p5i.loonie.fit Open in urlscan Pro
172.67.198.106 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://turtlelocation5.xyz/event_8002b733-4fca-7d06-0df0-6e99f7abbca4_102_0_3001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wbGFuZX...
Effective URL:
https://p5i.loonie.fit/BitBan_dzwka_can3/?rtkcid=66b107cd75c07a00011258d6&rtkcmpid=66a779f9329dd800015a08fe
Submission: On August 05 via api (August 5th 2024, 5:11:45 pm UTC) from US — Scanned from CA

Summary HTTP 41 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 9 domains to perform 41 HTTP transactions. The main IP is 172.67.198.106, located in United States and belongs to CLOUDFLARENET, US. The main domain is p5i.loonie.fit.
TLS certificate: Issued by WE1 on July 22nd 2024. Valid for: 3 months.

This is the only time p5i.loonie.fit was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8 11	173.214.240.15 173.214.240.15	15317 (SERVEREL-AS) (SERVEREL-AS)
3	2607:f8b0:400... 2607:f8b0:400d:c02::5f	15169 (GOOGLE) (GOOGLE)
2 2	199.182.164.180 199.182.164.180	15317 (SERVEREL-AS) (SERVEREL-AS)
3	104.18.3.22 104.18.3.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:400d:c1d::5e	15169 (GOOGLE) (GOOGLE)
1 1	2604:9a00:201... 2604:9a00:2010:a03a:5::	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
10	172.67.198.106 172.67.198.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
41	6

11 173.214.240.15 (United States) 8 redirects

ASN15317 (SERVEREL-AS, US)
PTR: 173.214.240.15.serverel.net

turtlelocation5.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
freetrckr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
shoesauto5.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400d:c02::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.182.164.180 (United States) 2 redirects

ASN15317 (SERVEREL-AS, US)
PTR: 180.164.182.199.serverel.net

xml.planetpush.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.3.22 (None, )

ASN13335 (CLOUDFLARENET, US)

c.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clck.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:400d:c1d::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2604:9a00:2010:a03a:5:: (Upper Marlboro, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

hul.birbant.art	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.67.198.106 (United States)

ASN13335 (CLOUDFLARENET, US)

p5i.loonie.fit	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	loonie.fit p5i.loonie.fit	4 MB
6	freetrckr.com 6 redirects freetrckr.com — Cisco Umbrella Rank: 637579	2 KB
4	gstatic.com fonts.gstatic.com	132 KB
4	shoesauto5.xyz 1 redirects shoesauto5.xyz	3 KB
3	adskeeper.com c.adskeeper.com — Cisco Umbrella Rank: 21004 s-img.adskeeper.com — Cisco Umbrella Rank: 19154 clck.adskeeper.com — Cisco Umbrella Rank: 93238	11 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	4 KB
2	planetpush.net 2 redirects xml.planetpush.net — Cisco Umbrella Rank: 78746	610 B
1	birbant.art 1 redirects hul.birbant.art	976 B
1	turtlelocation5.xyz 1 redirects turtlelocation5.xyz	129 B
41	9

	Domain	Requested by
10	p5i.loonie.fit	clck.adskeeper.com p5i.loonie.fit
6	freetrckr.com	6 redirects
4	fonts.gstatic.com	fonts.googleapis.com
4	shoesauto5.xyz	1 redirects shoesauto5.xyz
3	fonts.googleapis.com	shoesauto5.xyz p5i.loonie.fit
2	xml.planetpush.net	2 redirects
1	hul.birbant.art	1 redirects
1	clck.adskeeper.com	shoesauto5.xyz
1	s-img.adskeeper.com	shoesauto5.xyz
1	c.adskeeper.com	shoesauto5.xyz
1	turtlelocation5.xyz	1 redirects
41	11

This site contains links to these domains. Also see Links.

Domain
hul.birbant.art

Subject Issuer	Validity	Valid
spectrumtop5.xyz E5	`2024-07-11` - `2024-10-09`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
adskeeper.com WE1	`2024-07-22` - `2024-10-20`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
loonie.fit WE1	`2024-07-22` - `2024-10-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://p5i.loonie.fit/BitBan_dzwka_can3/?rtkcid=66b107cd75c07a00011258d6&rtkcmpid=66a779f9329dd800015a08fe
Frame ID: BD82BE30BF2B9B14675240A8DA01A696
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Discover the secret of financial success: a former receptionist proves that anyone can become a millionaire

Page URL History Show full URLs

https://turtlelocation5.xyz/event_8002b733-4fca-7d06-0df0-6e99f7abbca4_102_0_3001?payload=JTdCJTIyaCUyMi... HTTP 302
https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://shoesauto5.xyz/sw_1664b4bf-31cb-eedb-3e6b-a4ebadb334a5_102_0_3001.js?h=JTdCJTIycmMlMjIlM0Ew... Page URL
https://xml.planetpush.net/click?s=1&tid=886&sid=dad7ff815415d5698406bad000d8e7e2&rnd=782944981 HTTP 302
https://clck.adskeeper.com/ghits/20226116/i/57972869/2/src/77610/pp/1/1?h=rrLrTXKAnHlQa7Hd69jmfcyJjTgF6... Page URL
https://hul.birbant.art/66a779f9329dd800015a08fe?sub1=57972869s77610&sub2=20226116&sub3=11839459&sub... HTTP 302
https://p5i.loonie.fit/BitBan_dzwka_can3/?rtkcid=66b107cd75c07a00011258d6&rtkcmpid=66a779f9329dd800... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

54 %
HTTPS

43 %
IPv6

9
Domains

11
Subdomains

6
IPs

2
Countries

4608 kB
Transfer

5688 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://hul.birbant.art/click
Title: Yes

