Submitted URL: http://jojo--castle.ahlamontada.net/
Effective URL: https://jojo--castle.ahlamontada.net/
Submission Tags: falconsandbox
Submission: On January 26 via api from US

Summary

This website contacted 23 IPs in 7 countries across 20 domains to perform 86 HTTP transactions. The main IP is 94.23.159.185, located in London, United Kingdom and belongs to OVH, FR. The main domain is jojo--castle.ahlamontada.net.
TLS certificate: Issued by R3 on January 17th 2021. Valid for: 3 months.
This is the only time jojo--castle.ahlamontada.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 94.23.159.185 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
8 51.158.29.13 12876 (Online SAS)
1 2a02:2638:1::3 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
16 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
17 199.232.137.44 54113 (FASTLY)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 13.224.102.127 16509 (AMAZON-02)
9 139.45.196.146 9002 (RETN-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 108.128.92.197 16509 (AMAZON-02)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
1 139.45.195.198 9002 (RETN-AS)
3 151.101.13.44 54113 (FASTLY)
86 23
Domain Requested by
16 2img.net jojo--castle.ahlamontada.net
10 images.taboola.com jojo--castle.ahlamontada.net
9 pushmono.com jojo--castle.ahlamontada.net
pushmono.com
8 choices.consentframework.com jojo--castle.ahlamontada.net
choices.consentframework.com
6 cdn.taboola.com jojo--castle.ahlamontada.net
cdn.taboola.com
5 api.viglink.com cdn.viglink.com
5 illiweb.com jojo--castle.ahlamontada.net
4 i.servimg.com jojo--castle.ahlamontada.net
4 jojo--castle.ahlamontada.net 1 redirects jojo--castle.ahlamontada.net
2 trc.taboola.com cdn.taboola.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com jojo--castle.ahlamontada.net
1 vidstat.taboola.com cdn.taboola.com
1 15.taboola.com cdn.taboola.com
1 cdn.betgorebysson.club pushmono.com
1 gum.criteo.com static.criteo.net
1 www.google.de jojo--castle.ahlamontada.net
1 www.google.com jojo--castle.ahlamontada.net
1 stats.g.doubleclick.net www.google-analytics.com
1 connect.topicit.net jojo--castle.ahlamontada.net
1 cdn.viglink.com jojo--castle.ahlamontada.net
1 adstune.com jojo--castle.ahlamontada.net
1 static.criteo.net jojo--castle.ahlamontada.net
1 cache.consentframework.com jojo--castle.ahlamontada.net
1 ajax.googleapis.com jojo--castle.ahlamontada.net
0 psd.phishing-site.www Failed jojo--castle.ahlamontada.net
86 26
Subject Issuer Validity Valid
*.ahlamontada.net
R3
2021-01-17 -
2021-04-17
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
illiweb.com
Cloudflare Inc ECC CA-3
2020-08-16 -
2021-08-16
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-24 -
2021-07-24
a year crt.sh
choices.consentframework.com
R3
2020-12-02 -
2021-03-02
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2020-11-17 -
2021-02-14
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
2img.net
Cloudflare Inc ECC CA-3
2020-07-04 -
2021-07-04
a year crt.sh
servimg.com
Cloudflare Inc ECC CA-3
2020-08-17 -
2021-08-17
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-25 -
2021-12-26
a year crt.sh
viglink.com
Amazon
2020-12-13 -
2022-01-11
a year crt.sh
pushmono.com
R3
2020-12-22 -
2021-03-22
3 months crt.sh
topicit.net
Cloudflare Inc ECC CA-3
2020-09-04 -
2021-09-04
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
www.google.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
www.google.de
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2020-11-17 -
2021-02-14
3 months crt.sh
betgorebysson.club
R3
2021-01-13 -
2021-04-13
3 months crt.sh

This page contains 3 frames:

Primary Page: https://jojo--castle.ahlamontada.net/
Frame ID: 2EF17CF38E9ED030228A8C94828B6EB5
Requests: 79 HTTP requests in this frame

Frame: https://adstune.com/ap/index.php?lang=ar&dim=728x90
Frame ID: 77F4A033A329F1DAD59F481D0F2D3937
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=jojo--castle.ahlamontada.net
Frame ID: ABDA6E6E15929BF2DF8093C6AFC75FCA
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://jojo--castle.ahlamontada.net/ HTTP 301
    https://jojo--castle.ahlamontada.net/ Page URL

Page Statistics

86
Requests

99 %
HTTPS

64 %
IPv6

20
Domains

26
Subdomains

23
IPs

7
Countries

930 kB
Transfer

2597 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://jojo--castle.ahlamontada.net/ HTTP 301
    https://jojo--castle.ahlamontada.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

86 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
jojo--castle.ahlamontada.net/
Redirect Chain
  • http://jojo--castle.ahlamontada.net/
  • https://jojo--castle.ahlamontada.net/
90 KB
15 KB
Document
General
Full URL
https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.23.159.185 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
f7753b567164100080cba6ccd03b9a6f165c5bd7c509e1ad5e547991bd0f1002
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

:method
GET
:authority
jojo--castle.ahlamontada.net
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:20 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-cache, no-store
pragma
no-cache
expires
Tue, 26 Jan 2021 00:00:00 GMT
last-modified
Tue, 26 Jan 2021 07:32:20 GMT
vary
User-Agent
set-cookie
exadd=161166; expires=Tue, 26-Jan-2021 11:32:20 GMT; Max-Age=14400
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
x-xss-protection
1
access-control-allow-origin
*
content-encoding
gzip

Redirect headers

Date
Tue, 26 Jan 2021 07:32:20 GMT
Content-Length
0
Location
https://jojo--castle.ahlamontada.net/
0-rtl.css
jojo--castle.ahlamontada.net/
134 KB
52 KB
Stylesheet
General
Full URL
https://jojo--castle.ahlamontada.net/0-rtl.css
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.23.159.185 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
b9db9f4e6546550050d4d5047686ae1e64ce9158e08baceb946ff21bb32289a5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Jan 2021 00:00:00 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
content-security-policy
upgrade-insecure-requests
content-length
52627
x-xss-protection
1
x-cache-ma
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.2/
93 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 05:20:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7937
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33845
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Jan 2022 05:20:04 GMT
ar.js
illiweb.com/rs3/93/frm/lang/
71 KB
17 KB
Script
General
Full URL
https://illiweb.com/rs3/93/frm/lang/ar.js
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9c60bf145f069a2775bb7674edf120e4348d301f661246218aeacfd1089e5ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
75794
cf-polished
origSize=72391
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
07df34a7d100002ba19dbc7000000001
x-cache-ne
MISS
last-modified
Tue, 19 Jan 2021 09:52:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gCwKt3xTm3KBrkV%2FOszKM6FnSofdW%2BkUOheWB9Yo564ruPKSE5WScTb2rHE2dW3u%2BEN74JeCgkhDggaJeB9efl5iFftFgZ2JyT1cqPx09tcqkZnS1mTrUg%3D%3D"}],"group":"cf-nel"}
content-type
application/x-javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000
x-cache-pr
MISS
cf-ray
61788a1fbbc12ba1-FRA
expires
Tue, 25 Jan 2022 10:29:07 GMT
ticker.css
illiweb.com/rs3/93/frm/jquery/ticker/
388 B
952 B
Stylesheet
General
Full URL
https://illiweb.com/rs3/93/frm/jquery/ticker/ticker.css
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0915a998c8a41f69e82331eca861ccb6635aac2eeb5639348f370e6e189c663c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
75795
cf-polished
origSize=390
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
07df34a7ce00002ba1a29d1000000001
x-cache-ne
MISS
last-modified
Tue, 27 Aug 2019 14:00:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1KJx1EbZnQpEPLstdqbvorHIWFUErm3ipYw6yYkTZ9QcAghRPneMK9jlmLqI%2FGxblLiB8US4dAQ4sH5y4oNsJEZy4LErHzMAK%2BnTPCV9%2FonakDb0rsoyuQ%3D%3D"}],"group":"cf-nel"}
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000
x-cache-pr
MISS
cf-ray
61788a1fbbbf2ba1-FRA
expires
Tue, 25 Jan 2022 10:29:06 GMT
ticker.js
illiweb.com/rs3/93/frm/jquery//ticker/
7 KB
1 KB
Script
General
Full URL
https://illiweb.com/rs3/93/frm/jquery//ticker/ticker.js
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3682a82a1dd6c67a32cb888e738e45bba2b1aace5ce26a4479cd18a007841399
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
75794
cf-polished
origSize=8803
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
07df34a7cf00002ba1ad0d4000000001
x-cache-ne
MISS
last-modified
Tue, 27 Aug 2019 14:00:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BVodXMnsCG1sR5uzth4eeKKknhqZZZqqRHEw0tfLSgddIuKSnLVGNyp8bfPYaPXzau%2FxE%2B1pPHZhmcQyvRcGd75cOYRsrOQxOImm5m3ZrR27crfnLzaiiw%3D%3D"}],"group":"cf-nel"}
content-type
application/x-javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000
x-cache-pr
MISS
cf-ray
61788a1fbbc42ba1-FRA
expires
Tue, 25 Jan 2022 10:29:07 GMT
stub
cache.consentframework.com/js/pa/24697/c/IxWav/
3 KB
2 KB
Script
General
Full URL
https://cache.consentframework.com/js/pa/24697/c/IxWav/stub
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:566 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c679280313c63c9cc14fbccb6f86d9f51bff04783cec4c96cdc09850a395a837
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
age
735
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OZRZZy3exsOi%2FIRoYjIKHavXgMjHWEjDIfXikOjGf3nvnMXl0oDGnplGgI1NsrygSb0dJ1xCSuSeTLnMMO0V4N1Lyw8%2FASZT1mkYaf4QYY0MR9jQJMaljDCSb%2FWTKMVy17ismLeSvg%3D%3D"}],"group":"cf-nel"}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=3600
strict-transport-security
max-age=15724800; includeSubDomains; preload
cf-ray
61788a1fb9c2e007-FRA
cf-request-id
07df34a7d00000e00761a8a000000001
cmp
choices.consentframework.com/js/pa/24697/c/IxWav/
621 KB
171 KB
Script
General
Full URL
https://choices.consentframework.com/js/pa/24697/c/IxWav/cmp
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.29.13 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-29-13.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
83657e9081dfeb56e9dd28b560a1295c55fcc457d47966aac11a06705f09991b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
cache-control
private, max-age=3600
server
nginx/1.11.3
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains; preload
content-type
text/javascript; charset=UTF-8
publishertag.js
static.criteo.net/js/ld/
115 KB
37 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ca5302f20a69cb2fe08a2429cf7268a2d5152d49608b0a954646553c70fd8afd

