHGTENLU8iJAArTgUYCAMyOCYoJiY8NSpUIh4nOig6GwcEPyEkByU2RgkhORIlCTU5JzUFFzUuJgVJCCYxFRQ0VAAZNTkjJhExLjwjPxg6JCEKIi1WTgo3PTQiEEFcAyZiGDQmITs0PQ0PNTJdFTEbNlQtNQI1ND0lGjgPHQ81MlwrLgVBHyEyAjpbNjYGNT80Tgk4BEgyFzM9HT8BNl0GMD86OzIbEiopAi1gNCpRNhQXJTUkEiUpIiEaNj1UGzc4KlxHFiEhLzYFRQozNSsWLlQ5BicLPy4bIj0pLwUiDzRGCjE5DTIXFl00MhQXKT0gAjkoJx83Ei4nMhczPlAgBhwuKTUROSsBACsVLScYEDRcETQQIUoPBDweHFgZOD4+EAMKNiscEB8fFg0
Frame ID: 8EEB22D0318397271C33BD9B7691F25E
Requests: 2 HTTP requests in this frame

Frame: http://ads.shorte.st/notify.php?key=2ea5b261f06ca771033a5fa9e22493f1&width=1024&height=768&ch=9714212&cp.dest_domain=mediafire.com&cp.oid=9714212&cp.referrer=&cp.locked=0&cp.proxy=0&cp.quarantine_status=1&cp.vno=1&cp.enc_url=gpH/PHJ66wZHcF46jNJE+lw8QEaPplZAxQvNlAwnzNxU/9wb1HAzQ/37BUBgs9NrjX6hUOcrdFvMdUJKPYw2gQ==&cp.asid=fa4ba51a1ef3648b00ae16f0a3a3d821faf297dc&title=&description=&keywords=&captcha_verified=0
Frame ID: C1D92D91EEF2331EF57E67840EA760B5
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 05EE9BB824A9C1F68C148A2095A3B3F9
Requests: 1 HTTP requests in this frame

Frame: https://webpick-cdn.s3.us-west-2.amazonaws.com/getlaid.jpeg
Frame ID: D5DF2193BD32D0B58A07213FB44BF52D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Earn money on short links. Make short links and earn the biggest money - shorte.stsawssad-ninja-vector-full-export-v2

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

40
Requests

53 %
HTTPS

59 %
IPv6

16
Domains

18
Subdomains

18
IPs

3
Countries

383 kB
Transfer

774 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set ee22sF
gestyy.com/ 		72 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://gestyy.com/ee22sF
Protocol
HTTP/1.1
Server
2606:4700:20::681a:99b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40-0+deb8u13
Resource Hash
8b22d427ce1dc57caab4d8d6059ebde5040c2c89440ad50e87c5110f6a5cafb1
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Host
gestyy.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Thu, 21 Oct 2021 22:41:20 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/5.6.40-0+deb8u13
Set-Cookie
PHPSESSID=tt3taelcpe2rflsbp40k8algs6; expires=Thu, 21-Oct-2021 23:41:20 GMT; Max-Age=3600; path=/; domain=.shorte.st; HttpOnly hl=en; expires=Fri, 21-Oct-2022 22:41:20 GMT; Max-Age=31536000; path=/ cookies-enable=1; path=/; httponly
Cache-Control
no-cache
X-Frame-Options
DENY
X-Server-ID
shn10
X-UA-Compatible
IE=Edge
Access-Control-Allow-Origin
*
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3xG9PEzOnw5v%2BVVNmjwt7H3KhdvXBnSvOODtfwUJVo%2Fa92NbIMdfitGrmzP6Ra1W433MFJAVjL6X0HJkx1SEJ%2BvNdgJs71mTt%2FrPtr0P1L%2BiwbXP8cxKtw15c5dTuF2Dfs0WoROEITk%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6a1dfe24d8e4073e-FRA
Content-Encoding
gzip
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:400,700
Requested by
Host: gestyy.com
URL: http://gestyy.com/ee22sF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
87eb4c9fa2bd3a95f29b584d8c1154e5d2c137ccbbc8572dedc6218beefa656f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 21:40:24 GMT
server
ESF
date
Thu, 21 Oct 2021 22:41:20 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Thu, 21 Oct 2021 22:41:20 GMT
tracking.gif
gestyy.com/bundles/advertisement/img/ 		0
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://gestyy.com/bundles/advertisement/img/tracking.gif?test=fa4ba51a1ef3648b00ae16f0a3a3d821faf297dc
Requested by
Host: gestyy.com
URL: http://gestyy.com/ee22sF
Protocol
HTTP/1.1
Server
2606:4700:20::681a:99b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
gestyy.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://gestyy.com/ee22sF
Cookie
hl=en; cookies-enable=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/ee22sF
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 22:41:20 GMT
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
0
X-UA-Compatible
IE=Edge
Last-Modified
Wed, 19 Feb 2020 11:57:41 GMT
Server
cloudflare
ETag
"5e4d22b5-0"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BRYpQ7hpS2tPjz%2Fc3Tf6rkYdZNzaQXI9KEfj4SkdYrjuvje4BGeWzbD5tACZW75RH1bDCb9mI6c9xeYV4iDnry9tVHs4mzMNrgFat19zgpDkFu0SCiRm5%2FgkmWbYE3NevE%2F1cFXxOTw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-Server-ID
shn12
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
6a1dfe25f9d4073e-FRA
advertisement-tracking-9714212.gif
gestyy.com/bundles/smeweb/img/ 		43 B
787 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://gestyy.com/bundles/smeweb/img/advertisement-tracking-9714212.gif?t=1634856080
Requested by
Host: gestyy.com
URL: http://gestyy.com/ee22sF
Protocol
HTTP/1.1
Server
2606:4700:20::681a:99b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
gestyy.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://gestyy.com/ee22sF
Cookie
hl=en; cookies-enable=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/ee22sF
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 22:41:20 GMT
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
43
X-UA-Compatible
IE=Edge
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2By%2B1bjjRmm%2B0U4HErG3kHz59%2FUi%2FTNQ3302B%2BbgEc%2B8uCqFr6HTCSp9IDzTCPhc5C0zTokgRJ0%2FhaDfn6UUADta2oYgbU28UsPaGsalb3Fu0TxW%2FM16chL7X5JwOZ%2FrFQTzbiuWiIE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-Server-ID
shn13
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
6a1dfe263a12073e-FRA
tracking-9714212.gif
gestyy.com/bundles/smeweb/img/ 		43 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://gestyy.com/bundles/smeweb/img/tracking-9714212.gif?t=1634856080
Requested by
Host: gestyy.com
URL: http://gestyy.com/ee22sF
Protocol
HTTP/1.1
Server
2606:4700:20::681a:99b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
gestyy.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://gestyy.com/ee22sF
Cookie
hl=en; cookies-enable=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/ee22sF
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 22:41:20 GMT
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Content-Length
43
X-UA-Compatible
IE=Edge
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MaYiFatTGWWzn8wYFRV6AHZf9oTOWUBAQjq6Of%2Bpyc7oGN071r5OcoIVcnonxQdrbjlFJFgtPD7phSorQyyfXtZeAiSqcpT5Fxp9JjWAxa8QkyDA4Y7LTtCGhBI9BebqDZV3pMgSKts%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-Server-ID
shn06
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
6a1dfe2639a7704b-FRA
logo1707.png
static.sh.st/b5/4c/45/48/be/0d/ca/35/64/1c/e2/75/9d/8f/9e/2c/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.sh.st/b5/4c/45/48/be/0d/ca/35/64/1c/e2/75/9d/8f/9e/2c/logo1707.png?2020-02-19.0
Requested by
Host: gestyy.com
URL: http://gestyy.com/ee22sF
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:44fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd7607ab554a8c5af9aed32593ae99aaf0682198dbbd277372e8b663bd98b001