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://turtlelocation5.xyz/event_8002b733-4fca-7d06-0df0-6e99f7abbca4_102_0_3001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wbGFuZXRwdXNoLm5ldCUyMiUyQyUyMnUlMjIlM0ElNUIlMjI4ODYtNWVmN2JmMDkwZGJmZDllOGY3NjY1OTBmZTM3ODdkM2QtMzI4Ni0wLjAwMDMxNyUyMiU1RCU3RA%3D%3D&t=1722552636668&rnd=2892149...%20406%20...uNV9zcV9hbGxfZnIlMjIlN0Q=&if=1 HTTP 302
https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://shoesauto5.xyz/sw_1664b4bf-31cb-eedb-3e6b-a4ebadb334a5_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL
https://xml.planetpush.net/click?s=1&tid=886&sid=dad7ff815415d5698406bad000d8e7e2&rnd=782944981 HTTP 302
https://clck.adskeeper.com/ghits/20226116/i/57972869/2/src/77610/pp/1/1?h=rrLrTXKAnHlQa7Hd69jmfcyJjTgF6_152CCC5FauXnzKS2MYWinLiIMaEp2bBZG43yRZDEswUlQi8eFMjjXw2OFu6tPDO6uXhYPesQ564cs*&rid=c6821a8d-534d-11ef-846a-c84bd68370b4&tt=Direct&att=3&pubsrcid=77610&cpm=1&ct=1&st=-240&h2=woxgTEBV7TgdHauzxy6ijsBE2jaiK1qq8RJq43zft0sJQYmycqBHXWdKS6Jw5XrS Page URL
https://hul.birbant.art/66a779f9329dd800015a08fe?sub1=57972869s77610&sub2=20226116&sub3=11839459&sub4=149&sub5=CA&sub6=Quebec&sub7=&ref_id=3aa4205632dc142d838bb7a5c7378ef9&cost=0.25&click_id=3aa4205632dc142d838bb7a5c7378ef9&adclida=ref_id HTTP 302
https://p5i.loonie.fit/BitBan_dzwka_can3/?rtkcid=66b107cd75c07a00011258d6&rtkcmpid=66a779f9329dd800015a08fe Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://turtlelocation5.xyz/event_8002b733-4fca-7d06-0df0-6e99f7abbca4_102_0_3001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wbGFuZXRwdXNoLm5ldCUyMiUyQyUyMnUlMjIlM0ElNUIlMjI4ODYtNWVmN2JmMDkwZGJmZDllOGY3NjY1OTBmZTM3ODdkM2QtMzI4Ni0wLjAwMDMxNyUyMiU1RCU3RA%3D%3D&t=1722552636668&rnd=2892149...%20406%20...uNV9zcV9hbGxfZnIlMjIlN0Q=&if=1 HTTP 302
https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://shoesauto5.xyz/sw_1664b4bf-31cb-eedb-3e6b-a4ebadb334a5_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Request Chain 2

https://shoesauto5.xyz/event_d8a16057-570e-3ad0-f2fb-5c443a530bed_102_3526_3001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucGxhbmV0cHVzaC5uZXQlMkZpY29uJTNGc2lkJTNEZGFkN2ZmODE1NDE1ZDU2OTg0MDZiYWQwMDBkOGU3ZTIlMjZybmQlM0Q0ODYwMTM4ODU%3D&t=1722877898802&rnd=344799405&i=1 HTTP 302
https://xml.planetpush.net/icon?sid=dad7ff815415d5698406bad000d8e7e2&rnd=486013885 HTTP 302
https://c.adskeeper.com/c?pv=2&v=0|0|0|rrLrTXKAnHlQa7Hd69jmfcyJjTgF6_152CCC5FauXnzKS2MYWinLiIMaEp2bBZG43yRZDEswUlQi8eFMjjXw2OFu6tPDO6uXhYPesQ564cs*&cid=1641980&f=1&h2=woxgTEBV7TgdHauzxy6ijsBE2jaiK1qq8RJq43zft0sJQYmycqBHXWdKS6Jw5XrS&rid=c6821a8d-534d-11ef-846a-c84bd68370b4&psid=77610

Request Chain 8

https://xml.planetpush.net/click?s=1&tid=886&sid=dad7ff815415d5698406bad000d8e7e2&rnd=782944981 HTTP 302
https://clck.adskeeper.com/ghits/20226116/i/57972869/2/src/77610/pp/1/1?h=rrLrTXKAnHlQa7Hd69jmfcyJjTgF6_152CCC5FauXnzKS2MYWinLiIMaEp2bBZG43yRZDEswUlQi8eFMjjXw2OFu6tPDO6uXhYPesQ564cs*&rid=c6821a8d-534d-11ef-846a-c84bd68370b4&tt=Direct&att=3&pubsrcid=77610&cpm=1&ct=1&st=-240&h2=woxgTEBV7TgdHauzxy6ijsBE2jaiK1qq8RJq43zft0sJQYmycqBHXWdKS6Jw5XrS

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

sw_1664b4bf-31cb-eedb-3e6b-a4ebadb334a5_102_0_3001.js Show response
shoesauto5.xyz/
Redirect Chain

https://turtlelocation5.xyz/event_8002b733-4fca-7d06-0df0-6e99f7abbca4_102_0_3001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wbGFuZXRwdXNoLm5ldCUyMiUyQyUyMnUlMjIlM0ElNUIlMjI4ODYtNWVmN2JmMDkwZGJmZDllOGY3NjY...
https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://shoesauto5.xyz/sw_1664b4bf-31cb-eedb-3e6b-a4ebadb334a5_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

5 KB
2 KB

768ms
96ms

Document
text/html

173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shoesauto5.xyz/sw_1664b4bf-31cb-eedb-3e6b-a4ebadb334a5_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: c762b8d9ff09473313b88745e19a667acf81b7e13ffc8b4844c6f0e673e4d397

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 05 Aug 2024 17:11:38 GMT
server: nginx

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date: Mon, 05 Aug 2024 17:11:38 GMT
location: https://shoesauto5.xyz/sw_1664b4bf-31cb-eedb-3e6b-a4ebadb334a5_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server: nginx