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
content-encoding
gzip
last-modified
Thu, 07 Jan 2021 11:16:39 GMT
server
nginx
etag
W/"5ff6ed97-1cb87"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Wed, 27 Jan 2021 07:32:21 GMT
js
www.googletagmanager.com/gtag/
98 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-144347007-1
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ae4cbfef0fe9ab08d6ff665c0c3aadde623892b28c90288d23ee52d8111950f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39650
x-xss-protection
0
last-modified
Tue, 26 Jan 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 26 Jan 2021 07:32:21 GMT
jquery.cookie.js
illiweb.com/rs3/93/frm/jquery/cookie/
1011 B
730 B
Script
General
Full URL
https://illiweb.com/rs3/93/frm/jquery/cookie/jquery.cookie.js
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
75798
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
07df34a7cf00002ba178377000000001
x-cache-ne
HIT
last-modified
Wed, 09 Sep 2020 09:40:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wOif1H4qe1uapnkv7W9YLDiH9XHhHsUdASsBCn6XqETuqH6KAp7qlcduzTGaYzWC4zifJmT%2FdYNxA68Lf%2Blvq6CBLVGhDSlqpeRz4KF3ozwfcL%2BHwMaIzg%3D%3D"}],"group":"cf-nel"}
content-type
application/x-javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000
x-cache-pr
HIT
cf-ray
61788a1fbbc62ba1-FRA
expires
Tue, 25 Jan 2022 10:29:03 GMT
js
www.googletagmanager.com/gtag/
98 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
019dd1dc4c1ee8b271bd8a054c25b2516bb34920354ee5995fad3d371a4580da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39431
x-xss-protection
0
last-modified
Tue, 26 Jan 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 26 Jan 2021 07:32:21 GMT
i_icon_mini_index.gif
2img.net/s/t/16/42/63/
171 B
492 B
Image
General
Full URL
https://2img.net/s/t/16/42/63/i_icon_mini_index.gif
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79506a8f043156e94bba71e9613c89fc7ea4e8c24f3de137c0cd6a938a1a515a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
171
cf-request-id
07df34a89f0000d7096ba2a000000001
last-modified
Sat, 30 Oct 2010 17:24:09 GMT
server
cloudflare
etag
"4ccc54b9-ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xFuyxmrNtlpS7lfY1LyKTeyrDL7B9BznZKh32cTdKO158ptqybJMgBEtUqwi%2B5nPKmcCCdxkI8IvUXOgVnwVMW38n5z9P4c8EZMuGcaHACp3TJRN0Q%3D%3D"}],"group":"cf-nel"}
content-type
image/gif
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
61788a20ff46d709-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
i_icon_mini_register.gif
2img.net/s/t/16/42/63/
2 KB
2 KB
Image
General
Full URL
https://2img.net/s/t/16/42/63/i_icon_mini_register.gif
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
302928586cc71d156bff9a42e7634f480d5b1eae12d0d2bdbe8d43c1fd8005dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1975
cf-request-id
07df34a8a00000d709e33c4000000001
last-modified
Sat, 30 Oct 2010 17:23:45 GMT
server
cloudflare
etag
"4ccc54a1-7b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lCYQaNhaglvWP525GfWoyiCQVD%2BSolo9ZALe%2BNs5wAelL4vnd6Phugt1aDHHL6d5FgsFxfRNAVdL4fJLwxOm2lJuzxlwiGZ9LRTKNogGXuwVpD%2F2rw%3D%3D"}],"group":"cf-nel"}
content-type
image/gif
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
61788a20ff52d709-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
i_icon_mini_login.jpg
2img.net/s/t/16/42/63/
1 KB
2 KB
Image
General
Full URL
https://2img.net/s/t/16/42/63/i_icon_mini_login.jpg
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b070e244ffb520ec6573a3cd2fafda82e4049e7578a9102b22e0e59ff383d9f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1169
cf-request-id
07df34a89f0000d7096ab49000000001
last-modified
Fri, 12 May 2017 14:21:42 GMT
server
cloudflare
etag
"5915c4f6-491"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SgLj5p2%2FQ421xtQ7QH0auxHxCKT7onEtyeVJWLYVLzFoijgFwwCFE95w4YUlmCE4ayObHLX7gH0Vs49gLBCK45iwo1l6%2Ft5k77TgFStNjHJsRA7etA%3D%3D"}],"group":"cf-nel"}
content-type
image/jpeg
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
61788a20ff4ad709-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.marquee.min.js
illiweb.com/rs3/93/frm/jquery/marquee/
4 KB
2 KB
Script
General
Full URL
https://illiweb.com/rs3/93/frm/jquery/marquee/jquery.marquee.min.js
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfbed761248e93343233a74b2cd5b0457d0efc8fde33faa7516625d38d8e06e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
75790
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
07df34a7f800002ba1902d0000000001
x-cache-ne
HIT
last-modified
Tue, 27 Aug 2019 14:00:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZAJCran0otvGT5VI790MoOs6pjzWFmgasTg9tbtb79uhRNIBgu0GJ%2FS6rmtNvNQbnIWaNLqMyYFcJPt0VSdj0YPWPrNNDZpKhTsFRZ%2B94cvv%2Fue8R5VfVg%3D%3D"}],"group":"cf-nel"}
content-type
application/x-javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000
x-cache-pr
HIT
cf-ray
61788a1ffc522ba1-FRA
expires
Tue, 25 Jan 2022 10:29:11 GMT
empty.gif
2img.net/i/
43 B
379 B
Image
General
Full URL
https://2img.net/i/empty.gif
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
951327
cf-polished
status=not_needed
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
x-xss-protection
1; mode=block
last-modified
Mon, 09 May 2016 08:45:50 GMT
server
cloudflare
etag
"57304e3e-2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WMtKz08X%2BfwBDj9Ck3teL7PFqFGWBx77wJ1ElK4n3UihTQ0ns%2FndjXx9WqWHz6gfCc1%2BBqpgAz0KX2lC%2FJz3P%2BjNz9As0gKe2xXBZUi4MhN9BEFlXw%3D%3D"}],"group":"cf-nel"}
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
cf-request-id
07df34a8a00000d709bb0fc000000001
accept-ranges
bytes
cf-ray
61788a20ff4cd709-FRA
cf-bgj
imgq:100,h2pri
i_vote_rcap.gif
2img.net/s/t/16/42/63/
16 KB
16 KB
Image
General
Full URL
https://2img.net/s/t/16/42/63/i_vote_rcap.gif
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
047c5f7cee4056b21e7cc7e8eb710f981228ecabf728e1af87a484c139a46f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16430
cf-request-id
07df34a8a00000d709622e9000000001
last-modified
Sat, 30 Oct 2010 17:23:44 GMT
server
cloudflare
etag
"4ccc54a0-402e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=F9cnP%2B4u33GSx0AmDVgW5n0e8LoSa39JplZccZPL6QWoBtAaFeboeFa9kxkAcJP2NzHrA5cpC%2BGE9vv43VO0gGLLZg7%2FT2wPLDHw6PRXk2PCb02g1A%3D%3D"}],"group":"cf-nel"}
content-type
image/gif
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
61788a20ff50d709-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
i_voting_bar.gif
2img.net/s/t/16/42/63/
16 KB
16 KB
Image
General
Full URL
https://2img.net/s/t/16/42/63/i_voting_bar.gif
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
047c5f7cee4056b21e7cc7e8eb710f981228ecabf728e1af87a484c139a46f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16430
cf-request-id
07df34a8a00000d709929a1000000001
last-modified
Sat, 30 Oct 2010 17:23:44 GMT
server
cloudflare
etag
"4ccc54a0-402e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xngmr9BlCr9K%2FwLrZTrgqZaTIGArSf4%2FM4HankrcgCNDl2hBA8XPuiNdhGr0jSVxoc%2BslYDfPXWYT4MPKP00NCYac%2B%2Ft7y8rjFmQfnpNgN8QVcsXkg%3D%3D"}],"group":"cf-nel"}
content-type
image/gif
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
61788a20ff4ed709-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
i_vote_lcap.gif
2img.net/s/t/16/42/63/
868 B
1 KB
Image
General
Full URL
https://2img.net/s/t/16/42/63/i_vote_lcap.gif
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaedabb4fd5d41462efb04a9b2aa13a14b0abcb2180f2c526615b07233e14897
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
868
cf-request-id
07df34a8a10000d709c9a50000000001
last-modified
Sat, 30 Oct 2010 17:23:43 GMT
server
cloudflare
etag
"4ccc549f-364"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g6I8VJVX%2FhLmXfdKL23qr894oacgZhwSW5UMejSYb%2Bvwy81c40j2hSdGFn3j4j%2FS9qalV7pZJxbCas8THyAFt3bNeYEA0kcaBjuZHH1hADt9xurfDQ%3D%3D"}],"group":"cf-nel"}
content-type
image/gif
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
61788a20ff57d709-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon_mini_search.gif
2img.net/i/fa/
238 B
1 KB
Image
General
Full URL
https://2img.net/i/fa/icon_mini_search.gif
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
605183a8594eb65a3db95a7735ad7adac28b7b9814a70334837fe630bdd8d5f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
951306
cf-polished
status=not_needed
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
238
x-xss-protection
1; mode=block
last-modified
Sat, 01 Jan 2005 00:00:00 GMT
server
cloudflare
etag
"41d5e800-ee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mRJ0xjBdGc5V%2FZTZGX%2BL1UxTfZwX573u%2BdFRqPFvuOkwkMkRCsJf91oPhFAmUAxfbeaADCqFFdCdn3EZMbi1XiZEUVEQfqcDpuK%2BhQqb5OGb%2Bd01dA%3D%3D"}],"group":"cf-nel"}
content-type
image/gif
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
cf-request-id
07df34a8a10000d709e78c1000000001
accept-ranges
bytes
cf-ray
61788a20ff59d709-FRA
cf-bgj
imgq:100,h2pri
banner5.png
2img.net/i/fa/banner/ar/
3 KB
3 KB
Image
General
Full URL
https://2img.net/i/fa/banner/ar/banner5.png
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
357295512f14a68f281d478951eddc401bb6fe6249a88e4a0a637027caea1da6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
951099
cf-polished
status=not_needed
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2705
x-xss-protection
1; mode=block
last-modified
Mon, 16 May 2016 10:55:01 GMT
server
cloudflare
etag
"5739a705-a91"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9ihWkv53GjeXxkBeZ2WMtwjU4AwcM%2FINf5kK%2Bpe2wrzCXO%2FOYjxmF1X3la84pC4%2F0pBcbuTrztCH9ETPTUS8LY0o851b55Ydyd2cQ1iBGrFhoVFiNw%3D%3D"}],"group":"cf-nel"}
content-type
image/png
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
cf-request-id
07df34a8a20000d7099facb000000001
accept-ranges
bytes
cf-ray
61788a20ff5bd709-FRA
cf-bgj
imgq:100,h2pri
i_folder_big.gif
2img.net/s/t/16/42/63/
6 KB
6 KB
Image
General
Full URL
https://2img.net/s/t/16/42/63/i_folder_big.gif
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2229ff10738d606a9fbd8a78d7e941738263645adbf1ba5704383d180a7b93aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6074
cf-request-id
07df34a8a20000d7096187c000000001
last-modified
Sat, 30 Oct 2010 17:23:40 GMT
server
cloudflare
etag
"4ccc549c-17ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VMFBpLFJjZTTuiHGW%2Bi%2BMrolat7OOD%2B0ZPA%2FlbZO4jE0ltecwL0OlyqtdiDVM0n4ZFKPKlLWSDqGH57tSYCbSe%2BHA3tDLeYEVVFad8QAv3as%2BsxUBQ%3D%3D"}],"group":"cf-nel"}
content-type
image/gif
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
61788a20ff5dd709-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
w210.jpg
i.servimg.com/u/f65/14/35/09/40/
8 KB
8 KB
Image
General
Full URL
https://i.servimg.com/u/f65/14/35/09/40/w210.jpg
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58da3e526747ba7036f53d6801b9222043530d20ea3bb07a1ff214ea01609ca7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7933
cf-request-id
07df34a88c00001f1dda1dc000000001
last-modified
Mon, 20 Dec 2010 21:39:29 GMT
server
cloudflare
etag
"4d0fcd11-1efd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wDiLfpd2qW7ljK3mI%2FEpQpqV57T5UFoAMoJ4up154%2By%2B08ZKtMt9hP2rbnHtadGORAr0uHbQ5QPSepWhJXTXc8hSUZeKS4vNP3FYDoe9dXKyR1azQB4gi%2FtO"}]}
content-type
image/jpeg
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
61788a20d97c1f1d-FRA
expires
Wed, 26 Jan 2022 07:32:21 GMT
i_folder_new_big.gif
2img.net/s/t/16/42/63/
6 KB
7 KB
Image
General
Full URL
https://2img.net/s/t/16/42/63/i_folder_new_big.gif
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4da1026d4038b9675b39b7905f2af935c206f51c65e97c2e423556ccbe4f73ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6566
cf-request-id
07df34a8a40000d709e9301000000001
last-modified
Sat, 30 Oct 2010 17:23:41 GMT
server
cloudflare
etag
"4ccc549d-19a6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4bwWEyT3FxCjD8BGbLKTYxUpBnQKoxWWh7QT8Nl8fxtWPqcVM2LV6L9K98b3iRixzpOayQb%2BeiC9fecMAdbPwNg1n6ZlVYytEDv4dg7X5wS8xXo64g%3D%3D"}],"group":"cf-nel"}
content-type
image/gif
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
61788a20ff61d709-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
i_folder_locked_big.gif
2img.net/s/t/16/42/63/
2 KB
2 KB
Image
General
Full URL
https://2img.net/s/t/16/42/63/i_folder_locked_big.gif
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ada048a60ece2f25e0f516c3e52e1adf319fb7a5a93770438e9fee1588c9aff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1696
cf-request-id
07df34a8a40000d709db3a3000000001
last-modified
Sat, 30 Oct 2010 17:23:41 GMT
server
cloudflare
etag
"4ccc549d-6a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MJm5StzrKoQaeUFa8P%2Bfj8aZEkwP08TtgzMiEmYwM74n2u%2FfmgS8bSUcfY3UDCn%2BGQmLohP%2B680Qdcp1K8TOemIG9ML6ZlN6ISaztr2LJP%2Br4SG%2Bgg%3D%3D"}],"group":"cf-nel"}
content-type
image/gif
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
61788a20ff67d709-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
analytics.js
www.google-analytics.com/
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144347007-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
5706
date
Tue, 26 Jan 2021 05:57:15 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Tue, 26 Jan 2021 07:57:15 GMT
loader.js
cdn.taboola.com/libtrc/forumotion-ar/
99 KB
21 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/forumotion-ar/loader.js
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6884e2fed15aec01ea96f3c14de6f77a8aa7f750aa8ff075c0e57e1b1e48b1ec