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 22:41:20 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
43546
Connection
keep-alive
Content-Length
6226
X-UA-Compatible
IE=Edge
Last-Modified
Fri, 17 Jul 2015 13:29:04 GMT
Server
cloudflare
ETag
"55a90320-1852"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3h921R7lCJwQJaJWduizy8oKDSgI1v8v40RJsJsqpvI8bH76cZcMC7ofDjkWAJ1FV7c6oRug9%2BDfb9VzwJ%2BSm0aEQquc36pXdmmPoe9fZnfnBUpSQQzKHdDBehHo7CMP8Gw%2FIs1%2F1dDasQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
X-Server-ID
shn10
Cache-Control
max-age=86400
Accept-Ranges
bytes
CF-RAY
6a1dfe263c4496aa-FRA
Expires
Fri, 22 Oct 2021 10:35:34 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: gestyy.com
URL: http://gestyy.com/ee22sF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 16:47:48 GMT
server
Golfe2
age
6863
date
Thu, 21 Oct 2021 20:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19887
expires
Thu, 21 Oct 2021 22:46:57 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
interstitial-page.js
static.sh.st/js/packed/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.sh.st/js/packed/interstitial-page.js?2020-02-19.0
Requested by
Host: gestyy.com
URL: http://gestyy.com/ee22sF
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:44fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bfd84441ea51484204c8ca64bfd0dd137c5c95e236c32fd380da19ab00510b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 22:41:20 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
34136
Cf-Polished
origSize=68001
Transfer-Encoding
chunked
Connection
keep-alive
X-UA-Compatible
IE=Edge
Expires
Fri, 22 Oct 2021 13:12:24 GMT
Last-Modified
Wed, 19 Feb 2020 11:58:09 GMT
Server
cloudflare
ETag
W/"5e4d22d1-109a1"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4c%2F%2FO0ujTfeklsf4PgsMKwOEbVmCJV6neaxoLHb9fR8Hi84pdK%2FyHRf3Vje7CkhtRVMg776aJniTP0ytkvqQne6OMHPqEzbm4luyPDP297FPRJY4RL0iIu35oL%2FUwloKo1kJMNBss9HJg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
X-Server-ID
shn06
Cache-Control
max-age=86400
CF-RAY
6a1dfe26388b4d84-FRA
Cf-Bgj
minify
c99e662a.js
dendranthe4edm7um.com/aas/r45d/vki/1873131/ 		68 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dendranthe4edm7um.com/aas/r45d/vki/1873131/c99e662a.js
Requested by
Host: gestyy.com
URL: http://gestyy.com/ee22sF
Protocol
HTTP/1.1
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
5ed345cf672537b57dc063136eaac185ba9530cd18424d8e5f9918cfbf198384

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 22:41:20 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Oct 2021 11:40:30 GMT
Server
nginx
ETag
W/"616eaeae-111e6"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
Timing-Allow-Origin
*
/
d3ud741uvs727m.cloudfront.net/ 		101 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d3ud741uvs727m.cloudfront.net/?vudud=716233
Requested by
Host: gestyy.com
URL: http://gestyy.com/ee22sF
Protocol
HTTP/1.1
Server
13.32.118.230 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-230.fra60.r.cloudfront.net
Software
/
Resource Hash
5f378e175a4187651476b88f14f1650f0938762836e9e1d145a4759da510643b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Oct 2021 22:41:20 GMT
content-encoding
gzip
X-Amz-Cf-Pop
FRA60-P1
X-Cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection
keep-alive
Content-Length
35630
Via
1.1 814952d19d560b49ff15ad2f71e400d3.cloudfront.net (CloudFront)
X-Amz-Cf-Id
g65aXXDT0AjBEi1PptrCe_iPAgKmlvE2RokdkyN2yBXg4fbc88eckg==
/
d26adrx9c3n0mq.cloudfront.net/ 		159 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d26adrx9c3n0mq.cloudfront.net/?xrdad=928001
Requested by
Host: gestyy.com
URL: http://gestyy.com/ee22sF
Protocol
HTTP/1.1
Server
2600:9000:2251:fc00:b:b271:7c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
91263f8d2fb17cc354c7b3cc4465ffaac954ac709b78c8bef514e70fc89fc559