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 363ms
45ms Stylesheet
text/css 2607:f8b0:400d:c02::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Requested by

Host: shoesauto5.xyz
URL: https://shoesauto5.xyz/sw_1664b4bf-31cb-eedb-3e6b-a4ebadb334a5_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

30178da7de15b8e656f518f79bab12b30348156661b2b6c8293bc9a1411a0288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://shoesauto5.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Aug 2024 17:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 05 Aug 2024 17:11:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Aug 2024 17:11:39 GMT

GET
H3

200

c
c.adskeeper.com/
Redirect Chain

https://shoesauto5.xyz/event_d8a16057-570e-3ad0-f2fb-5c443a530bed_102_3526_3001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucGxhbmV0cHVzaC5uZXQlMkZpY29uJTNGc2lkJTNEZGFkN2ZmODE1NDE1ZDU2OTg0MDZiYWQwMDBkOGU3ZTIlM...
https://xml.planetpush.net/icon?sid=dad7ff815415d5698406bad000d8e7e2&rnd=486013885
https://c.adskeeper.com/c?pv=2&v=0|0|0|rrLrTXKAnHlQa7Hd69jmfcyJjTgF6_152CCC5FauXnzKS2MYWinLiIMaEp2bBZG43yRZDEswUlQi8eFMjjXw2OFu6tPDO6uXhYPesQ564cs*&cid=1641980&f=1&h2=woxgTEBV7TgdHauzxy6ijsBE2jaiK1...

43 B
230 B

58ms
50ms

Image
image/gif

104.18.3.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.adskeeper.com/c?pv=2&v=0|0|0|rrLrTXKAnHlQa7Hd69jmfcyJjTgF6_152CCC5FauXnzKS2MYWinLiIMaEp2bBZG43yRZDEswUlQi8eFMjjXw2OFu6tPDO6uXhYPesQ564cs*&cid=1641980&f=1&h2=woxgTEBV7TgdHauzxy6ijsBE2jaiK1qq8RJq43zft0sJQYmycqBHXWdKS6Jw5XrS&rid=c6821a8d-534d-11ef-846a-c84bd68370b4&psid=77610

Requested by

Host: shoesauto5.xyz
URL: https://shoesauto5.xyz/sw_1664b4bf-31cb-eedb-3e6b-a4ebadb334a5_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Server

104.18.3.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shoesauto5.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 17:11:39 GMT
strict-transport-security: max-age=15768000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-mg-request-uuid: 7abe903e-7b13-4acf-ad9d-80259bc8e1b8
server: cloudflare
content-type: image/gif
cf-ray: 8ae86857092539f9-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

location: https://c.adskeeper.com/c?pv=2&v=0|0|0|rrLrTXKAnHlQa7Hd69jmfcyJjTgF6_152CCC5FauXnzKS2MYWinLiIMaEp2bBZG43yRZDEswUlQi8eFMjjXw2OFu6tPDO6uXhYPesQ564cs*&cid=1641980&f=1&h2=woxgTEBV7TgdHauzxy6ijsBE2jaiK1qq8RJq43zft0sJQYmycqBHXWdKS6Jw5XrS&rid=c6821a8d-534d-11ef-846a-c84bd68370b4&psid=77610
date: Mon, 05 Aug 2024 17:11:39 GMT
server: nginx

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzQ5Nyx5XzM4Ni9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyNC0wNy84M...
s-img.adskeeper.com/g/20226116/200x200/-/ 8 KB
9 KB 82ms
41ms Image
image/webp 104.18.3.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/20226116/200x200/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzQ5Nyx5XzM4Ni9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyNC0wNy84Mjg2OTcvNDE5YzhjYzA5NjIzYjZkNWY1ODc4YzE0MGIxMzc0YTcucG5n.webp?v=1722877897-clEbywjMjl1TdvF6hTEzMdPlq0ych8eMwLYFZa_vdqU
Requested by: Host: shoesauto5.xyz
URL: https://shoesauto5.xyz/sw_1664b4bf-31cb-eedb-3e6b-a4ebadb334a5_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.3.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c338a8570454dd88cfe904d14707b3bd8a57de3826eeadd7d5f41eaa07a93ba2

Request headers

Referer: https://shoesauto5.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 17:11:38 GMT
cf-cache-status: HIT
last-modified: Mon, 29 Jul 2024 13:24:19 GMT
x-mg-request-uuid: 3fc24061-2d5f-4c60-98b0-d346e7b83ce7
server: cloudflare
age: 18013
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 8ae868548f6639f9-YYZ
content-length: 8494
alt-svc: h3=":443"; ma=86400

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 196ms
51ms Font
font/woff2 2607:f8b0:400d:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shoesauto5.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 20:57:51 GMT
x-content-type-options: nosniff
age: 332028
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 20:57:51 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
19 KB 182ms
38ms Font
font/woff2 2607:f8b0:400d:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://shoesauto5.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 20:57:44 GMT
x-content-type-options: nosniff
age: 332035
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18536
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 20:57:44 GMT

GET
H2 404 favicon.ico
shoesauto5.xyz/ 548 B
245 B 104ms
101ms Other
text/html 173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shoesauto5.xyz/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer: https://shoesauto5.xyz/sw_1664b4bf-31cb-eedb-3e6b-a4ebadb334a5_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 17:11:39 GMT
content-encoding: gzip
server: nginx
content-type: text/html

GET
H2 200 event_d8a16057-570e-3ad0-f2fb-5c443a530bed_102_0_3001
shoesauto5.xyz/ 119 B
208 B 95ms
95ms Script
application/javascript 173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shoesauto5.xyz/event_d8a16057-570e-3ad0-f2fb-5c443a530bed_102_0_3001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wbGFuZXRwdXNoLm5ldCUyMiUyQyUyMnUlMjIlM0ElNUIlMjI4ODYtZGFkN2ZmODE1NDE1ZDU2OTg0MDZiYWQwMDBkOGU3ZTItMzUyNi0wLjA4NDM3NSUyMiU1RCU3RA%3D%3D&t=1722877898802&rnd=503236924&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Requested by: Host: shoesauto5.xyz
URL: https://shoesauto5.xyz/sw_1664b4bf-31cb-eedb-3e6b-a4ebadb334a5_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 17:11:40 GMT
content-encoding: gzip
server: nginx
content-type: application/javascript