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
HNZZ9SGB6SnzmQdn75HdYoRoPettwbfi
content-encoding
gzip
etag
"91b0e3cabc8f3e81eb1ba5eb5fa392ba"
age
32
x-cache
HIT
content-length
21410
x-amz-id-2
/i+vSYuhp4B/gzauVAdsYKUhGN4cmfx9luDWHEPsrbv3HLUSHY7otnswtN8bkh1gpQg5OIzoYVg=
x-served-by
cache-hhn11572-HHN
last-modified
Thu, 21 Jan 2021 19:31:37 GMT
server
AmazonS3
x-timer
S1611646341.321779,VS0,VE1
date
Tue, 26 Jan 2021 07:32:21 GMT
vary
Accept-Encoding
x-amz-request-id
A3682AE6E1097827
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
54
x-cache-hits
1
i_background.gif
2img.net/s/t/16/42/63/
868 B
1 KB
Image
General
Full URL
https://2img.net/s/t/16/42/63/i_background.gif
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/0-rtl.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaedabb4fd5d41462efb04a9b2aa13a14b0abcb2180f2c526615b07233e14897
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jojo--castle.ahlamontada.net/0-rtl.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
868
cf-request-id
07df34a8a10000d709cb15a000000001
last-modified
Sat, 30 Oct 2010 17:23:42 GMT
server
cloudflare
etag
"4ccc549e-364"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6oXyqXcJQYLoQtVwLWXKpj7SpO29trNzajxlDpwmnxftUDlvYLGGAxkOy2fF72F574SBAA75PoRBaMsTM1eXOfOFCUcZJTO%2BoYAVBGyHkhNriDT3pg%3D%3D"}],"group":"cf-nel"}
content-type
image/gif
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
61788a20ff55d709-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
i_back_catg.gif
2img.net/s/t/16/42/63/
868 B
1 KB
Image
General
Full URL
https://2img.net/s/t/16/42/63/i_back_catg.gif
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/0-rtl.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaedabb4fd5d41462efb04a9b2aa13a14b0abcb2180f2c526615b07233e14897
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jojo--castle.ahlamontada.net/0-rtl.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
868
cf-request-id
07df34a8a10000d70969bb4000000001
last-modified
Sat, 30 Oct 2010 17:23:42 GMT
server
cloudflare
etag
"4ccc549e-364"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LPCAXAloGtCyJ3a400aRENyf%2B%2FaUKeXm6cuauFAZC8nTKYHpT1cF5XSpuskKdycA5PWIv5nGpchcUeJykJU8LPaF6V%2BZoh7BxCvW3bdURHdzUwLq9w%3D%3D"}],"group":"cf-nel"}
content-type
image/gif
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
61788a20ff54d709-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
uo11.jpg
i.servimg.com/u/f24/13/84/68/50/
8 KB
8 KB
Image
General
Full URL
https://i.servimg.com/u/f24/13/84/68/50/uo11.jpg
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/0-rtl.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79fe19e9f587f6ea1a527cf81099db932707eb58d89668c5508bd8137db4360f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jojo--castle.ahlamontada.net/0-rtl.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7906
cf-request-id
07df34a88c00001f1d643a4000000001
last-modified
Tue, 26 Oct 2010 17:07:55 GMT
server
cloudflare
etag
"4cc70aeb-1ee2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Mve9l6kARZSqK07wFRRhcPwN9OTDeZOPt4rTOEKmVIwJeJNBldwkajN2xode6MeUjCQxl%2BgOlLfmzPPUCjtHMJWM2cjgmPSJHTcBd8TXzg4CdBNZja25F0Vm"}]}
content-type
image/jpeg
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
61788a20e97f1f1d-FRA
expires
Wed, 26 Jan 2022 07:32:21 GMT
1q10.jpg
i.servimg.com/u/f65/14/35/09/40/
25 KB
26 KB
Image
General
Full URL
https://i.servimg.com/u/f65/14/35/09/40/1q10.jpg
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ebaf819983a22f8b76ce2654f94386697b79559b663619c95f43ce48a40a77e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25794
cf-request-id
07df34a89600001f1da6864000000001
last-modified
Mon, 20 Dec 2010 21:36:44 GMT
server
cloudflare
etag
"4d0fcc6c-64c2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oZcWS%2BjeXzWOhndWmXkTHfFbZmlPfcNajkrzVyCF97FZhawijumusEYe0FreV5MZnfWDhrs9lrhvNVVGdogFHEnXCcohCyIOL0VUsJBnM6d66IN%2FddemTB8T"}]}
content-type
image/jpeg
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
61788a20e9ab1f1d-FRA
expires
Wed, 26 Jan 2022 07:32:21 GMT
sprite_icons.png
2img.net/i/fa/
1 KB
2 KB
Image
General
Full URL
https://2img.net/i/fa/sprite_icons.png
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/0-rtl.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b621467f74054e2999a7e213edf26895f9639e255f7c11b2047509fd0879f6c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jojo--castle.ahlamontada.net/0-rtl.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
951322
cf-polished
status=not_needed
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1459
x-xss-protection
1; mode=block
last-modified
Mon, 16 May 2016 11:01:49 GMT
server
cloudflare
etag
"5739a89d-5b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FsYH8T7CDEt7%2Fr4M6lZtCrGDDCCiIJRcG7Y37BX2vm%2FbK8uok9uD0QAVKK1IrN8pWfsp6qF0f%2FslMRJAtPxfydxxK8XFt%2FDjaZzUEclP3vJGxXGl2g%3D%3D"}],"group":"cf-nel"}
content-type
image/png
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
cf-request-id
07df34a8a40000d709ecbac000000001
accept-ranges
bytes
cf-ray
61788a20ff69d709-FRA
cf-bgj
imgq:100,h2pri
index.php
adstune.com/ap/ Frame 77F4
0
0
Document
General
Full URL
https://adstune.com/ap/index.php?lang=ar&dim=728x90
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cefd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
adstune.com
:scheme
https
:path
/ap/index.php?lang=ar&dim=728x90
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jojo--castle.ahlamontada.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://jojo--castle.ahlamontada.net/