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Oct 2021 22:41:20 GMT
Content-Encoding
gzip
X-Amz-Cf-Pop
FRA60-P3
X-Cache
Miss from cloudfront
access-control-allow-origin
*
Cache-Control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection
keep-alive
Content-Length
48744
Via
1.1 89f400f550feb1d74a18ecb2070103ad.cloudfront.net (CloudFront)
X-Amz-Cf-Id
RfS2GJqAZKuP6_HytIHmMfE8LZXvY711VFwizhXh9El8xWqjDAz_Cg==
gtm.js
www.googletagmanager.com/ 		73 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5SFMWPJ
Requested by
Host: gestyy.com
URL: http://gestyy.com/ee22sF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e0887b9a18f6aa4c3488b99a16a73781348043d96b046068dc66216006de1efe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 22:41:20 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29510
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 21 Oct 2021 22:41:20 GMT
widget-sprite.png
static.sh.st/bundles/smeweb/img/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.sh.st/bundles/smeweb/img/widget-sprite.png?2020-02-19.0
Requested by
Host: gestyy.com
URL: http://gestyy.com/ee22sF
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:44fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8146dfca511f063c33c05e13e151ed3d3456441590a4b1358bbc99b320a02b8d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 22:41:20 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
41887
Connection
keep-alive
Content-Length
84545
X-UA-Compatible
IE=Edge
Last-Modified
Wed, 19 Feb 2020 11:57:41 GMT
Server
cloudflare
ETag
"5e4d22b5-14a41"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mML2faeh7KuO0%2FvRa91HyycFb%2FfmMmjk20nkoNWKAmAdrnf7OWkIVZFb9viFIQT2xswXrWKJG3IpP1lgb8BN8TQHw4q5IXTGKHY%2F6vlgCdqpRx9AF5gGW2hLlEa9DVm7m94o4iH21KEByg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
X-Server-ID
shn01
Cache-Control
max-age=86400
Accept-Ranges
bytes
CF-RAY
6a1dfe264e9e3140-FRA
Expires
Fri, 22 Oct 2021 11:03:13 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://gestyy.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 20:10:53 GMT
x-content-type-options
nosniff
age
268227
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
47312
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 19:40:30 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Oct 2022 20:10:53 GMT
displayed
analytics.shorte.st/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
http://analytics.shorte.st/displayed
Protocol
HTTP/1.1
Server
2606:4700:20::681a:56b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-requested-with
Origin
http://gestyy.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Thu, 21 Oct 2021 22:41:20 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Frame-Options
SAMEORIGIN
Referrer-Policy
same-origin
Cache-Control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DfEGvCbuGmH7qhifBv0q0yBEDgnj0aY4ieB%2F%2BVqqotHrpOdJFTCQ03bgYhwyuOYRVAiLvbkKwySUdM%2BEgnEjLJFhg8tOCb3GO%2BdgypvLk22sg5b57WGg3%2FwMoDjJP18PUE%2B6XMX4QP5InnEDmPvAXuI%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6a1dfe2698706937-FRA
Content-Encoding
gzip
displayed
analytics.shorte.st/ 		0
0
1873131
dendranthe4edm7um.com/get/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dendranthe4edm7um.com/get/1873131?zoneid=1873131&jp=_cli7jzpnv2uo7jp5uq9c9u&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=0&sp=2
Requested by
Host: dendranthe4edm7um.com
URL: http://dendranthe4edm7um.com/aas/r45d/vki/1873131/c99e662a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
45b7ceab34d007ae188e8b35b6f74eec1fe57af7211c2e38f97dfc041aa80983

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 22:41:20 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
/
ilusors.com/ssp/req/1873131/ 		7 B
190 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ilusors.com/ssp/req/1873131/?pb=9a25ebe1f0de03d58ca4ad5335d4d6801634863280&psp=6K8Box-4GvMlZUJlLK4DHb4Rw7eQMUu1b7-btvjQh-Yxxx6nxreACCPpw4GNnCPLUOHgzW8U6cqzrM-7i9dmaY_SC8lVXdqlAZQTmXt7aiNn9KooybBw55Sh0zKIxgSGaArgw5sVU3vU2oAn3lSbjavOVtbgyWvwsxig5yCislxkrd90mOzVFN1u7bOn0alRS34lq76WyUX6IlBe6dR_dCAN_zSyGSJjBvSkRujv95jCut5zl8v-e1cpoYwrhFkP3oZWwzIEiKJ3QVsRz3nWIweiQNHE2B8NldLgZFVXHpLK_Uo_Mdf4ihUkVpdmFmrnxjZBKfWqrqf2sgmmI17u15uwJJ64ktrmxCAXw-D6fCpD2FtipcFNkNQLg4qxXSAHMxDYBrhVZHMdFv04kFXDaafqp9FnY36wMzaOCnCN0Gll4D5JyoY5Bi4vG_impTmxkJLr21cg4TfMBBldNYssdMIHSVx0NuyzpK635u8NuM3TKs8zHUuB0WVVNm7R4n-0Fv8Ko8ONUwQsY924-8_J-DeFQjxv98VssMrV48c7Jxy48qssh9eAghh6BtTqFmoS8zleVFRp4oW1610c0HJdoKZ7wo6DAyv8MozOmeuSNsHyOHXI0DjLMHWVjMJtO9pE8A==&sp=2&cb=_clbrfnuozis448rsw2zy8h&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24
Requested by
Host: dendranthe4edm7um.com
URL: http://dendranthe4edm7um.com/aas/r45d/vki/1873131/c99e662a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 22:41:20 GMT
server
nginx
timing-allow-origin
*
content-length
7
content-type
text/javascript
utx
kontadequality.xyz/ 		0
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kontadequality.xyz/utx?cb=33aDDlSBmdzu&top=gestyy.com&tid=716233
Requested by
Host: d3ud741uvs727m.cloudfront.net
URL: http://d3ud741uvs727m.cloudfront.net/?vudud=716233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.75 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-75.fra2.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Oct 2021 22:41:20 GMT
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
http://gestyy.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
KJzAMQ0_AlJH05wspsaY4VXeYauz14X0UDSqZP3bKzWQzfifBtPOaQ==
MHoNDi0VSzM3DVYOMTEQLn5HURUzTxlBRSRhRFUWJlZMDCBSXzk9JDNyNlUQCGgeVREECicPL1J1Pj5EJ1wgJVEISxoKB19wAxAFUAlNF04FYg
kontadequality.xyz/dWR3YjgUBhQPBxRZFURNBwhKRwozQUUkXEYRE1UMRBEBEQ9HUxpMWxkLAgZeBwsZFhYbAQNHCjM9ODR+LQUwU1klDhwtbR5UQy8JIwU0JVwZM0ZWXjodJip5RQgEKkBBPiRQdhgxNVZ5OwNGLX8gKUYDVB0oITZ5QCBGI147IBwubTQMRC... Frame 836A 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://kontadequality.xyz/dWR3YjgUBhQPBxRZFURNBwhKRwozQUUkXEYRE1UMRBEBEQ9HUxpMWxkLAgZeBwsZFhYbAQNHCjM9ODR+LQUwU1klDhwtbR5UQy8JIwU0JVwZM0ZWXjodJip5RQgEKkBBPiRQdhgxNVZ5OwNGLX8gKUYDVB0oITZ5QCBGI147IBwubTQMRCxfAjQ1JW4NLDVTbzoJGAd+IyFCLmkwISMYW0cwHwphFyAYKn5EJU4tTxktNBpcHDYbUlssVhMjfxklUlB+OBMUA2sbNhs1eTsqEyVuLDw2Dh1HIi1SCRABRDBUIiYHM2hHIhQxeRowFA5IETUgBlIkMRAuYSFJLjtwIzFHK3lFNCIIXx8wIVsdRyItJWoTNQASVhYIBwZ9IQtSUH49JTU0XDIxBTF5AQw4FX0yPD8wVCIlBwF1HxM/MHoNDi0VSzM3DVYOMTEQLn5HURUzTxlBRSRhRFUWJlZMDCBSXzk9JDNyNlUQCGgeVREECicPL1J1Pj5EJ1wgJVEISxoKB19wAxAFUAlNF04FYg
Requested by
Host: d3ud741uvs727m.cloudfront.net
URL: http://d3ud741uvs727m.cloudfront.net/?vudud=716233
Protocol
HTTP/1.1
Server
13.224.193.75 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-75.fra2.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
898b3f782f98edc787776418c39c0b3cd610b0c6133a33b3882032c032995743