GET
H3

200

1
clck.adskeeper.com/ghits/20226116/i/57972869/2/src/77610/pp/1/
Redirect Chain

https://xml.planetpush.net/click?s=1&tid=886&sid=dad7ff815415d5698406bad000d8e7e2&rnd=782944981
https://clck.adskeeper.com/ghits/20226116/i/57972869/2/src/77610/pp/1/1?h=rrLrTXKAnHlQa7Hd69jmfcyJjTgF6_152CCC5FauXnzKS2MYWinLiIMaEp2bBZG43yRZDEswUlQi8eFMjjXw2OFu6tPDO6uXhYPesQ564cs*&rid=c6821a8d-5...

2 KB
2 KB

194ms
155ms

Document
text/html

104.18.3.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://clck.adskeeper.com/ghits/20226116/i/57972869/2/src/77610/pp/1/1?h=rrLrTXKAnHlQa7Hd69jmfcyJjTgF6_152CCC5FauXnzKS2MYWinLiIMaEp2bBZG43yRZDEswUlQi8eFMjjXw2OFu6tPDO6uXhYPesQ564cs*&rid=c6821a8d-534d-11ef-846a-c84bd68370b4&tt=Direct&att=3&pubsrcid=77610&cpm=1&ct=1&st=-240&h2=woxgTEBV7TgdHauzxy6ijsBE2jaiK1qq8RJq43zft0sJQYmycqBHXWdKS6Jw5XrS

Requested by

Host: shoesauto5.xyz
URL: https://shoesauto5.xyz/event_d8a16057-570e-3ad0-f2fb-5c443a530bed_102_0_3001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wbGFuZXRwdXNoLm5ldCUyMiUyQyUyMnUlMjIlM0ElNUIlMjI4ODYtZGFkN2ZmODE1NDE1ZDU2OTg0MDZiYWQwMDBkOGU3ZTItMzUyNi0wLjA4NDM3NSUyMiU1RCU3RA%3D%3D&t=1722877898802&rnd=503236924&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-wow64,sec-ch-ua-bitness,sec-ch-ua-model
alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8ae868619871ab0c-YYZ
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 05 Aug 2024 17:11:41 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: cloudflare
strict-transport-security: max-age=15768000; includeSubdomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-mg-click-uuid: 48dffb93-092c-0a19-bf55-edd21879c14b
x-robots-tag: noindex

Redirect headers

date: Mon, 05 Aug 2024 17:11:40 GMT
location: https://clck.adskeeper.com/ghits/20226116/i/57972869/2/src/77610/pp/1/1?h=rrLrTXKAnHlQa7Hd69jmfcyJjTgF6_152CCC5FauXnzKS2MYWinLiIMaEp2bBZG43yRZDEswUlQi8eFMjjXw2OFu6tPDO6uXhYPesQ564cs*&rid=c6821a8d-534d-11ef-846a-c84bd68370b4&tt=Direct&att=3&pubsrcid=77610&cpm=1&ct=1&st=-240&h2=woxgTEBV7TgdHauzxy6ijsBE2jaiK1qq8RJq43zft0sJQYmycqBHXWdKS6Jw5XrS
server: nginx

GET
H3

200

Primary Request / Show response
p5i.loonie.fit/BitBan_dzwka_can3/
Redirect Chain

https://hul.birbant.art/66a779f9329dd800015a08fe?sub1=57972869s77610&sub2=20226116&sub3=11839459&sub4=149&sub5=CA&sub6=Quebec&sub7=&ref_id=3aa4205632dc142d838bb7a5c7378ef9&cost=0.25&click_id=3aa420...
https://p5i.loonie.fit/BitBan_dzwka_can3/?rtkcid=66b107cd75c07a00011258d6&rtkcmpid=66a779f9329dd800015a08fe

40 KB
8 KB

459ms
409ms

Document
text/html

172.67.198.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://p5i.loonie.fit/BitBan_dzwka_can3/?rtkcid=66b107cd75c07a00011258d6&rtkcmpid=66a779f9329dd800015a08fe

Requested by

Host: clck.adskeeper.com
URL: https://clck.adskeeper.com/ghits/20226116/i/57972869/2/src/77610/pp/1/1?h=rrLrTXKAnHlQa7Hd69jmfcyJjTgF6_152CCC5FauXnzKS2MYWinLiIMaEp2bBZG43yRZDEswUlQi8eFMjjXw2OFu6tPDO6uXhYPesQ564cs*&rid=c6821a8d-534d-11ef-846a-c84bd68370b4&tt=Direct&att=3&pubsrcid=77610&cpm=1&ct=1&st=-240&h2=woxgTEBV7TgdHauzxy6ijsBE2jaiK1qq8RJq43zft0sJQYmycqBHXWdKS6Jw5XrS

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.198.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d1ac694d0d0e4784e96e22bd96abffc3a6630c37e415b54bfd0072989c55342

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Referer: https://clck.adskeeper.com/ghits/20226116/i/57972869/2/src/77610/pp/1/1?h=rrLrTXKAnHlQa7Hd69jmfcyJjTgF6_152CCC5FauXnzKS2MYWinLiIMaEp2bBZG43yRZDEswUlQi8eFMjjXw2OFu6tPDO6uXhYPesQ564cs*&rid=c6821a8d-534d-11ef-846a-c84bd68370b4&tt=Direct&att=3&pubsrcid=77610&cpm=1&ct=1&st=-240&h2=woxgTEBV7TgdHauzxy6ijsBE2jaiK1qq8RJq43zft0sJQYmycqBHXWdKS6Jw5XrS
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8ae868656d80a1ff-YYZ
content-encoding: br
content-type: text/html
date: Mon, 05 Aug 2024 17:11:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ExthIfzbKdFpFLGW6qPPNTw%2BaVhx5Wv5Ag4ThetY5cAJ9DHgITCG5vjE3IhmkqtwQGWDSL0EbuT0lLPlvNIk8kZduoNVCqjhZUv%2BVNkzT6Q5w1wDOG8b%2BSkTI0%2FYsrU06g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1