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d2f4bac5baa3fc6c5d1d6da62f333edf01611646341; expires=Thu, 25-Feb-21 07:32:21 GMT; path=/; domain=.adstune.com; HttpOnly; SameSite=Lax __cf_bm=941e7b411de6a5fb8af7597a4aa8e381f0d3d4ee-1611646341-1800-ASvHbo/N7trGWv0g0eJQiZRtO0bh+C/OvFMzkH/bvyWyh1Yf9VaHyBRAtD5QOCw6RhIhkAy+h7PfQHSpipoJVQg=; path=/; expires=Tue, 26-Jan-21 08:02:21 GMT; domain=.adstune.com; HttpOnly; Secure; SameSite=None
x-content-type-options
nosniff
x-xss-protection
1; mode=block
access-control-allow-origin
*
x-cache-ne
HIT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
cf-request-id
07df34a8d00000637759a94000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5DOCPJlNOpeWViOmo6O9KXll59o1a8YYqFmrHP%2BtUjnK%2BwGEG6vqtvSnt43z2qTphyU2JnpJAMW0Rna03k1IEyGWTWZR8aeTfzekUQGNtz%2FK6QiqcggIxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
61788a214db66377-FRA
content-encoding
br
158.png
i.servimg.com/u/f14/13/64/37/51/
152 B
982 B
Image
General
Full URL
https://i.servimg.com/u/f14/13/64/37/51/158.png
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/0-rtl.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f53fcc02d46a9fb73290db1420146fa4b278fef5960d4b6dfcec6584b2e8abe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jojo--castle.ahlamontada.net/0-rtl.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
x-xss-protection
1; mode=block
age
6743659
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
152
cf-request-id
07df34a8b900001f1dd224f000000001
last-modified
Wed, 20 Jan 2010 23:49:35 GMT
server
cloudflare
etag
"4b57968f-98"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VucuX83F8jsb5XK%2FtTzgTIPAJZYXpAKmTyzvOVK5BvBmA737heewzWT5V9Y0sb36Nx4UnLO4aWwPUueDo%2F8N0qGylwJMHv5JEGVrrjxruwJQ8VDUZ3XKP6Au"}]}
content-type
image/png
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
61788a212a211f1d-FRA
expires
Tue, 09 Nov 2021 06:18:02 GMT
i_back_title.gif
2img.net/s/t/16/42/63/
868 B
1 KB
Image
General
Full URL
https://2img.net/s/t/16/42/63/i_back_title.gif
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/0-rtl.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaedabb4fd5d41462efb04a9b2aa13a14b0abcb2180f2c526615b07233e14897
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jojo--castle.ahlamontada.net/0-rtl.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
868
cf-request-id
07df34a8ba0000d709b5b30000000001
last-modified
Sat, 30 Oct 2010 17:23:42 GMT
server
cloudflare
etag
"4ccc549e-364"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rr03A5tKuOJMSv7glPbr9O6B0I7QIIlj8lTffk8Ik5LT6TnMGoGtUni6CWg2cdRPVLD25PMXlOKWEFWiY0xP30PIyCi4OLUIVtVWuhc3ZR4IyQT%2Blg%3D%3D"}],"group":"cf-nel"}
content-type
image/gif
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
61788a212fa4d709-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
1138289082_wed5.gif
psd.phishing-site.www/img/gilter/
0
0

vglnk.js
cdn.viglink.com/api/
81 KB
28 KB
Script
General
Full URL
https://cdn.viglink.com/api/vglnk.js
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.102.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-102-127.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 20 Jan 2021 13:39:15 GMT
content-encoding
gzip
last-modified
Wed, 02 Dec 2020 18:57:12 GMT
server
AmazonS3
age
496387
etag
"072eaf64a771815874455704fca9301b"
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 449f2b51e83bf8ba5fa5e65ce60bc277.cloudfront.net (CloudFront)
cache-control
public, max-age=604800
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
28567
x-amz-cf-id
ypNG3xY0hOCwOsgqr2zeIvo3tkLd4uIzZJ0BRaG41z30g3itrNdeGw==
ntfc.php
pushmono.com/
39 KB
11 KB
Script
General
Full URL
https://pushmono.com/ntfc.php?p=2308013
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.146 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
008d5a9d53c757fadb7b3858ecdaa1f288bf20f9cb8baddc0a4d7babb2169369

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Jan 2021 07:32:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Dec 2020 13:35:40 GMT
Server
nginx
ETag
W/"5fd2242c-9b9e"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
connect.js
connect.topicit.net/scripts/
3 KB
2 KB
Script
General
Full URL
https://connect.topicit.net/scripts/connect.js
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:5aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
5670
cf-polished
origSize=5437
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-request-id
07df34a9050000dff312a08000000001
last-modified
Tue, 27 Aug 2019 14:04:48 GMT
server
cloudflare
etag
W/"5d653880-153d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rY6lMhe8dA6IWZ%2BKbgCNqVh71E1Jcw4EuxK%2BPrUmBTZ4EXhyV4IQioXSxUEy1tpmgMUYbts52Ux4xOdRg%2Fk2aBCqwidxMDMBLODcsG2VP9E1vU3JoeJvKX1xOGMpGhpo"}],"max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=86400
cf-ray
61788a21aae1dff3-FRA
cf-bgj
minify
collect
www.google-analytics.com/j/
2 B
397 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=814137539&t=pageview&_s=1&dl=https%3A%2F%2Fjojo--castle.ahlamontada.net%2F&ul=en-us&de=UTF-8&dt=love-castle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=225102532&gjid=2110535807&cid=487538842.1611646341&tid=UA-144347007-1&_gid=1278978621.1611646341&_r=1&gtm=2ou1d0&z=1668725672
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 26 Jan 2021 07:32:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://jojo--castle.ahlamontada.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
check
choices.consentframework.com/api/v1/public/profile/
17 B
410 B
Fetch
General
Full URL
https://choices.consentframework.com/api/v1/public/profile/check?origin=https://jojo--castle.ahlamontada.net
Requested by
Host: choices.consentframework.com
URL: https://choices.consentframework.com/js/pa/24697/c/IxWav/cmp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.29.13 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-29-13.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
ab140244cd2fd2892fec183c503c0f9522f9935f5e6c5ace01e92924a7e2e90e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
server
nginx/1.11.3
strict-transport-security
max-age=15724800; includeSubDomains; preload
access-control-allow-methods
GET,OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://jojo--castle.ahlamontada.net
cache-control
private, max-age=86400
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Referer,Origin
content-length
17
x-xss-protection
0
impl.20210121-29-RELEASE.js
cdn.taboola.com/libtrc/
460 KB
106 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20210121-29-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-ar/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
48f62f6b1c465270b9ab905b4e02f67b98f1287c410b890d7c65c211dd278738

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
aLK1JFhY4xKz9KaV_4WobHwkAtd7dg_h
content-encoding
br
etag
"548d2037ce8f9241d51587225f28c66a"
age
14527
x-cache
HIT
content-length
108136
x-amz-id-2
aiMvg6/xMt2zxJPJEJhEq193tcN0KTxwNZ9hKbAKpvGr5sydBz74qiF5nQxvcigUxiDXNxD2BWE=
x-served-by
cache-hhn11572-HHN
last-modified
Thu, 21 Jan 2021 19:13:24 GMT
server
AmazonS3-br
x-timer
S1611646341.491450,VS0,VE0
date
Tue, 26 Jan 2021 07:32:21 GMT
vary
Accept-Encoding
x-amz-request-id
AB982B2F2DF09BC5
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
79
x-cache-hits
46167
collect
stats.g.doubleclick.net/j/
4 B
97 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-144347007-1&cid=487538842.1611646341&jid=225102532&gjid=2110535807&_gid=1278978621.1611646341&_u=IEBAAUAAAAAAAC~&z=1803905077
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 26 Jan 2021 07:32:21 GMT
content-type
text/plain
access-control-allow-origin
https://jojo--castle.ahlamontada.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-144347007-1&cid=487538842.1611646341&jid=225102532&_u=IEBAAUAAAAAAAC~&z=2118810319
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Jan 2021 07:32:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-144347007-1&cid=487538842.1611646341&jid=225102532&_u=IEBAAUAAAAAAAC~&z=2118810319
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Jan 2021 07:32:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
api.viglink.com/api/
260 B
999 B
XHR
General
Full URL
https://api.viglink.com/api/ping
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.92.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-92-197.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
67b6c0867358e69514a9a9f0e5a2c3b2627ab756b5d19bc66b44de91902d9a4f