Request headers

Host
kontadequality.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://gestyy.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/

Response headers

Content-Type
text/html
Content-Length
1233
Connection
keep-alive
Date
Thu, 21 Oct 2021 22:41:20 GMT
Server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
content-encoding
gzip
X-Cache
Miss from cloudfront
Via
1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C1
X-Amz-Cf-Id
aMCi61PGUyP8x8jIX7K5_fI2dCjxf8xRr0Sg0aiHLwGy3pkqmKzdzA==
QVpiSFpuZQE7ZxsdMCMUBTYxHgwQGyZ5DBQPMwUWFxwGHBg2PUQ8MyVnVXlsc2lRbiooPl96Y2cpFikuNClfeXwoNAQnZ2csX3l0cXRXe3RwfBY4OyZnU24qNS4OdWt3aVZwb3dqWnhsdmM
microusconvilla.xyz/ 		0
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microusconvilla.xyz/QVpiSFpuZQE7ZxsdMCMUBTYxHgwQGyZ5DBQPMwUWFxwGHBg2PUQ8MyVnVXlsc2lRbiooPl96Y2cpFikuNClfeXwoNAQnZ2csX3l0cXRXe3RwfBY4OyZnU24qNS4OdWt3aVZwb3dqWnhsdmM
Requested by
Host: gestyy.com
URL: http://gestyy.com/ee22sF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-122.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 21 Oct 2021 22:41:20 GMT
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Mor3cLXp89n73s-FF9X2lzTk0_qurgr1b_W562jWNNtcsPNrlB3jRg==
x-cache
Miss from cloudfront
utx
kontadequality.xyz/ 		0
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kontadequality.xyz/utx?cb=urbDxAdjh6Uy&top=gestyy.com&tid=928001
Requested by
Host: d26adrx9c3n0mq.cloudfront.net
URL: http://d26adrx9c3n0mq.cloudfront.net/?xrdad=928001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.75 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-75.fra2.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Oct 2021 22:41:20 GMT
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
http://gestyy.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
_3rO7e9h8twllx1i5l_e4CfxhrKzjnn7QQjidxBTF1zXpx5c-llYow==
cGxld1MRDgYabBFRB1EmAgBYUmE2SVcxN0JaBBMhCFUGRD1AARRZMBwDEBM1AgMLA30eCRFSYTYhByMwQCExHBwnKhUvERgAACISBy09AGs1LTQfHyg5ARIFCFwuID8AXzVHGTENLU8iJAArTgUYCAMyOCYoJiY8NSpUIh4nOig6GwcEPyEkByU2RgkhORIlCTU5J...
kontadequality.xyz/ Frame 8EEB 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://kontadequality.xyz/cGxld1MRDgYabBFRB1EmAgBYUmE2SVcxN0JaBBMhCFUGRD1AARRZMBwDEBM1AgMLA30eCRFSYTYhByMwQCExHBwnKhUvERgAACISBy09AGs1LTQfHyg5ARIFCFwuID8AXzVHGTENLU8iJAArTgUYCAMyOCYoJiY8NSpUIh4nOig6GwcEPyEkByU2RgkhORIlCTU5JzUFFzUuJgVJCCYxFRQ0VAAZNTkjJhExLjwjPxg6JCEKIi1WTgo3PTQiEEFcAyZiGDQmITs0PQ0PNTJdFTEbNlQtNQI1ND0lGjgPHQ81MlwrLgVBHyEyAjpbNjYGNT80Tgk4BEgyFzM9HT8BNl0GMD86OzIbEiopAi1gNCpRNhQXJTUkEiUpIiEaNj1UGzc4KlxHFiEhLzYFRQozNSsWLlQ5BicLPy4bIj0pLwUiDzRGCjE5DTIXFl00MhQXKT0gAjkoJx83Ei4nMhczPlAgBhwuKTUROSsBACsVLScYEDRcETQQIUoPBDweHFgZOD4+EAMKNiscEB8fFg0
Requested by
Host: d26adrx9c3n0mq.cloudfront.net
URL: http://d26adrx9c3n0mq.cloudfront.net/?xrdad=928001
Protocol
HTTP/1.1
Server
13.224.193.75 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-75.fra2.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
0925c7b80180bea83d2c559fcc982ca4c28140f1e01cefe489d0783620e96617

Request headers

Host
kontadequality.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://gestyy.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/