Redirect headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: keep-alive
Content-Length: 134
Content-Type: text/html; charset=utf-8
Date: Mon, 05 Aug 2024 17:11:41 GMT
Location: https://p5i.loonie.fit/BitBan_dzwka_can3/?rtkcid=66b107cd75c07a00011258d6&rtkcmpid=66a779f9329dd800015a08fe
Via: kong/3.6.1
X-Kong-Proxy-Latency: 0
X-Kong-Request-Id: 079b12017575132c38f32315da2b576d
X-Kong-Upstream-Latency: 13

GET
H2 200 css
fonts.googleapis.com/ 28 KB
2 KB 156ms
79ms Stylesheet
text/css 2607:f8b0:400d:c02::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700&display=swap

Requested by

Host: p5i.loonie.fit
URL: https://p5i.loonie.fit/BitBan_dzwka_can3/?rtkcid=66b107cd75c07a00011258d6&rtkcmpid=66a779f9329dd800015a08fe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5a2ce6692ee59f886c869b72ef22c9a438ee3de1c9cb84df74961f78e8969ef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://p5i.loonie.fit/BitBan_dzwka_can3/?rtkcid=66b107cd75c07a00011258d6&rtkcmpid=66a779f9329dd800015a08fe
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Aug 2024 17:11:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 05 Aug 2024 17:02:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Aug 2024 17:11:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 123ms
46ms Stylesheet
text/css 2607:f8b0:400d:c02::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:400,400i,500,600,600i,700&display=swap

Requested by

Host: p5i.loonie.fit
URL: https://p5i.loonie.fit/BitBan_dzwka_can3/?rtkcid=66b107cd75c07a00011258d6&rtkcmpid=66a779f9329dd800015a08fe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

75e94d791e26fc2d05cc688a1dfdd30b82c240c944e5b5df208f9fedd11bdb56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://p5i.loonie.fit/BitBan_dzwka_can3/?rtkcid=66b107cd75c07a00011258d6&rtkcmpid=66a779f9329dd800015a08fe
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Aug 2024 17:11:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 05 Aug 2024 17:11:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Aug 2024 17:11:42 GMT

GET
H3 200 style.css
p5i.loonie.fit/BitBan_dzwka_can3/css/ 226 KB
40 KB 34ms
33ms Stylesheet
text/css 172.67.198.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://p5i.loonie.fit/BitBan_dzwka_can3/css/style.css

Requested by

Host: p5i.loonie.fit
URL: https://p5i.loonie.fit/BitBan_dzwka_can3/?rtkcid=66b107cd75c07a00011258d6&rtkcmpid=66a779f9329dd800015a08fe

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.198.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ad46098433ca11404b9cbf0645fd9291d2419f563e075feaa5374a83c8997b8

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Referer: https://p5i.loonie.fit/BitBan_dzwka_can3/?rtkcid=66b107cd75c07a00011258d6&rtkcmpid=66a779f9329dd800015a08fe
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 17:11:42 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66283
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 04 Aug 2024 22:46:59 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iYSKZTHDDSrOfjUn3E8%2B5A2MAIzcC5esNM%2FA%2FOBpd6y99FmbCJJnLxhM9TL%2FHMmOLaRd0OP8fmJJXNw9EAjXt1fR%2FdRLhnTARB9pQxXZXWmFBk9bLtiwq5kXz4uXVG7icw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 8ae868682f37a1ff-YYZ
expires: Mon, 05 Aug 2024 22:46:59 GMT

GET
H3 200 style_r.css
p5i.loonie.fit/BitBan_dzwka_can3/css/ 9 KB
3 KB 35ms
33ms Stylesheet
text/css 172.67.198.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://p5i.loonie.fit/BitBan_dzwka_can3/css/style_r.css

Requested by

Host: p5i.loonie.fit
URL: https://p5i.loonie.fit/BitBan_dzwka_can3/?rtkcid=66b107cd75c07a00011258d6&rtkcmpid=66a779f9329dd800015a08fe

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.198.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0329c93e9c72fb1a3afa1e93b6dd28fb6d4256a8c6c44bc8e9442fe1163fb9b1

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Referer: https://p5i.loonie.fit/BitBan_dzwka_can3/?rtkcid=66b107cd75c07a00011258d6&rtkcmpid=66a779f9329dd800015a08fe
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 17:11:42 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66283
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 04 Aug 2024 22:46:59 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uUHLXd7xJlvWy%2BXqZpA3OsTarkbsIuLvrNCtqPlIbra%2FMjDH2Qzv5YxikXTTvQgHsvkCVfHH%2Bvz5JGzP0W27zntR1K4Vz7mGNubz%2BjU0239GeO8%2F3tZiaSYNbCr2aEDdQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 8ae868682f39a1ff-YYZ
expires: Mon, 05 Aug 2024 22:46:59 GMT

GET
H3 200 wtr.css
p5i.loonie.fit/BitBan_dzwka_can3/css/ 3 KB
1 KB 83ms
81ms Stylesheet
text/css 172.67.198.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://p5i.loonie.fit/BitBan_dzwka_can3/css/wtr.css

Requested by

Host: p5i.loonie.fit
URL: https://p5i.loonie.fit/BitBan_dzwka_can3/?rtkcid=66b107cd75c07a00011258d6&rtkcmpid=66a779f9329dd800015a08fe