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 26 Jan 2021 07:32:20 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://jojo--castle.ahlamontada.net
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
260
Expires
Thu, 01 Jan 1970 00:00:00 GMT
user
choices.consentframework.com/api/v1/public/consent-string/
50 B
279 B
Fetch
General
Full URL
https://choices.consentframework.com/api/v1/public/consent-string/user
Requested by
Host: choices.consentframework.com
URL: https://choices.consentframework.com/js/pa/24697/c/IxWav/cmp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.29.13 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-29-13.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
0f364d218d30a942fb697e3c9cb7e2b83a78a3d85aa087610c3a242b8d94c4ea
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
server
nginx/1.11.3
strict-transport-security
max-age=15724800; includeSubDomains; preload
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
content-type
content-length
50
expires
Wed, 27 Jan 2021 07:32:21 GMT
zone
pushmono.com/
779 B
1 KB
Fetch
General
Full URL
https://pushmono.com/zone?pub=0&zone_id=2308013&is_mobile=false&domain=jojo--castle.ahlamontada.net&var=&ymid=&var_3=
Requested by
Host: pushmono.com
URL: https://pushmono.com/ntfc.php?p=2308013
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.146 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2e18eb0d865270d159cbb45984451c218eb0b2f7c8d4a6d10961932531c59c0a
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id
7868820b63de1c835f0d4c70da502234
Date
Tue, 26 Jan 2021 07:32:21 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://jojo--castle.ahlamontada.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
779
universal.min.js
pushmono.com/pfe/current/
188 KB
54 KB
Fetch
General
Full URL
https://pushmono.com/pfe/current/universal.min.js?v=3.1.281
Requested by
Host: pushmono.com
URL: https://pushmono.com/ntfc.php?p=2308013
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.146 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
6d85189d6bb0bbafeab584b658483689630c0393c3be7f1bae6d2673c0957160

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Jan 2021 07:32:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Dec 2020 13:35:40 GMT
Server
nginx
ETag
W/"5fd2242c-2ef30"
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
https://jojo--castle.ahlamontada.net
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
tcstring
choices.consentframework.com/api/v1/public/v2/
15 B
385 B
Fetch
General
Full URL
https://choices.consentframework.com/api/v1/public/v2/tcstring
Requested by
Host: choices.consentframework.com
URL: https://choices.consentframework.com/js/pa/24697/c/IxWav/cmp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.29.13 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-29-13.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
fcd4c0d68d77fa05f6b07831d9df4c56286788916c40399506d5fcbe87bb4a27
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
server
nginx/1.11.3
strict-transport-security
max-age=15724800; includeSubDomains; preload
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://jojo--castle.ahlamontada.net
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Referer,Origin
content-length
15
x-xss-protection
0
syncframe
gum.criteo.com/ Frame ABDA
0
0
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=jojo--castle.ahlamontada.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=jojo--castle.ahlamontada.net
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jojo--castle.ahlamontada.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://jojo--castle.ahlamontada.net/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1271
date
Tue, 26 Jan 2021 07:32:21 GMT
content-length
0
consent-string
choices.consentframework.com/api/v1/public/ Frame
0
0
Other
General
Full URL
https://choices.consentframework.com/api/v1/public/consent-string
Protocol
H2
Server
51.158.29.13 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-29-13.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://jojo--castle.ahlamontada.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.11.3
date
Tue, 26 Jan 2021 07:32:21 GMT
content-length
0
access-control-allow-headers
content-type
access-control-allow-origin
*
strict-transport-security
max-age=15724800; includeSubDomains; preload
user-action
choices.consentframework.com/api/v1/public/ Frame
0
0
Other
General
Full URL
https://choices.consentframework.com/api/v1/public/user-action
Protocol
H2
Server
51.158.29.13 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-29-13.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://jojo--castle.ahlamontada.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.11.3
date
Tue, 26 Jan 2021 07:32:21 GMT
content-length
0
access-control-allow-headers
content-type
access-control-allow-origin
*
strict-transport-security
max-age=15724800; includeSubDomains; preload
consent-string
choices.consentframework.com/api/v1/public/
220 B
420 B
Fetch
General
Full URL
https://choices.consentframework.com/api/v1/public/consent-string
Requested by
Host: choices.consentframework.com
URL: https://choices.consentframework.com/js/pa/24697/c/IxWav/cmp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.29.13 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-29-13.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
d4e71fd25de8952be794e7ad0474356e248abf7f647f3a17679ae9880914ee04
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 26 Jan 2021 07:32:21 GMT
server
nginx/1.11.3
access-control-allow-headers
content-type
content-length
220
strict-transport-security
max-age=15724800; includeSubDomains; preload
content-type
application/json; charset=UTF-8
user-action
choices.consentframework.com/api/v1/public/
0
164 B
Fetch
General
Full URL
https://choices.consentframework.com/api/v1/public/user-action
Requested by
Host: choices.consentframework.com
URL: https://choices.consentframework.com/js/pa/24697/c/IxWav/cmp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.29.13 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-29-13.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 26 Jan 2021 07:32:21 GMT
server
nginx/1.11.3
access-control-allow-headers
content-type
content-length
0
strict-transport-security
max-age=15724800; includeSubDomains; preload
sync.js
api.viglink.com/api/
0
307 B
Script
General
Full URL
https://api.viglink.com/api/sync.js?key=74bad24252620514d1244cfba01f2ee2
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.92.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-92-197.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Jan 2021 07:32:21 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync.gif
api.viglink.com/api/
0
307 B
Image
General
Full URL
https://api.viglink.com/api/sync.gif?key=74bad24252620514d1244cfba01f2ee2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.92.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-92-197.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Jan 2021 07:32:21 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
domains
api.viglink.com/api/
41 B
501 B
XHR
General
Full URL
https://api.viglink.com/api/domains
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.92.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-92-197.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b33de0df1a6e76eef7bbc5cf8e3d118504968ffaf9f9f924c6761c984c0735b6

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 26 Jan 2021 07:32:21 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://jojo--castle.ahlamontada.net
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
41
Expires
Thu, 01 Jan 1970 00:00:00 GMT
apu.php
cdn.betgorebysson.club/
382 B
1 KB
Script
General
Full URL
https://cdn.betgorebysson.club/apu.php?zoneid=3765907
Requested by
Host: pushmono.com
URL: https://pushmono.com/ntfc.php?p=2308013
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.195.198 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
5b075cbfb0e162fe79bca75e5d6f4e71649ac1c45821bc4a2fd4b7b45fe524d8
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 26 Jan 2021 07:32:21 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
382
X-Trace-Id
af56b7e4338bead190340aecc7f92d73
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Expires
Tue, 11 Jan 1994 10:00:00 GMT
custom
pushmono.com/ Frame
0
0
Other
General
Full URL
https://pushmono.com/custom
Protocol
HTTP/1.1
Server
139.45.196.146 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://jojo--castle.ahlamontada.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Tue, 26 Jan 2021 07:32:21 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://jojo--castle.ahlamontada.net
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age
86400
custom
pushmono.com/ Frame
0
0
Other
General
Full URL
https://pushmono.com/custom
Protocol
HTTP/1.1
Server
139.45.196.146 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://jojo--castle.ahlamontada.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Tue, 26 Jan 2021 07:32:21 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://jojo--castle.ahlamontada.net
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age
86400
custom
pushmono.com/
39 B
503 B
Fetch
General
Full URL
https://pushmono.com/custom
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.146 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
4fe98c0a8ee32614407e4a40ab972691
Date
Tue, 26 Jan 2021 07:32:21 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://jojo--castle.ahlamontada.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
custom
pushmono.com/
39 B
503 B
Fetch
General
Full URL
https://pushmono.com/custom
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.146 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
0e911c0b5743e52d1b2e206bf523dd4b
Date
Tue, 26 Jan 2021 07:32:21 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://jojo--castle.ahlamontada.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
sw.js
jojo--castle.ahlamontada.net/
5 KB
2 KB
Fetch
General
Full URL
https://jojo--castle.ahlamontada.net/sw.js
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.23.159.185 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
c995b7be0da1c4593f871757a7951f329e0ac39c21f0bd5bc4cce4cb38b202f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Aug 2019 13:54:01 GMT
etag
W/"5d6535f9-1554"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-xss-protection
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
custom
pushmono.com/
39 B
503 B
Fetch
General
Full URL
https://pushmono.com/custom
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.146 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
f3dd2c06a40ea8e7e15d35b91866fb88
Date
Tue, 26 Jan 2021 07:32:21 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://jojo--castle.ahlamontada.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
custom
pushmono.com/ Frame
0
0
Other
General
Full URL
https://pushmono.com/custom
Protocol
HTTP/1.1
Server
139.45.196.146 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://jojo--castle.ahlamontada.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Tue, 26 Jan 2021 07:32:21 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://jojo--castle.ahlamontada.net
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age
86400
json
trc.taboola.com/forumotion-ar/trc/3/
11 KB
5 KB
XHR
General
Full URL
https://trc.taboola.com/forumotion-ar/trc/3/json?tim=08%3A32%3A26.586&lti=deflated&data=%7B%22id%22%3A171%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1611257492826%2C%22vi%22%3A1611646346583%2C%22cv%22%3A%2220210121-29-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fjojo--castle.ahlamontada.net%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22CPAnbc5PAnbc5BcADBENBJCgAAAAAH_AAAZQHKQAAOUgRAALAAeABUADIAHAAQAAqABjADQANQAeAA-gCIAIoATAAngBWAC-AGIAOYAhABSgD9AIGAQgApYBVwC6gGBANoAeQBHoCYgF5gMkAcoAAA%22%2C%22gwto%22%3Atrue%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A4569%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-desktop-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Desktop%20Forum%20Thumbnails%22%2C%22cd%22%3A4529%2C%22mw%22%3A734%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F%2CBelow%20Desktop%20Forum%20Thumbnails%3Dthumbnails-desktop-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210121-29-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
83c1b5a7207f798112f5915040603a37bc61a33862d2ed48878b1e9bd311802f