Response headers

Content-Type
text/html
Content-Length
1237
Connection
keep-alive
Date
Thu, 21 Oct 2021 22:41:20 GMT
Server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
content-encoding
gzip
X-Cache
Miss from cloudfront
Via
1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C1
X-Amz-Cf-Id
pzdNrAPhnyhnMLL1UNaK7KvfWXPXrxb0GtfgHVw_VW7Ggz1P-OODdA==
QzFuM1VsDg1AaBICAgAbG11eZwAGdz1rEwFlGX0cIHQGYxQoWkhHPCcMVwFtcwFfFSUqVVMAZ2VCGlIhNkJTAnMqXwhcaGVHUwN7ex9aHWRlRR5SMn4ASEMhN11TAmNwBVYGY3MJXgVsdg
microusconvilla.xyz/ 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microusconvilla.xyz/QzFuM1VsDg1AaBICAgAbG11eZwAGdz1rEwFlGX0cIHQGYxQoWkhHPCcMVwFtcwFfFSUqVVMAZ2VCGlIhNkJTAnMqXwhcaGVHUwN7ex9aHWRlRR5SMn4ASEMhN11TAmNwBVYGY3MJXgVsdg
Requested by
Host: gestyy.com
URL: http://gestyy.com/ee22sF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-122.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 21 Oct 2021 22:41:20 GMT
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
96ma5fbrutsg6d9G5eknzK9vv0FJueqbtHRLiaxAjNFTZUELIMW8dQ==
x-cache
Miss from cloudfront
dFNIdjRbbCsFCSJgEQ5hIxUvJ1MQOx0hYjsQHxJlLhYrPG4YFm4CXRBucUQMRGN5UEQdN3VFBlIgPBdAASB1RAREZG4fWhI8dUQSAm54WAxaZ2ZHEgAjKREJRXU4AkAYbnlAB0BrfUAETGN+TwI
microusconvilla.xyz/ 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://microusconvilla.xyz/dFNIdjRbbCsFCSJgEQ5hIxUvJ1MQOx0hYjsQHxJlLhYrPG4YFm4CXRBucUQMRGN5UEQdN3VFBlIgPBdAASB1RAREZG4fWhI8dUQSAm54WAxaZ2ZHEgAjKREJRXU4AkAYbnlAB0BrfUAETGN+TwI
Requested by
Host: gestyy.com
URL: http://gestyy.com/ee22sF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-122.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 21 Oct 2021 22:41:20 GMT
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
BpgZs3d-daNZWefXGNuIqUmn_Zvrk-qbvGMD_xKelE5CdtJXzn4eiA==
x-cache
Miss from cloudfront
collect
www.google-analytics.com/j/ 		2 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1412884461&t=pageview&_s=1&dl=http%3A%2F%2Fgestyy.com%2Fee22sF&ul=en-us&de=UTF-8&dt=Earn%20money%20on%20short%20links.%20Make%20short%20links%20and%20earn%20the%20biggest%20money%20-%20shorte.st&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAAABAAAAAC~&jid=1666767427&gjid=2000269668&cid=348364801.1634856080&uid=9714212&tid=UA-42296749-1&_gid=908346623.1634856080&_r=1&_slc=1&cd2=2020-02-19.0&cd7=9714212&cd5=0&z=285860017
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://gestyy.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Oct 2021 22:41:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://gestyy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
freychang.fun/ 		16 B
726 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://freychang.fun/?f=ac7ce72fe97f03a5708ebb1e43df2eac
Requested by
Host: d3ud741uvs727m.cloudfront.net
URL: http://d3ud741uvs727m.cloudfront.net/?vudud=716233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f88bfbe4598cacfdde604ae70a7ad66d9fed5b0cb729cc5c75729545d4c8143b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 22:41:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
http://gestyy.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRd8rdYfQO%2BCZY3%2B9mf%2FD6wwfiO%2FiEyMUb9OGkqA04ntHxQptGM52ctM6z7nrLJqXH%2B2%2BwqaEpbruFCffgPb3AVQjMhloFGL6ggxHkKrU7o1conIouZu29dXxHFe2%2BwemxHushhbKrNAnrux"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
6a1dfe293cba2b41-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
freychang.fun/ 		15 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://freychang.fun/?f=ac7ce72fe97f03a5708ebb1e43df2eac
Requested by
Host: d26adrx9c3n0mq.cloudfront.net
URL: http://d26adrx9c3n0mq.cloudfront.net/?xrdad=928001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
708f60c0ce06258c174946aa72bd76aac5e8479b0c4e02bfe6a7aa76c8bd56da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 22:41:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
http://gestyy.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dBmSRZdujB%2BInYCTuoTgysXiFL3G5b5hP9gDqcXeheBg8yc4wXqcJwO9nK17L4YkdxwtijcpEGhe7MoWzWLVt3ZmLcL%2FrB9V6K2FaafpgIsmCT0M16i6D9NKo8je0TXiOAyB%2FeuPgTn%2BsVO"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
6a1dfe293cbe2b41-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Y11aDn9hW0gLYSQJC1gjPk1ff2RkX0MKZ3EdUA
d3ud741uvs727m.cloudfront.net/YOVFXaG1aPjkOUk04M1VaCGdlW14fOyQHA0lsHx4ZS2NmUB4ANg1OGUM1alhLVTA5D1AfNDkLUAh3NgwPBGVxHB1WOmoeFVE5LQEETzc2ThhYbDoHF1A9OwlICxdiRl0cY2dAGlA/MwcaSnRlWANNdGVYXAl/Z01ee3RlWB... Frame 836A 		587 B
846 B 		Script
General
Check archive.org
Download Go to
Full URL
http://d3ud741uvs727m.cloudfront.net/YOVFXaG1aPjkOUk04M1VaCGdlW14fOyQHA0lsHx4ZS2NmUB4ANg1OGUM1alhLVTA5D1AfNDkLUAh3NgwPBGVxHB1WOmoeFVE5LQEETzc2ThhYbDoHF1A9OwlICxdiRl0cY2dAGlA/MwcaSnRlWANNdGVYXAl/Z01ee3RlWBpQP2FcSAoTclpdQWdjQUgLYT-YYHVU0IA0PUjgjTV9/ZGRfQwpnclpdETo/HABVdGUrSAthOwEGXHRlWApcMjwHRBxjZwsFSz46DUgLF25bQwl/Y11aDn9hW0gLYSQJC1gjPk1ff2RkX0MKZ3EdUA