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.198.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb50d3c5549670bf865d02886c761d0eac3b0b1ac42fe7baec2e44fb1534033c

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Referer: https://p5i.loonie.fit/BitBan_dzwka_can3/?rtkcid=66b107cd75c07a00011258d6&rtkcmpid=66a779f9329dd800015a08fe
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 17:11:42 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66283
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 04 Aug 2024 22:46:59 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ViQRan4eI%2F5fyX9mBN%2B18PcqdwlrtkJdm8e6gNuUpUysxOcJANDrTRm0ntTgHzkrOjCmVFfSwiFWgTvkG86wL9BwF6aEjcP3H%2Bixk6Ce%2BUVIs7%2F0hwEVRuk%2BxMf%2F55h7eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 8ae868682f3aa1ff-YYZ
expires: Mon, 05 Aug 2024 22:46:59 GMT

GET
H3 200 jquery-3.4.1.min.js Show response
p5i.loonie.fit/BitBan_dzwka_can3/js/ 91 KB
38 KB 83ms
82ms Script
application/javascript 172.67.198.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://p5i.loonie.fit/BitBan_dzwka_can3/js/jquery-3.4.1.min.js

Requested by

Host: p5i.loonie.fit
URL: https://p5i.loonie.fit/BitBan_dzwka_can3/?rtkcid=66b107cd75c07a00011258d6&rtkcmpid=66a779f9329dd800015a08fe

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.198.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4768a2cb7d8abd22d4153cbbb48eed907666ef3d7856b62ab7e1d87864a955e

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Referer: https://p5i.loonie.fit/BitBan_dzwka_can3/?rtkcid=66b107cd75c07a00011258d6&rtkcmpid=66a779f9329dd800015a08fe
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 17:11:42 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66283
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 04 Aug 2024 22:46:59 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Wd5dnp7xZzJncvoSiOqMKzwKkNKTFAgoshUaHGIHT%2F3KU0gZ8F5uSA%2BP2PdUo9MiILVmL2T3X%2FO6SRCXfa2Jo1Pi2skabrpaBQV4%2FBsGcq8ELHst9srGfc1s21Lx%2Fd4Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 8ae868682f3ba1ff-YYZ
expires: Mon, 05 Aug 2024 22:46:59 GMT

GET
H3 200 script01.js Show response
p5i.loonie.fit/BitBan_dzwka_can3/js/ 695 B
898 B 105ms
103ms Script
application/javascript 172.67.198.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://p5i.loonie.fit/BitBan_dzwka_can3/js/script01.js

Requested by

Host: p5i.loonie.fit
URL: https://p5i.loonie.fit/BitBan_dzwka_can3/?rtkcid=66b107cd75c07a00011258d6&rtkcmpid=66a779f9329dd800015a08fe

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.198.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28f1f37140419f051c73baa2ab288e800240646f4e94b3cf0342342475916a9c

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Referer: https://p5i.loonie.fit/BitBan_dzwka_can3/?rtkcid=66b107cd75c07a00011258d6&rtkcmpid=66a779f9329dd800015a08fe
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 17:11:42 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66283
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 04 Aug 2024 22:46:59 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EPDm3pNMfhsZLXAtI6zEe5eTV%2Bgc7R5rW85XmckggHIUkLKRm9VcFxQQE9J7%2Fx1IG9W1LyifNVPLZh9fNCuuxiZyNw9ssvZMcVJm%2FDktDgQbF3766TZ6T29MjdJOJmQE%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 8ae868682f3ca1ff-YYZ
expires: Mon, 05 Aug 2024 22:46:59 GMT

GET logo_light.png
p5i.loonie.fit/BitBan_dzwka_can3/img/ 0
0

GET
H3 200 1s.png
p5i.loonie.fit/BitBan_dzwka_can3/img/ 1 MB
1 MB 104ms
103ms Image
image/png 172.67.198.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p5i.loonie.fit/BitBan_dzwka_can3/img/1s.png

Requested by

Host: p5i.loonie.fit
URL: https://p5i.loonie.fit/BitBan_dzwka_can3/?rtkcid=66b107cd75c07a00011258d6&rtkcmpid=66a779f9329dd800015a08fe

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.198.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7274243ca0680cfedcaae8531d2039837d3462bcb0776e1c115aba9e66515787

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Referer: https://p5i.loonie.fit/BitBan_dzwka_can3/?rtkcid=66b107cd75c07a00011258d6&rtkcmpid=66a779f9329dd800015a08fe
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 17:11:42 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Sun, 04 Aug 2024 22:46:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 66283
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6UrZFCruJsK9ygNuFsPOpVa4lEe14FsyRF%2BRm%2FHPobkKwCaF5we9Gfia7JR5EKRXhq0xfaZIFLKRNZOBFb1Lo1HxAx0ETwfAGzlNjGVxdKnuoBhDDq%2FoqNj5phtfImOatA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
cf-ray: 8ae868682f3da1ff-YYZ
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1
expires: Mon, 05 Aug 2024 22:46:59 GMT

GET
H3 200 2s.png
p5i.loonie.fit/BitBan_dzwka_can3/img/ 2 MB
2 MB 511ms
510ms Image
image/png 172.67.198.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p5i.loonie.fit/BitBan_dzwka_can3/img/2s.png

Requested by

Host: p5i.loonie.fit
URL: https://p5i.loonie.fit/BitBan_dzwka_can3/?rtkcid=66b107cd75c07a00011258d6&rtkcmpid=66a779f9329dd800015a08fe

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.198.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c0fe6eeab668a14c05b5918decb138275e8f9c619367c246415c63accb6d559