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
112
date
Tue, 26 Jan 2021 07:32:26 GMT
content-encoding
gzip
server
nginx
x-timer
S1611646347.672175,VS0,VE112
x-served-by
cache-fra19143-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://jojo--castle.ahlamontada.net
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/
9 KB
3 KB
Script
General
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210121-29-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d21b365aa7968435db31dedd0bf05c3042b07705d57bd5fa67445e1b0ea4d52f

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
wKr49QAntPaS84oe_qTozXfrvXHXa3pl
content-encoding
gzip
etag
"ae079525eca1b4210b376960bba03b00"
age
27125
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
3121
x-amz-id-2
8yj0yVDj+fw9+GWo4GjLkDjy3cMNeQJANNupTZxRO9ILG58cjm2A1XxteX9mBhnZiDNLRqvFkRE=
x-served-by
cache-hhn11572-HHN
last-modified
Tue, 29 Dec 2020 14:04:13 GMT
server
AmazonS3
x-timer
S1611646347.826438,VS0,VE0
date
Tue, 26 Jan 2021 07:32:26 GMT
vary
Accept-Encoding
x-amz-request-id
BFEAB761AE5662BF
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
79
x-cache-hits
300229
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/
3 KB
1 KB
Stylesheet
General
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210121-29-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2cb57515497d75f4345929ae896c87c21f27d609aed94fb83f857e5b96f9835

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
tcahAQL7SM5vHmChLog9xryayd2KNhUu
content-encoding
gzip
etag
"9e155136143a96e23a99757df9aa3cc8"
age
27193
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
728
x-amz-id-2
myvyttFyuD0RAECG6XwaFlr0imWKSbK5umV9OaYRuNKkL9rCdJnVTO6twCYuTlp7O5VzPnQS5OY=
x-served-by
cache-hhn11572-HHN
last-modified
Sun, 15 Nov 2020 09:20:35 GMT
server
AmazonS3
x-timer
S1611646347.826580,VS0,VE0
date
Tue, 26 Jan 2021 07:32:26 GMT
vary
Accept-Encoding
x-amz-request-id
FQEM0Z9VEQAGFN7R
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
79
x-cache-hits
289041
tb
15.taboola.com/
4 KB
3 KB
Script
General
Full URL
https://15.taboola.com/tb?oid=15&pubnm=forumotion-ar&unitType=226&tbloc=&pageType=text&pstn=Below%20Desktop%20Forum%20Thumbnails&uuip=&cisrf=&cirf=https%3A%2F%2Fjojo--castle.ahlamontada.net%2F&encoded=1&uid=130a6dec-a5d8-48ba-98c1-1c6b4cda5ca9-tuct7094b0a&variant=-100|164&callback=TRC.videoTagCallbacks.videoCallback1&cb=1611646346857&tagid=&cntry=DK&platform=1&sesid=f77627c360b9ecead4178f7158e8d7f4&itemid=/&viewid=1611646346583&geolat=&geoing=&deviceifa=&appid=&sd=v2_f77627c360b9ecead4178f7158e8d7f4_130a6dec-a5d8-48ba-98c1-1c6b4cda5ca9-tuct7094b0a_1611646346_1611646346_CNawjgYQ3pxDGNfK7uzzLiABKAEwOjj5twhAnIoQSKeB2QNQhNkMWAFgAGjipqqRsq2X4nA&ri=7f112c35648cdd548d3798c65073cbbc&appname=&cdb=CPAnbc5PAnbc5BcADBENBJCgAAAAAH_AAAZQHKQAAOUgRAALAAeABUADIAHAAQAAqABjADQANQAeAA-gCIAIoATAAngBWAC-AGIAOYAhABSgD9AIGAQgApYBVwC6gGBANoAeQBHoCYgF5gMkAcoAAA&gdprApplies=true&rid=&sii=-7764447088115785453&oee=true&tpubid=1101406&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=81&hasGDPRConsent=false&tcfVersion=2&cmpStatus=0&tnetid=1037540
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210121-29-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a2c134e0a84a30d001e60079e101d184da8a1b5c9d5737a265561cdc86301081

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:26 GMT
content-encoding
gzip
machineid
1447
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn11572-HHN
pragma
no-cache
server
nginx
x-timer
S1611646347.871814,VS0,VE13
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
userx.20210121-29-RELEASE.es6.js
cdn.taboola.com/libtrc/
23 KB
8 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/userx.20210121-29-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/forumotion-ar/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04c26d7b5ba0a32c98f4b588f4c4c5eadeefacc437cb2b0493088115db71276e

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
4isFgQRDB8mhrUo.zwDMkk5H79QJY1Ei
content-encoding
gzip
etag
"6aed6577277393f2c56fc52cb6fbc688"
age
90
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
7878
x-amz-id-2
Zr6WUYJxkwu6wFwa9MwgEkZqymY+yhvVIKWKi7/WL/mUg2K12dTKpCpihBG4s3Z3idL7fDfnQ08=
x-served-by
cache-hhn11572-HHN
last-modified
Thu, 21 Jan 2021 19:13:20 GMT
server
AmazonS3
x-timer
S1611646347.870712,VS0,VE0
date
Tue, 26 Jan 2021 07:32:26 GMT
vary
Accept-Encoding
x-amz-request-id
CCA7CB2FDB57C67F
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
79
x-cache-hits
186
e330747f7a3c26a1ebbbe9e37600060e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
12 KB
13 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e330747f7a3c26a1ebbbe9e37600060e.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
067f1ccae1b6bd477a9890164ed9a8edb07cf2c98d234b658315547f83d78f04

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 26 Jan 2021 07:32:26 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
662332
edge-cache-tag
327178511338043844363472135690010555306,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sun, 31 Jan 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e330747f7a3c26a1ebbbe9e37600060e.jpg
content-length
12358
x-served-by
cache-dca17729-DCA, cache-dca17723-DCA, cache-hhn11572-HHN
last-modified
Thu, 31 Dec 2020 15:25:12 GMT
server
cloudinary
x-timer
S1611646347.889523,VS0,VE1
etag
"f1cf89c1eed639d9892c0cabd7ea5a4e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
shutterstock-687733339.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/9ttVmkL/
17 KB
17 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/9ttVmkL/shutterstock-687733339.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
dddedba6b71a24bb2d3a855e843b5fc284f5827a43b816893b68ac6583c305ec

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 26 Jan 2021 07:32:26 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1452305
edge-cache-tag
572471713109185062984918393639711879005,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sat, 30 Jan 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/9ttVmkL/shutterstock-687733339.jpg
content-length
17025
x-served-by
cache-dca17724-DCA, cache-dca17777-DCA, cache-hhn11572-HHN
last-modified
Wed, 30 Dec 2020 10:36:33 GMT
server
cloudinary
x-timer
S1611646347.889505,VS0,VE1
etag
"a9208be1d90510bfe64659a143b44710"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
149260773__FtQbobJX.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/BRX/
7 KB
7 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/BRX/149260773__FtQbobJX.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
c67de6607c5e286b4107310206b22e37cd0c14d211eac984f272b13cb50e1416

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 26 Jan 2021 07:32:26 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
345435
edge-cache-tag
541387837773065887178240697324437161370,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Fri, 05 Feb 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/BRX/149260773__FtQbobJX.jpg
content-length
6734
x-served-by
cache-dca17749-DCA, cache-dca17747-DCA, cache-hhn11572-HHN
last-modified
Tue, 05 Jan 2021 19:06:47 GMT
server
cloudinary
x-timer
S1611646347.892377,VS0,VE1
etag
"221175e524878271c8d7f55a8b88f7f0"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1
4c98f43b493a91ed33846522885b71c7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
5 KB
6 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4c98f43b493a91ed33846522885b71c7.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
b4297103889650eb7d25df332847d34f04bd1b0328a544af52aad019a196d3a8

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 26 Jan 2021 07:32:26 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1180831
edge-cache-tag
345634004570111492374557741677704544935,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Fri, 05 Feb 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4c98f43b493a91ed33846522885b71c7.jpg
content-length
5103
x-served-by
cache-dca17766-DCA, cache-dca17776-DCA, cache-hhn11572-HHN
last-modified
Tue, 05 Jan 2021 18:46:16 GMT
server
cloudinary
x-timer
S1611646347.892588,VS0,VE1
etag
"c0cdf961091b5ef1e7c1cbc8275e4dec"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
CreDN-ME-HA_old_lady_Laptop_1000x600_b2d2876c8d28cb227ae07f7adbe38ef1.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/
16 KB
17 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/CreDN-ME-HA_old_lady_Laptop_1000x600_b2d2876c8d28cb227ae07f7adbe38ef1.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
232b8b7605795f3834fa8af30d6fd2db66283290d38e20966756864e59e74baf