Requested by
Host: kontadequality.xyz
URL: http://kontadequality.xyz/dWR3YjgUBhQPBxRZFURNBwhKRwozQUUkXEYRE1UMRBEBEQ9HUxpMWxkLAgZeBwsZFhYbAQNHCjM9ODR+LQUwU1klDhwtbR5UQy8JIwU0JVwZM0ZWXjodJip5RQgEKkBBPiRQdhgxNVZ5OwNGLX8gKUYDVB0oITZ5QCBGI147IBwubTQMRCxfAjQ1JW4NLDVTbzoJGAd+IyFCLmkwISMYW0cwHwphFyAYKn5EJU4tTxktNBpcHDYbUlssVhMjfxklUlB+OBMUA2sbNhs1eTsqEyVuLDw2Dh1HIi1SCRABRDBUIiYHM2hHIhQxeRowFA5IETUgBlIkMRAuYSFJLjtwIzFHK3lFNCIIXx8wIVsdRyItJWoTNQASVhYIBwZ9IQtSUH49JTU0XDIxBTF5AQw4FX0yPD8wVCIlBwF1HxM/MHoNDi0VSzM3DVYOMTEQLn5HURUzTxlBRSRhRFUWJlZMDCBSXzk9JDNyNlUQCGgeVREECicPL1J1Pj5EJ1wgJVEISxoKB19wAxAFUAlNF04FYg
Protocol
HTTP/1.1
Server
13.32.118.230 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-230.fra60.r.cloudfront.net
Software
/
Resource Hash
e5e460242def98c2c31234b394bb785d60480afc7551d47cf53968c23cb53a68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://kontadequality.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 22:41:20 GMT
content-encoding
gzip
X-Amz-Cf-Pop
FRA60-P1
X-Cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
Connection
keep-alive
Content-Length
459
Via
1.1 814952d19d560b49ff15ad2f71e400d3.cloudfront.net (CloudFront)
X-Amz-Cf-Id
l6WHoNhK8ogHt2o_YDJDf1ndYP074evlFOTj2hdQr8LHL-sxkGoyQg==
MbTc0MTkOWFpXBhleUAwAXw8EAQhLXUdeVx0KWlp3P0JAaH8qTlN9VhdfEkVDCQoEF1UMWVMMHwhZVwwIS1ZQUwRZEUBBVgYKQV9dCFFdX1wJEUFQBABYTlhVAVYRA39YGQQUC10fQ1hXCVhDQhxfB1pFHF8HBQEXXRIHcxxfB0NYV1sDEQJ7SAUESQ9ZHh-EDCQx...
d26adrx9c3n0mq.cloudfront.net/ Frame 8EEB 		451 B
748 B 		Script
General
Check archive.org
Download Go to
Full URL
http://d26adrx9c3n0mq.cloudfront.net/MbTc0MTkOWFpXBhleUAwAXw8EAQhLXUdeVx0KWlp3P0JAaH8qTlN9VhdfEkVDCQoEF1UMWVMMHwhZVwwIS1ZQUwRZEUBBVgYKQV9dCFFdX1wJEUFQBABYTlhVAVYRA39YGQQUC10fQ1hXCVhDQhxfB1pFHF8HBQEXXRIHcxxfB0NYV1sDEQJ7SAUESQ9ZHh-EDCQxHRF1cGlJWWlAZEgZ3DF4AGgIPSAUEGVIFQ1ldHF90EQMJAV5fVBxfB1NUWgZYHRQLXVRcQ1YAUhEDf1QEGgEXWQIDBhdbBBEDCR5WUlBLBBIGdwxeABoCD0tCCQ
Requested by
Host: kontadequality.xyz
URL: http://kontadequality.xyz/cGxld1MRDgYabBFRB1EmAgBYUmE2SVcxN0JaBBMhCFUGRD1AARRZMBwDEBM1AgMLA30eCRFSYTYhByMwQCExHBwnKhUvERgAACISBy09AGs1LTQfHyg5ARIFCFwuID8AXzVHGTENLU8iJAArTgUYCAMyOCYoJiY8NSpUIh4nOig6GwcEPyEkByU2RgkhORIlCTU5JzUFFzUuJgVJCCYxFRQ0VAAZNTkjJhExLjwjPxg6JCEKIi1WTgo3PTQiEEFcAyZiGDQmITs0PQ0PNTJdFTEbNlQtNQI1ND0lGjgPHQ81MlwrLgVBHyEyAjpbNjYGNT80Tgk4BEgyFzM9HT8BNl0GMD86OzIbEiopAi1gNCpRNhQXJTUkEiUpIiEaNj1UGzc4KlxHFiEhLzYFRQozNSsWLlQ5BicLPy4bIj0pLwUiDzRGCjE5DTIXFl00MhQXKT0gAjkoJx83Ei4nMhczPlAgBhwuKTUROSsBACsVLScYEDRcETQQIUoPBDweHFgZOD4+EAMKNiscEB8fFg0
Protocol
HTTP/1.1
Server
2600:9000:2251:fc00:b:b271:7c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
fb9465d64650993ae1a28a57001e912cb85a33a375b4da32a9d1e59cdc814c9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://kontadequality.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 22:41:21 GMT
Content-Encoding
gzip
X-Amz-Cf-Pop
FRA60-P3
X-Cache
Miss from cloudfront
access-control-allow-origin
*
Cache-Control
max-age=31556926
Connection
keep-alive
Content-Length
361
Via
1.1 89f400f550feb1d74a18ecb2070103ad.cloudfront.net (CloudFront)
X-Amz-Cf-Id
Ar08GoN15KuZJDmH5L6InjNPTgLx4RYBNI-zX8831lbGSjYeRkXSgg==
nr-1211.min.js
js-agent.newrelic.com/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1211.min.js
Requested by
Host: gestyy.com
URL: http://gestyy.com/ee22sF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e42e478fd27161799c18a75c2e9a7341996250f696d09d53db336a2962ba06b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
yf8j0EL0OxPIPTHd.58X6iFExO4xIT0R
content-encoding
gzip
etag
"3ad2268e635f4d033b0062f582c5b85a"
x-amz-request-id
14R0NFQS9PQAR023
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
12477
x-amz-id-2
+snQOstdnQhnlCWva/rU7dBf3e9wzJPyI+Pr+TX41Llvs58SsWjGL8TICmfEmSQgXX8970F7aWY=
x-served-by
cache-fra19142-FRA
last-modified
Mon, 27 Sep 2021 20:46:50 GMT
server
AmazonS3
x-timer
S1634856081.032324,VS0,VE0
date
Thu, 21 Oct 2021 22:41:21 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2039
notify.php
ads.shorte.st/ Frame C1D9 		0
761 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ads.shorte.st/notify.php?key=2ea5b261f06ca771033a5fa9e22493f1&width=1024&height=768&ch=9714212&cp.dest_domain=mediafire.com&cp.oid=9714212&cp.referrer=&cp.locked=0&cp.proxy=0&cp.quarantine_status=1&cp.vno=1&cp.enc_url=gpH/PHJ66wZHcF46jNJE+lw8QEaPplZAxQvNlAwnzNxU/9wb1HAzQ/37BUBgs9NrjX6hUOcrdFvMdUJKPYw2gQ==&cp.asid=fa4ba51a1ef3648b00ae16f0a3a3d821faf297dc&title=&description=&keywords=&captcha_verified=0
Requested by
Host: static.sh.st
URL: http://static.sh.st/js/packed/interstitial-page.js?2020-02-19.0
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:4a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40-0+deb8u13
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
ads.shorte.st
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://gestyy.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/