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Referer: https://p5i.loonie.fit/BitBan_dzwka_can3/?rtkcid=66b107cd75c07a00011258d6&rtkcmpid=66a779f9329dd800015a08fe
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 17:11:42 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Sun, 04 Aug 2024 22:46:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 66283
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4XIEdcqevvgycg5cweCQCzVq5DO3Sj6jHlnfq0DR4k91mWkVX6gbP27ousj%2FLf8FKWSsWPEtrKdWPVmU%2B5d9uEhi8qMUIac3smynTUlDWGPZFTdU2P9fQglVOaEm1WBusQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
cf-ray: 8ae868682f3ea1ff-YYZ
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1
expires: Mon, 05 Aug 2024 22:46:59 GMT

GET
H3 200 03.png
p5i.loonie.fit/BitBan_dzwka_can3/img/ 1 MB
1 MB 760ms
758ms Image
image/png 172.67.198.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p5i.loonie.fit/BitBan_dzwka_can3/img/03.png

Requested by

Host: p5i.loonie.fit
URL: https://p5i.loonie.fit/BitBan_dzwka_can3/?rtkcid=66b107cd75c07a00011258d6&rtkcmpid=66a779f9329dd800015a08fe

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.198.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

478d9aaee54769c164c12a2c26274e8adf7091ea0c9f13352b95f7b959ecec77

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Referer: https://p5i.loonie.fit/BitBan_dzwka_can3/?rtkcid=66b107cd75c07a00011258d6&rtkcmpid=66a779f9329dd800015a08fe
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 17:11:42 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Sun, 04 Aug 2024 22:47:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 66282
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ctc0oIAQtE64AO7%2FezpZQKv2OvWt74Tik2p7PaNvdK6%2F0PuGcU%2BbMYWTSAUV9l0XbdPlRXpP7DMQq06zsLKLP01K1McRhOg%2FKeRQqqTzDLLPqYKQM4S%2FhZ3YRgybD4FwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
cf-ray: 8ae868693ff2a1ff-YYZ
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1
expires: Mon, 05 Aug 2024 22:47:00 GMT

GET
H3 200 4_a.png
p5i.loonie.fit/BitBan_dzwka_can3/img/ 759 KB
0 1086ms
1080ms Image
image/png 172.67.198.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p5i.loonie.fit/BitBan_dzwka_can3/img/4_a.png

Requested by

Host: p5i.loonie.fit
URL: https://p5i.loonie.fit/BitBan_dzwka_can3/?rtkcid=66b107cd75c07a00011258d6&rtkcmpid=66a779f9329dd800015a08fe

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.198.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Referer: https://p5i.loonie.fit/BitBan_dzwka_can3/?rtkcid=66b107cd75c07a00011258d6&rtkcmpid=66a779f9329dd800015a08fe
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 17:11:42 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Sun, 04 Aug 2024 22:47:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 66282
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8SIEX%2BgAROdq%2B6I8Gx1u0%2BrCTYtp5h2aGNmGnbA5bQXj8AjM2BqJRZCMQGfinE54BTz8Sh9ZKMGeBqlisuoXqQJXroLN6FbuCzObJsk720G%2FKuYhthEg%2FMtwdFYbwlbRgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
cf-ray: 8ae868693ff7a1ff-YYZ
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1
expires: Mon, 05 Aug 2024 22:47:00 GMT

GET 5_a.png
p5i.loonie.fit/BitBan_dzwka_can3/img/ 0
0

GET 6_a.png
p5i.loonie.fit/BitBan_dzwka_can3/img/ 0
0

GET comm_1.jpg
p5i.loonie.fit/BitBan_dzwka_can3/img/ 0
0

GET comm_2.jpg
p5i.loonie.fit/BitBan_dzwka_can3/img/ 0
0

GET comm_3.png
p5i.loonie.fit/BitBan_dzwka_can3/img/ 0
0

GET comm_4.png
p5i.loonie.fit/BitBan_dzwka_can3/img/ 0
0

GET comm_5.jpg
p5i.loonie.fit/BitBan_dzwka_can3/img/ 0
0

GET smail.png
p5i.loonie.fit/BitBan_dzwka_can3/img/ 0
0

GET comm_6.png
p5i.loonie.fit/BitBan_dzwka_can3/img/ 0
0

GET comm_7.png
p5i.loonie.fit/BitBan_dzwka_can3/img/ 0
0

GET comm_8.png
p5i.loonie.fit/BitBan_dzwka_can3/img/ 0
0

GET comm_9.png
p5i.loonie.fit/BitBan_dzwka_can3/img/ 0
0

GET comm_10.jpg
p5i.loonie.fit/BitBan_dzwka_can3/img/ 0
0

GET wtr.js
p5i.loonie.fit/BitBan_dzwka_can3/js/ 0
0

GET iconRedArrow.png
p5i.loonie.fit/BitBan_dzwka_can3/img/ 0
0

GET
H2 200 UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 47 KB
47 KB 173ms
92ms Font
font/woff2 2607:f8b0:400d:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:400,400i,500,600,600i,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://p5i.loonie.fit
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 20:46:03 GMT
x-content-type-options: nosniff
age: 505539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48444
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 20:46:03 GMT

GET ionicons.woff2
p5i.loonie.fit/BitBan_dzwka_can3/fonts/ 0
0

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 117ms
38ms Font
font/woff2 2607:f8b0:400d:c1d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://p5i.loonie.fit
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 05:22:08 GMT
x-content-type-options: nosniff
age: 388174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Aug 2025 05:22:08 GMT

GET icomoon.ttf
p5i.loonie.fit/BitBan_dzwka_can3/fonts/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: p5i.loonie.fit
URL: https://p5i.loonie.fit/BitBan_dzwka_can3/img/logo_light.png

Domain: p5i.loonie.fit
URL: https://p5i.loonie.fit/BitBan_dzwka_can3/img/5_a.png

Domain: p5i.loonie.fit
URL: https://p5i.loonie.fit/BitBan_dzwka_can3/img/6_a.png

Domain: p5i.loonie.fit
URL: https://p5i.loonie.fit/BitBan_dzwka_can3/img/comm_1.jpg

Domain: p5i.loonie.fit
URL: https://p5i.loonie.fit/BitBan_dzwka_can3/img/comm_2.jpg