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms
164
date
Tue, 26 Jan 2021 07:32:27 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
0
edge-cache-tag
517036191082211279395065741219752235086,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sat, 30 Jan 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/CreDN-ME-HA_old_lady_Laptop_1000x600_b2d2876c8d28cb227ae07f7adbe38ef1.png
content-length
16424
x-served-by
cache-dca17727-DCA, cache-dca17779-DCA, cache-hhn11572-HHN
last-modified
Wed, 30 Dec 2020 13:47:59 GMT
server
cloudinary
x-timer
S1611646347.892567,VS0,VE164
etag
"27cc9117caf32e25bfad9439b74eba1f"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/
254 B
749 B
Image
General
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
28710
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
grODyaFUyHwi27S6u2hd746yPHwUf+y1im5Wn93DxT7wozhn8KMFUP712WAAG3eD1t2rnF4k3Bs=
x-served-by
cache-hhn11572-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1611646347.910515,VS0,VE0
date
Tue, 26 Jan 2021 07:32:26 GMT
x-amz-request-id
29D722C296265892
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
79
x-cache-hits
16349
UnitWidgetItemDesktop.min.js
vidstat.taboola.com/lite-unit/1.4.0/
79 KB
24 KB
Script
General
Full URL
https://vidstat.taboola.com/lite-unit/1.4.0/UnitWidgetItemDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210121-29-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e92552bc193c8bae835c7b6db6eea8a39593fa14fb75a227f738c415330cc84e

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 07:32:26 GMT
via
1.1 0c23bed0dc9f1c700b571cf55c540239.cloudfront.net (CloudFront), 1.1 varnish
age
1182803
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
23743
x-served-by
cache-fra19143-FRA
last-modified
Tue, 31 Mar 2020 13:14:35 GMT
server
AmazonS3
x-timer
S1611646347.930849,VS0,VE0
etag
"b683c290896a82c974838a04b4ea4aff"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
jfOjd2QN6EO6i28E9ovSU6HQhL2i_i2aF42T9-dGesCSYuPlIbIKpA==
x-cache-hits
7621
e330747f7a3c26a1ebbbe9e37600060e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
12 KB
13 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e330747f7a3c26a1ebbbe9e37600060e.jpg
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
067f1ccae1b6bd477a9890164ed9a8edb07cf2c98d234b658315547f83d78f04

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 26 Jan 2021 07:32:26 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
662332
edge-cache-tag
327178511338043844363472135690010555306,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sun, 31 Jan 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e330747f7a3c26a1ebbbe9e37600060e.jpg
content-length
12358
x-served-by
cache-dca17729-DCA, cache-dca17723-DCA, cache-hhn11572-HHN
last-modified
Thu, 31 Dec 2020 15:25:12 GMT
server
cloudinary
x-timer
S1611646347.932045,VS0,VE0
etag
"f1cf89c1eed639d9892c0cabd7ea5a4e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
shutterstock-687733339.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/9ttVmkL/
17 KB
17 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/9ttVmkL/shutterstock-687733339.jpg
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
dddedba6b71a24bb2d3a855e843b5fc284f5827a43b816893b68ac6583c305ec

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 26 Jan 2021 07:32:26 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1452305
edge-cache-tag
572471713109185062984918393639711879005,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sat, 30 Jan 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/9ttVmkL/shutterstock-687733339.jpg
content-length
17025
x-served-by
cache-dca17724-DCA, cache-dca17777-DCA, cache-hhn11572-HHN
last-modified
Wed, 30 Dec 2020 10:36:33 GMT
server
cloudinary
x-timer
S1611646347.932034,VS0,VE0
etag
"a9208be1d90510bfe64659a143b44710"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
149260773__FtQbobJX.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/BRX/
7 KB
7 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/BRX/149260773__FtQbobJX.jpg
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
c67de6607c5e286b4107310206b22e37cd0c14d211eac984f272b13cb50e1416

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 26 Jan 2021 07:32:26 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
345435
edge-cache-tag
541387837773065887178240697324437161370,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Fri, 05 Feb 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/BRX/149260773__FtQbobJX.jpg
content-length
6734
x-served-by
cache-dca17749-DCA, cache-dca17747-DCA, cache-hhn11572-HHN
last-modified
Tue, 05 Jan 2021 19:06:47 GMT
server
cloudinary
x-timer
S1611646347.932010,VS0,VE0
etag
"221175e524878271c8d7f55a8b88f7f0"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 2
4c98f43b493a91ed33846522885b71c7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
5 KB
6 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4c98f43b493a91ed33846522885b71c7.jpg
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
b4297103889650eb7d25df332847d34f04bd1b0328a544af52aad019a196d3a8

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 26 Jan 2021 07:32:26 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1180831
edge-cache-tag
345634004570111492374557741677704544935,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Fri, 05 Feb 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4c98f43b493a91ed33846522885b71c7.jpg
content-length
5103
x-served-by
cache-dca17766-DCA, cache-dca17776-DCA, cache-hhn11572-HHN
last-modified
Tue, 05 Jan 2021 18:46:16 GMT
server
cloudinary
x-timer
S1611646347.931993,VS0,VE0
etag
"c0cdf961091b5ef1e7c1cbc8275e4dec"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
CreDN-ME-HA_old_lady_Laptop_1000x600_b2d2876c8d28cb227ae07f7adbe38ef1.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/
16 KB
16 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/CreDN-ME-HA_old_lady_Laptop_1000x600_b2d2876c8d28cb227ae07f7adbe38ef1.png
Requested by
Host: jojo--castle.ahlamontada.net
URL: https://jojo--castle.ahlamontada.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
232b8b7605795f3834fa8af30d6fd2db66283290d38e20966756864e59e74baf

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 26 Jan 2021 07:32:27 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
0
edge-cache-tag
517036191082211279395065741219752235086,296870302051874402078780526775162453794,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sat, 30 Jan 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_150%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/CreDN-ME-HA_old_lady_Laptop_1000x600_b2d2876c8d28cb227ae07f7adbe38ef1.png
content-length
16424
x-served-by
cache-dca17727-DCA, cache-dca17779-DCA, cache-hhn11572-HHN
last-modified
Wed, 30 Dec 2020 13:47:59 GMT
server
cloudinary
x-timer
S1611646347.098069,VS0,VE0
etag
"27cc9117caf32e25bfad9439b74eba1f"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1
domains
api.viglink.com/api/
65 B
525 B
XHR
General
Full URL
https://api.viglink.com/api/domains
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.92.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-92-197.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
0f5c7de5d9d8e4bf41c33372fcb89b9f0f053017ca97457c40a263348358cc3f

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 26 Jan 2021 07:32:26 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://jojo--castle.ahlamontada.net
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
65
Expires
Thu, 01 Jan 1970 00:00:00 GMT
bulk
trc.taboola.com/forumotion-ar/log/3/
0
112 B
XHR
General
Full URL
https://trc.taboola.com/forumotion-ar/log/3/bulk?route=IL%3AIL%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210121-29-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jojo--castle.ahlamontada.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
62
pragma
no-cache
date
Tue, 26 Jan 2021 07:32:27 GMT
via
1.1 varnish
server
nginx
x-timer
S1611646348.888533,VS0,VE62
x-served-by
cache-fra19143-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://jojo--castle.ahlamontada.net
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
psd.phishing-site.www
URL
https://psd.phishing-site.www/img/gilter/1138289082_wed5.gif

Verdicts & Comments Add Verdict or Comment

288 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery boolean| imageTag boolean| theSelection string| clientPC number| clientVer boolean| is_ie boolean| is_nav number| is_moz boolean| is_win boolean| is_mac object| selectId function| helpline function| getarraysize function| arraypush function| arraypop function| checkForm function| emoticon function| emoticonp function| emoticonw function| constructBBcode function| BBcodeVideo function| bbfontstyle function| bbstyle function| FindXY function| selectWysiwyg function| mozWrap function| storeCaret object| html string| document_dir object| item number| mouse_y number| mouse_x function| get_mouseX function| get_mouseY function| get_mouse_pos function| showhide function| insert_search_menu function| insert_search_menu_new function| insert_plus_menu function| insert_plus_menu_new function| insert_plus_album function| insert_plus_album_new function| insert_plus_pic function| insert_plus_pic_new function| link_bbcode function| ShowHideLayer function| ShowHideMenu function| expandLayer function| fa_endpage function| hdr_ref function| hdr_expand function| hdr_contract function| hdr_toggle function| select_switch_col function| disabled1 function| disabled2 string| agt undefined| originalFirstChild function| createTitle function| destroyTitle function| my_getcookie function| my_setcookie function| writeCookie function| expandAllLayer function| check function| checkBySel function| refresh_username function| refresh_username_new function| timestamp function| insertChatBox function| insertChatBoxNew function| insertChatBoxPopup function| showMenu function| action_user function| hideMenu function| js_urlencode function| ajax_refresh_chatbox function| ajax_submit_chatbox function| ajax_refresh_chatterlist function| insert_chatboxsmilie function| change_display_by_icon function| switchuploadaddress function| do_mark function| checkreport function| insert_smilie function| unban_user function| checkmodcp function| check_rotation_radiobuttons function| select_switch_search function| verify_select function| select_switch_line function| select_switch_privmsg function| GetParam function| google_afs_request_done function| set_solved function| bbstyle_table function| display_upload_servimg function| display_upload_imageshack function| onMessage object| gw_window object| gw_style number| offsetx number| offsety number| curX number| curY number| distX number| distY string| obj_ietruebody function| gws_show undefined| elem undefined| divHeight undefined| mouseX undefined| mouseY function| returnNumber function| resizeElement function| resize function| stopResize function| update_dst function| ajax_exec function| div_marquee function| togglePostMultiQuote function| initPostMultiQuote function| initSetFunction function| runLogInPopUp function| privmsg_add_username function| resize_images function| FM_widget_share object| FA function| SystemPoint string| b_help string| i_help string| u_help string| q_help string| c_help string| l_help string| o_help string| p_help string| w_help string| a_help string| s_help string| f_help string| k_help string| e_help string| r_help string| j_help string| v_help string| m_help string| d_help string| t_help string| g_help string| x_help string| y_help string| z_help string| h_help string| sp_help string| wo_help string| ft_help string| jt_help string| sub_help string| sup_help string| tab_help string| hr_help string| fl_help string| vd_help string| _help object| bbcode object| bbtags object| Ticker function| ticker_start number| logInPopUpLeft number| logInPopUpTop number| logInPopUpWidth number| logInPopUpHeight boolean| logInBackgroundResize boolean| logInBackgroundClass object| adsbygoogle function| __tcfapi object| criteo_pubtag object| criteo_pubtag_103 object| Criteo object| Criteo_103 object| google_tag_manager object| dataLayer function| gtag function| setScreen number| width boolean| isMobile string| CriteoAdUnits function| CriteoAdblock object| _userdata object| _lang object| _board object| google_tag_data string| GoogleAnalyticsObject function| ga object| _taboola function| urlB64ToUint8Array function| updateSubscriptionOnServer function| subscribeUser function| unsubscribeUser function| vglnk string| cname number| cpos object| jQuery17200962403269734915 object| gaplugins object| gaGlobal object| gaData object| SDDAN object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| Sddan object| TRC object| _tblConsole undefined| msg number| compteur object| tiButtons string| tiClass function| useQuerySelector undefined| div undefined| span undefined| result undefined| currentElement undefined| elementClass function| _replaceElement function| topicit_action function| isInt boolean| __v5k function| vl_cB function| vl_disable function| vglnk_16116463415126 undefined| vglnk_16116463415127 object| _0x26c1 function| _0x2190 object| _0x3a87 function| _0x3dcd object| _0x2bba function| _0x1e8a object| zfgformats function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| cookies number| j object| _0x43c6 function| _0xca39 object| sdk undefined| vglnk_16116463417719 boolean| installOnFly number| taboola_view_id object| placementData number| _cm_wfCounter object| cmTag undefined| vglnk_161164634720010