Response headers

Date
Thu, 21 Oct 2021 22:41:21 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/5.6.40-0+deb8u13
Cache-Control
no-cache
X-Server-ID
shn11
X-UA-Compatible
IE=Edge
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzuI4U66PBa%2Fr1nG%2FtgycJb4UIzOWAPR8%2Fe7ksDrIr4JeL1ecEVW0Jgcyelx5LVF9NYwMiVFLRGb%2FOeeA%2BINC%2BVaWES5jTiqbYEVWr32Ow%2F8Cqz6Utlf3zF5J1WZzjeBIrGSGY1gWiHx8%2Bc%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6a1dfe2a7e29698b-FRA
Content-Encoding
gzip
28e0508023
bam-cell.nr-data.net/1/ 		49 B
715 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/28e0508023?a=9451001&v=1211.ba193a8&to=NFRQZUVRChECVxINXA0ec1JDWQsMTEcOC0EXVEFFGVEAFAZGEg1ABlxXX0MeFwoMRhIBQBduR0NbHg0MF1EUF0cKRVtQW28UAwRR&rst=916&ck=1&ref=http://gestyy.com/ee22sF&ap=118&be=185&fe=883&dc=579&perf=%7B%22timing%22:%7B%22of%22:1634856080127,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:1,%22c%22:1,%22ce%22:6,%22rq%22:6,%22rp%22:163,%22rpe%22:171,%22dl%22:166,%22di%22:579,%22ds%22:579,%22de%22:582,%22dc%22:883,%22l%22:883,%22le%22:887%7D,%22navigation%22:%7B%7D%7D&fp=241&fcp=241&at=GBNTEw1LGR8%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1211.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 22:41:21 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
6a1dfe2aa8432b16-FRA
popunder.gif
microusconvilla.xyz/ 		35 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://microusconvilla.xyz/popunder.gif
Protocol
HTTP/1.1
Server
143.204.98.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-122.fra50.r.cloudfront.net
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
public
Date
Thu, 21 Oct 2021 22:41:21 GMT
content-encoding
gzip
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
Connection
keep-alive
Content-Length
58
Via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
X-Amz-Cf-Id
PH1gwQ5AYbNBWBw0YYYqWzwigfdnGTV0rky8tKPY7VmZwQXzhlW3hQ==
TUQ0WWhie1cqVQN2cjY5Ji91Dz54PVEIPhcRfAtcDwJ2CAwVLxItASl5DWtQfXQFfxgkIAlqWms3QDgcODcJa1h9cxIwBisrCWtOO3kEd1BjcBpoTjk0VT5VfGJELRwheQVvW3l8AW9YdXUGblA
microusconvilla.xyz/ 		0
214 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://microusconvilla.xyz/TUQ0WWhie1cqVQN2cjY5Ji91Dz54PVEIPhcRfAtcDwJ2CAwVLxItASl5DWtQfXQFfxgkIAlqWms3QDgcODcJa1h9cxIwBisrCWtOO3kEd1BjcBpoTjk0VT5VfGJELRwheQVvW3l8AW9YdXUGblA
Requested by
Host: d26adrx9c3n0mq.cloudfront.net
URL: http://d26adrx9c3n0mq.cloudfront.net/?xrdad=928001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-122.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://gestyy.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 21 Oct 2021 22:41:21 GMT
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
DKgin3ohTKc5P4JwWh-ZVKcvb3VLFV1K4OT66cFnwQk6PGCQmfLQhQ==
x-cache
Miss from cloudfront
floater
kontadequality.xyz/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://kontadequality.xyz/floater?cs=akxFM0ddeHMDd1h0fQV2WX19BHc&abt=0&red=1&sm=83&k=make%20shorte%20earn%20short%20links%20money&v=0.8.4.1&sts=0&prn=0&emb=0&tid=928001&u=733183981230243&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=http%3A%2F%2Fgestyy.com%2Fee22sF&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F93.0.4577.63%20safari%2F537.36&tzd=0&uloc=&if=0&aa=td1_oi1_&_Ovm8=1634856081279&crc=1
Requested by
Host: d26adrx9c3n0mq.cloudfront.net
URL: http://d26adrx9c3n0mq.cloudfront.net/?xrdad=928001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.75 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-75.fra2.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
17a0e101e54b2139f2432c594770a518171335a9948220042176effd7ea4016e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Oct 2021 22:41:21 GMT
content-encoding
gzip
server
openresty/1.17.8.2
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
http://gestyy.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
text/plain
content-length
848
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
x-amz-cf-id
QkjD8glSePCiBMqNXrNhtnln9Im77k6LfTDt8h8TomHbySpXax8ymw==
multi
kontadequality.xyz/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://kontadequality.xyz/multi?cs=MzBBeWoFAXFNXAIAdE5YAwN2Sls&abt=0&red=1&sm=76&k=make%20shorte%20earn%20short%20links%20money&v=1.0.53.1&sts=0&prn=0&emb=0&tid=716233&u=733183981230243&fs=1&ref=http%3A%2F%2Fgestyy.com%2Fee22sF&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F93.0.4577.63%20safari%2F537.36&tzd=0&uloc=&if=0&_LAbp=1634856081280&crc=1
Requested by
Host: d3ud741uvs727m.cloudfront.net
URL: http://d3ud741uvs727m.cloudfront.net/?vudud=716233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.75 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-75.fra2.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
cffd4f1db3c88574715618af08a289da8b790d7ca95476758395abdb1da10254

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Oct 2021 22:41:21 GMT
content-encoding
gzip
server
openresty/1.17.8.2
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
http://gestyy.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
text/plain
content-length
1364
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
x-amz-cf-id
1Smjbcnce2ulRp5Yfn4wXNp5J8QttgcliqOikktdKt__BdToGZhlFw==
truncated
/ Frame 05EE 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c1e4cc7644ff1698616e3b394dc02cc07aa5a5e2fe94f992de85246c467dfa9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://gestyy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
S2oFBFwMKCoQUkM7Jx0XHWttBkpDLyYATUNqbRJUDyIsHVgZK20QVgN9cTVeCywvElAKdikDXAl9dDBXGzQvVg4ta3dBDVtpe0AMXG9xQQBeanZACkgufkMXVnZ3XQhILDMSXlNpZQNNGjR+Qg9dbHtGD15gcUoOWg
microusconvilla.xyz/OW5YQ3MWUTswTmtebRknbTQvJh4AVxotJQs3ADA7XSZhKxZeN343Gl1TYXFLCV5pZQNQCmVwQR8dLCIHTB1lcUMJW34qHV8BZXFDCVhoc0YMVn10MFEaLDMAHF0ZZkF/ 		0
213 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://microusconvilla.xyz/OW5YQ3MWUTswTmtebRknbTQvJh4AVxotJQs3ADA7XSZhKxZeN343Gl1TYXFLCV5pZQNQCmVwQR8dLCIHTB1lcUMJW34qHV8BZXFDCVhoc0YMVn10MFEaLDMAHF0ZZkF/S2oFBFwMKCoQUkM7Jx0XHWttBkpDLyYATUNqbRJUDyIsHVgZK20QVgN9cTVeCywvElAKdikDXAl9dDBXGzQvVg4ta3dBDVtpe0AMXG9xQQBeanZACkgufkMXVnZ3XQhILDMSXlNpZQNNGjR+Qg9dbHtGD15gcUoOWg
Requested by
Host: d26adrx9c3n0mq.cloudfront.net
URL: http://d26adrx9c3n0mq.cloudfront.net/?xrdad=928001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-122.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://gestyy.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 21 Oct 2021 22:41:23 GMT
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
JejYXZitmTcopp03pJh9hoQUzlXhNxwjKuow_HfBCvuXtuUpPiFkwg==
x-cache
Miss from cloudfront
getlaid.jpeg
webpick-cdn.s3.us-west-2.amazonaws.com/ 		0
0
getlaid.jpeg
webpick-cdn.s3.us-west-2.amazonaws.com/ Frame D5DF 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webpick-cdn.s3.us-west-2.amazonaws.com/getlaid.jpeg
Requested by
Host: d26adrx9c3n0mq.cloudfront.net
URL: http://d26adrx9c3n0mq.cloudfront.net/?xrdad=928001
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.130.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e6a18e81d67bc6cfadbe2c86c78b99c0e01644cdeafb48144663121b629ea227