Domain: p5i.loonie.fit
URL: https://p5i.loonie.fit/BitBan_dzwka_can3/img/comm_3.png

Domain: p5i.loonie.fit
URL: https://p5i.loonie.fit/BitBan_dzwka_can3/img/comm_4.png

Domain: p5i.loonie.fit
URL: https://p5i.loonie.fit/BitBan_dzwka_can3/img/comm_5.jpg

Domain: p5i.loonie.fit
URL: https://p5i.loonie.fit/BitBan_dzwka_can3/img/smail.png

Domain: p5i.loonie.fit
URL: https://p5i.loonie.fit/BitBan_dzwka_can3/img/comm_6.png

Domain: p5i.loonie.fit
URL: https://p5i.loonie.fit/BitBan_dzwka_can3/img/comm_7.png

Domain: p5i.loonie.fit
URL: https://p5i.loonie.fit/BitBan_dzwka_can3/img/comm_8.png

Domain: p5i.loonie.fit
URL: https://p5i.loonie.fit/BitBan_dzwka_can3/img/comm_9.png

Domain: p5i.loonie.fit
URL: https://p5i.loonie.fit/BitBan_dzwka_can3/img/comm_10.jpg

Domain: p5i.loonie.fit
URL: https://p5i.loonie.fit/BitBan_dzwka_can3/js/wtr.js

Domain: p5i.loonie.fit
URL: https://p5i.loonie.fit/BitBan_dzwka_can3/img/iconRedArrow.png

Domain: p5i.loonie.fit
URL: https://p5i.loonie.fit/BitBan_dzwka_can3/fonts/ionicons.woff2

Domain: p5i.loonie.fit
URL: https://p5i.loonie.fit/BitBan_dzwka_can3/fonts/icomoon.ttf

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adskeeper.com/	1970-01-20 22:36:04	Name: mgid Value: 20226116
.adskeeper.com/	1970-01-20 22:36:04	Name: mtid Value: 57972869
.adskeeper.com/	1970-01-20 22:36:04	Name: mtuid Value: 57972869s77610
.adskeeper.com/	1970-01-20 22:36:04	Name: mstatus Value: 0
.adskeeper.com/	1970-01-20 22:36:04	Name: mghd Value: hul.birbant.art
.adskeeper.com/	1970-01-21 07:20:13	Name: muidn Value: o75FkOH7Vzba
.hul.birbant.art/	1970-01-20 22:36:04	Name: redcmps Value: W3siaWQiOiI2NmE3NzlmOTMyOWRkODAwMDE1YTA4ZmUiLCJ0IjoiMjAyNC0wOC0wNVQxNzoxMTo0MS41Nzk3NzE4ODJaIn1d
.hul.birbant.art/	1970-01-21 07:20:13	Name: redhash Value: NjZiMTA3Y2Q3NWMwN2EwMDAxMTI1OGQ2fDJ8NjZhNzc5ZjkzMjlkZDgwMDAxNWEwOGZlfDY2OWU0NWFmNWQyYzJmMDAwMWU4ZWQxOHw5NmJjZjU2Yi1lYWM5LTQ3YWEtODM4NC0wYWI4MmYxOWI2NDZ8MTcyMjg3NzkwMQ==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://shoesauto5.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.adskeeper.com
clck.adskeeper.com
fonts.googleapis.com
fonts.gstatic.com
freetrckr.com
hul.birbant.art
p5i.loonie.fit
s-img.adskeeper.com
shoesauto5.xyz
turtlelocation5.xyz
xml.planetpush.net
p5i.loonie.fit
104.18.3.22
172.67.198.106
173.214.240.15
199.182.164.180
2604:9a00:2010:a03a:5::
2607:f8b0:400d:c02::5f
2607:f8b0:400d:c1d::5e
0329c93e9c72fb1a3afa1e93b6dd28fb6d4256a8c6c44bc8e9442fe1163fb9b1
0ad46098433ca11404b9cbf0645fd9291d2419f563e075feaa5374a83c8997b8
28f1f37140419f051c73baa2ab288e800240646f4e94b3cf0342342475916a9c
30178da7de15b8e656f518f79bab12b30348156661b2b6c8293bc9a1411a0288
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
478d9aaee54769c164c12a2c26274e8adf7091ea0c9f13352b95f7b959ecec77
5a2ce6692ee59f886c869b72ef22c9a438ee3de1c9cb84df74961f78e8969ef1
6c0fe6eeab668a14c05b5918decb138275e8f9c619367c246415c63accb6d559
7274243ca0680cfedcaae8531d2039837d3462bcb0776e1c115aba9e66515787
75e94d791e26fc2d05cc688a1dfdd30b82c240c944e5b5df208f9fedd11bdb56
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
9d1ac694d0d0e4784e96e22bd96abffc3a6630c37e415b54bfd0072989c55342
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
bb50d3c5549670bf865d02886c761d0eac3b0b1ac42fe7baec2e44fb1534033c
c338a8570454dd88cfe904d14707b3bd8a57de3826eeadd7d5f41eaa07a93ba2
c4768a2cb7d8abd22d4153cbbb48eed907666ef3d7856b62ab7e1d87864a955e
c762b8d9ff09473313b88745e19a667acf81b7e13ffc8b4844c6f0e673e4d397
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

p5i.loonie.fit Open in urlscan Pro 172.67.198.106 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

54 %HTTPS

43 %IPv6

9 Domains

11 Subdomains

6 IPs

2 Countries

4608 kBTransfer

5688 kBSize

8 Cookies

1 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

8 Cookies

1 Console Messages

Indicators

p5i.loonie.fit Open in urlscan Pro
172.67.198.106 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

54 %
HTTPS

43 %
IPv6

9
Domains

11
Subdomains

6
IPs

2
Countries

4608 kB
Transfer

5688 kB
Size

8
Cookies

41 HTTP transactions
0 data transactions