6 Cookies

Domain/Path Name / Value
.adstune.com/ Name: __cf_bm
Value: 941e7b411de6a5fb8af7597a4aa8e381f0d3d4ee-1611646341-1800-ASvHbo/N7trGWv0g0eJQiZRtO0bh+C/OvFMzkH/bvyWyh1Yf9VaHyBRAtD5QOCw6RhIhkAy+h7PfQHSpipoJVQg=
.ahlamontada.net/ Name: _ga
Value: GA1.2.487538842.1611646341
jojo--castle.ahlamontada.net/ Name: exadd
Value: 161166
.jojo--castle.ahlamontada.net/ Name: _fa-screen
Value: %7B%22w%22%3A1600%2C%22h%22%3A1200%7D
.ahlamontada.net/ Name: _gat_gtag_UA_144347007_1
Value: 1
.ahlamontada.net/ Name: _gid
Value: GA1.2.1278978621.1611646341

4 Console Messages

Source Level URL
Text
console-api log URL: https://jojo--castle.ahlamontada.net/(Line 63)
Message:
{"w":1600,"h":1200}
console-api log URL: https://static.criteo.net/js/ld/publishertag.js(Line 1)
Message:
%cPubTag color: #fff; background: #ff8f1c; display: inline-block; padding: 1px 4px; border-radius: 3px; ERROR: Missing 'placements' parameter
console-api log (Line 1)
Message:
service worker path (u): /sw.js event domain: https://pushmono.com
console-api log URL: https://cdn.betgorebysson.club/apu.php?zoneid=3765907(Line 1)
Message:
0x50005

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
2img.net
adstune.com
ajax.googleapis.com
api.viglink.com
cache.consentframework.com
cdn.betgorebysson.club
cdn.taboola.com
cdn.viglink.com
choices.consentframework.com
connect.topicit.net
gum.criteo.com
i.servimg.com
illiweb.com
images.taboola.com
jojo--castle.ahlamontada.net
psd.phishing-site.www
pushmono.com
static.criteo.net
stats.g.doubleclick.net
trc.taboola.com
vidstat.taboola.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
psd.phishing-site.www
108.128.92.197
13.224.102.127
139.45.195.198
139.45.196.146
151.101.13.44
199.232.137.44
2606:4700:20::681a:566
2606:4700:20::681a:e6c
2606:4700:3030::ac43:8367
2606:4700:3032::ac43:9794
2606:4700:3033::6815:5aab
2606:4700:3033::ac43:cefd
2a00:1450:4001:800::200e
2a00:1450:4001:801::2004
2a00:1450:4001:801::200a
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2003
2a00:1450:400c:c00::9a
2a02:2638:1::13
2a02:2638:1::3
51.158.29.13
94.23.159.185
008d5a9d53c757fadb7b3858ecdaa1f288bf20f9cb8baddc0a4d7babb2169369
019dd1dc4c1ee8b271bd8a054c25b2516bb34920354ee5995fad3d371a4580da
047c5f7cee4056b21e7cc7e8eb710f981228ecabf728e1af87a484c139a46f5f
04c26d7b5ba0a32c98f4b588f4c4c5eadeefacc437cb2b0493088115db71276e
067f1ccae1b6bd477a9890164ed9a8edb07cf2c98d234b658315547f83d78f04
0915a998c8a41f69e82331eca861ccb6635aac2eeb5639348f370e6e189c663c
0f364d218d30a942fb697e3c9cb7e2b83a78a3d85aa087610c3a242b8d94c4ea
0f5c7de5d9d8e4bf41c33372fcb89b9f0f053017ca97457c40a263348358cc3f
2229ff10738d606a9fbd8a78d7e941738263645adbf1ba5704383d180a7b93aa
232b8b7605795f3834fa8af30d6fd2db66283290d38e20966756864e59e74baf
2e18eb0d865270d159cbb45984451c218eb0b2f7c8d4a6d10961932531c59c0a
302928586cc71d156bff9a42e7634f480d5b1eae12d0d2bdbe8d43c1fd8005dc
357295512f14a68f281d478951eddc401bb6fe6249a88e4a0a637027caea1da6
3682a82a1dd6c67a32cb888e738e45bba2b1aace5ce26a4479cd18a007841399
39ce845fc0203d4cb00559dff89d9448765e0ebd65ebbaf76623cc9850827542
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
48f62f6b1c465270b9ab905b4e02f67b98f1287c410b890d7c65c211dd278738
4da1026d4038b9675b39b7905f2af935c206f51c65e97c2e423556ccbe4f73ed
58da3e526747ba7036f53d6801b9222043530d20ea3bb07a1ff214ea01609ca7
5b075cbfb0e162fe79bca75e5d6f4e71649ac1c45821bc4a2fd4b7b45fe524d8
605183a8594eb65a3db95a7735ad7adac28b7b9814a70334837fe630bdd8d5f4
67b6c0867358e69514a9a9f0e5a2c3b2627ab756b5d19bc66b44de91902d9a4f
6884e2fed15aec01ea96f3c14de6f77a8aa7f750aa8ff075c0e57e1b1e48b1ec
6cf7880d67c712bb6f85f1dfa1d26ea5e0a7195130a3e42c8b441cdd1de77a90
6d85189d6bb0bbafeab584b658483689630c0393c3be7f1bae6d2673c0957160
6ebaf819983a22f8b76ce2654f94386697b79559b663619c95f43ce48a40a77e
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e
79506a8f043156e94bba71e9613c89fc7ea4e8c24f3de137c0cd6a938a1a515a
79fe19e9f587f6ea1a527cf81099db932707eb58d89668c5508bd8137db4360f
7ada048a60ece2f25e0f516c3e52e1adf319fb7a5a93770438e9fee1588c9aff
83657e9081dfeb56e9dd28b560a1295c55fcc457d47966aac11a06705f09991b
83c1b5a7207f798112f5915040603a37bc61a33862d2ed48878b1e9bd311802f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
9f53fcc02d46a9fb73290db1420146fa4b278fef5960d4b6dfcec6584b2e8abe
a2c134e0a84a30d001e60079e101d184da8a1b5c9d5737a265561cdc86301081
ab140244cd2fd2892fec183c503c0f9522f9935f5e6c5ace01e92924a7e2e90e
ae4cbfef0fe9ab08d6ff665c0c3aadde623892b28c90288d23ee52d8111950f1
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b070e244ffb520ec6573a3cd2fafda82e4049e7578a9102b22e0e59ff383d9f6
b2cb57515497d75f4345929ae896c87c21f27d609aed94fb83f857e5b96f9835
b33de0df1a6e76eef7bbc5cf8e3d118504968ffaf9f9f924c6761c984c0735b6
b4297103889650eb7d25df332847d34f04bd1b0328a544af52aad019a196d3a8
b621467f74054e2999a7e213edf26895f9639e255f7c11b2047509fd0879f6c8
b9db9f4e6546550050d4d5047686ae1e64ce9158e08baceb946ff21bb32289a5
c679280313c63c9cc14fbccb6f86d9f51bff04783cec4c96cdc09850a395a837
c67de6607c5e286b4107310206b22e37cd0c14d211eac984f272b13cb50e1416
c995b7be0da1c4593f871757a7951f329e0ac39c21f0bd5bc4cce4cb38b202f8
ca5302f20a69cb2fe08a2429cf7268a2d5152d49608b0a954646553c70fd8afd
d21b365aa7968435db31dedd0bf05c3042b07705d57bd5fa67445e1b0ea4d52f
d4e71fd25de8952be794e7ad0474356e248abf7f647f3a17679ae9880914ee04
dddedba6b71a24bb2d3a855e843b5fc284f5827a43b816893b68ac6583c305ec
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfbed761248e93343233a74b2cd5b0457d0efc8fde33faa7516625d38d8e06e6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e92552bc193c8bae835c7b6db6eea8a39593fa14fb75a227f738c415330cc84e
e9c60bf145f069a2775bb7674edf120e4348d301f661246218aeacfd1089e5ad
eaedabb4fd5d41462efb04a9b2aa13a14b0abcb2180f2c526615b07233e14897
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7753b567164100080cba6ccd03b9a6f165c5bd7c509e1ad5e547991bd0f1002
fcd4c0d68d77fa05f6b07831d9df4c56286788916c40399506d5fcbe87bb4a27
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881