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 22:41:24 GMT
Last-Modified
Thu, 25 Jun 2020 08:18:14 GMT
Server
AmazonS3
x-amz-request-id
DDNAWKT9Y8JVCEQ4
ETag
"e73bda30c82b74c32e5f03e4ed4e4bb1"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
9313
x-amz-id-2
NuLZ7Kjsn8LyD6pGvaklxMNghYWPowT/C9B5KAQ9d0Ior/HAsk1QKrp0IU155Shppu4w2E482Hs=
x-amz-meta-s3b-last-modified
20200625T081632Z
truncated
/ Frame D5DF 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63a428de16700f13f745cca888ee6d19b8c9470c623116b647c2a0cb431549a0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D5DF 		814 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01258ad47ff93fa506eeeeb68d76394891dd70751c894e3bb1cd1823e34e0a84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
analytics.shorte.st
URL
http://analytics.shorte.st/displayed
Domain
webpick-cdn.s3.us-west-2.amazonaws.com
URL
https://webpick-cdn.s3.us-west-2.amazonaws.com/getlaid.jpeg

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect boolean| originAgentCluster object| NREUM object| newrelic function| __nr_require string| GoogleAnalyticsObject function| ga object| dataLayer function| gtag object| app function| bindInfoButtons function| showClickedInfo object| bean function| domready function| reqwest function| Fingerprint object| fuckAdBlock object| google_tag_manager number| l5pppp function| T677 function| w91 function| e677 undefined| handleException function| R3ff function| _cli7jzpnv2uo7jp5uq9c9u object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| _clbrfnuozis448rsw2zy8h function| onClickTrigger boolean| zfgloadedpopup number| LAST_CORRECT_EVENT_TIME number| _3397088637 function| fa number| _2706036296 string| a number| refS

10 Cookies

Domain/Path Name / Value
gestyy.com/ Name: hl
Value: en
gestyy.com/ Name: cookies-enable
Value: 1
.gestyy.com/ Name: _ga
Value: GA1.2.348364801.1634856080
.gestyy.com/ Name: _gid
Value: GA1.2.908346623.1634856080
dendranthe4edm7um.com/ Name: UID
Value: 21102117414675f1025a2e4514af4ae7fce2
gestyy.com/ Name:
Value: __test
gestyy.com/ Name: __PPU___PPU_SESSION_URL
Value: %2Fee22sF
ilusors.com/ Name: UID
Value: 2110211741b12dbfceac874a6db54d45d883
.gestyy.com/ Name: _gat
Value: 1
.nr-data.net/ Name: JSESSIONID
Value: cb73cfc5cfa96783

2 Console Messages

Source Level URL
Text
javascript error URL: http://gestyy.com/ee22sF
Message:
Access to XMLHttpRequest at 'http://analytics.shorte.st/displayed' from origin 'http://gestyy.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: http://analytics.shorte.st/displayed
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.shorte.st
analytics.shorte.st
bam-cell.nr-data.net
d26adrx9c3n0mq.cloudfront.net
d3ud741uvs727m.cloudfront.net
dendranthe4edm7um.com
fonts.googleapis.com
fonts.gstatic.com
freychang.fun
gestyy.com
ilusors.com
js-agent.newrelic.com
kontadequality.xyz
microusconvilla.xyz
static.sh.st
webpick-cdn.s3.us-west-2.amazonaws.com
www.google-analytics.com
www.googletagmanager.com
analytics.shorte.st
webpick-cdn.s3.us-west-2.amazonaws.com
109.206.162.83
13.224.193.75
13.32.118.230
143.204.98.122
151.101.2.137
162.247.243.147
2600:9000:2251:fc00:b:b271:7c80:21
2606:4700:20::681a:56b
2606:4700:20::681a:99b
2606:4700:20::ac43:44fa
2606:4700:20::ac43:4a21
2606:4700:3030::ac43:dadd
2a00:1450:4001:800::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82f::200a
52.92.130.10
01258ad47ff93fa506eeeeb68d76394891dd70751c894e3bb1cd1823e34e0a84
0925c7b80180bea83d2c559fcc982ca4c28140f1e01cefe489d0783620e96617
17a0e101e54b2139f2432c594770a518171335a9948220042176effd7ea4016e
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
3c1e4cc7644ff1698616e3b394dc02cc07aa5a5e2fe94f992de85246c467dfa9
45b7ceab34d007ae188e8b35b6f74eec1fe57af7211c2e38f97dfc041aa80983
4bfd84441ea51484204c8ca64bfd0dd137c5c95e236c32fd380da19ab00510b4
4e42e478fd27161799c18a75c2e9a7341996250f696d09d53db336a2962ba06b
5ed345cf672537b57dc063136eaac185ba9530cd18424d8e5f9918cfbf198384
5f378e175a4187651476b88f14f1650f0938762836e9e1d145a4759da510643b
63a428de16700f13f745cca888ee6d19b8c9470c623116b647c2a0cb431549a0
708f60c0ce06258c174946aa72bd76aac5e8479b0c4e02bfe6a7aa76c8bd56da
8146dfca511f063c33c05e13e151ed3d3456441590a4b1358bbc99b320a02b8d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87eb4c9fa2bd3a95f29b584d8c1154e5d2c137ccbbc8572dedc6218beefa656f
898b3f782f98edc787776418c39c0b3cd610b0c6133a33b3882032c032995743
8b22d427ce1dc57caab4d8d6059ebde5040c2c89440ad50e87c5110f6a5cafb1
91263f8d2fb17cc354c7b3cc4465ffaac954ac709b78c8bef514e70fc89fc559
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cffd4f1db3c88574715618af08a289da8b790d7ca95476758395abdb1da10254
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
e0887b9a18f6aa4c3488b99a16a73781348043d96b046068dc66216006de1efe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e460242def98c2c31234b394bb785d60480afc7551d47cf53968c23cb53a68
e6a18e81d67bc6cfadbe2c86c78b99c0e01644cdeafb48144663121b629ea227
f88bfbe4598cacfdde604ae70a7ad66d9fed5b0cb729cc5c75729545d4c8143b
fb9465d64650993ae1a28a57001e912cb85a33a375b4da32a9d1e59cdc814c9e
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fd7607ab554a8c5af9aed32593ae99aaf0682198dbbd277372e8b663bd98b001