gugl.ga Open in urlscan Pro
31.31.198.105 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gugl.ga/
Submission: On November 12 via manual (November 12th 2022, 3:46:21 pm UTC) from RU — Scanned from DE

Summary HTTP 152 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 31 IPs in 6 countries across 27 domains to perform 152 HTTP transactions. The main IP is 31.31.198.105, located in Russian Federation and belongs to AS-REG, RU. The main domain is gugl.ga.
TLS certificate: Issued by R3 on September 15th 2022. Valid for: 3 months.

This is the only time gugl.ga was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 29	31.31.198.105 31.31.198.105	197695 (AS-REG) (AS-REG)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
28	2606:4700:303... 2606:4700:3031::6815:17b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	37.1.216.156 37.1.216.156	58061 (SCALAXY-AS) (SCALAXY-AS)
2	85.208.187.144 85.208.187.144	204601 (ON-LINE-D...) (ON-LINE-DATA Server location - Netherlands)
1	5.187.6.123 5.187.6.123	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
5	188.120.236.88 188.120.236.88	29182 (RU-JSCIOT) (RU-JSCIOT)
5	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
8	2606:4700:20:... 2606:4700:20::681a:a2f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	78.110.50.124 78.110.50.124	12616 (HOSTING-MSK) (HOSTING-MSK)
1	2606:4700:303... 2606:4700:3034::6815:5922	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
7	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3034::6815:4e27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:4453	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	80.239.201.105 80.239.201.105	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 4	149.202.17.208 149.202.17.208	16276 (OVH) (OVH)
2	148.251.233.147 148.251.233.147	24940 (HETZNER-AS) (HETZNER-AS)
5 21	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
152	31

29 31.31.198.105 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: server7.hosting.reg.ru

gugl.ga	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700:3031::6815:17b9 (United States)

ASN13335 (CLOUDFLARENET, US)

webtrafic.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.1.216.156 (Meppel, Netherlands)

ASN58061 (SCALAXY-AS, NL)
PTR: 468.surf

468.surf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.208.187.144 (Netherlands)

ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
PTR: unitraffic.net

unitraffic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.187.6.123 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde457.fornex.org

redsurf.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.120.236.88 (Russian Federation)

ASN29182 (RU-JSCIOT, RU)
PTR: viktor13kuznetsov1.fvds.ru

regionads.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::681a:a2f (United States)

ASN13335 (CLOUDFLARENET, US)

www.netvisiteurs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

crypto-fire.website	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 78.110.50.124 (Moscow, Russian Federation)

ASN12616 (HOSTING-MSK, RU)
PTR: cl9-w.ht-systems.ru

in-surf.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:5922 (United States)

ASN13335 (CLOUDFLARENET, US)

imdbux.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::6815:4e27 (United States)

ASN13335 (CLOUDFLARENET, US)

linkslot.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4453 (United States)

ASN13335 (CLOUDFLARENET, US)

images.weserv.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.239.201.105 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 80-239-201-105.teliacarrier-cust.com

metrika-informer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 149.202.17.208 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: node-9.1-208.17.202.149.vistnet.net

payeer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.233.147 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.147.233.251.148.clients.your-server.de

acceptable.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	gugl.ga 1 redirects gugl.ga	3 MB
28	webtrafic.ru webtrafic.ru — Cisco Umbrella Rank: 514533	279 KB
16	crypto-fire.website crypto-fire.website	1 MB
15	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 10106	5 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	263 KB
8	netvisiteurs.com www.netvisiteurs.com	41 KB
6	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3706	146 KB
5	googleapis.com translate.googleapis.com — Cisco Umbrella Rank: 858	425 KB
5	regionads.ru regionads.ru	93 KB
4	gstatic.com www.gstatic.com	5 KB
4	payeer.com 2 redirects payeer.com — Cisco Umbrella Rank: 325029	2 KB
4	google.com translate.google.com — Cisco Umbrella Rank: 1251 adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	54 KB
3	in-surf.ru in-surf.ru	8 KB
3	468.surf 468.surf	4 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	5 KB
2	a-ads.com acceptable.a-ads.com — Cisco Umbrella Rank: 156810 static.a-ads.com — Cisco Umbrella Rank: 53360	682 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 374	87 KB
2	linkslot.ru linkslot.ru — Cisco Umbrella Rank: 409155	46 KB
2	unitraffic.net unitraffic.net — Cisco Umbrella Rank: 564225	7 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8709	792 B
1	metrika-informer.com metrika-informer.com — Cisco Umbrella Rank: 317761	2 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1039	6 KB
1	weserv.nl images.weserv.nl — Cisco Umbrella Rank: 65067	12 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	75 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 669	78 KB
1	imdbux.com imdbux.com	293 KB
1	redsurf.ru redsurf.ru	11 KB
152	27

	Domain	Requested by
29	gugl.ga	1 redirects gugl.ga
28	webtrafic.ru	gugl.ga webtrafic.ru
16	crypto-fire.website	gugl.ga crypto-fire.website
15	mc.yandex.com	3 redirects gugl.ga regionads.ru mc.yandex.ru
8	www.netvisiteurs.com	gugl.ga www.netvisiteurs.com static.cloudflareinsights.com
7	pagead2.googlesyndication.com	crypto-fire.website pagead2.googlesyndication.com tpc.googlesyndication.com
6	mc.yandex.ru	2 redirects gugl.ga regionads.ru webtrafic.ru
5	translate.googleapis.com	gugl.ga
5	regionads.ru	gugl.ga regionads.ru
4	www.gstatic.com	webtrafic.ru translate.googleapis.com gugl.ga
4	payeer.com	2 redirects webtrafic.ru payeer.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	in-surf.ru	gugl.ga in-surf.ru
3	468.surf	gugl.ga 468.surf
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	cdn.jsdelivr.net	webtrafic.ru
2	linkslot.ru	crypto-fire.website
2	unitraffic.net	gugl.ga
2	translate.google.com	gugl.ga webtrafic.ru
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	static.a-ads.com	acceptable.a-ads.com
1	acceptable.a-ads.com	gugl.ga
1	metrika-informer.com	webtrafic.ru
1	static.cloudflareinsights.com	www.netvisiteurs.com
1	images.weserv.nl	www.netvisiteurs.com
1	www.googletagmanager.com	crypto-fire.website
1	code.jquery.com	crypto-fire.website
1	imdbux.com	468.surf
1	redsurf.ru	gugl.ga
152	31

This site contains links to these domains. Also see Links.

Domain
payeer.com
www.bestchange.ru
translate.google.com
trafiframe.ru
webtrafic.ru
unitraffic.net
in-surf.ru
bilet.aero
www.isp56.ru
eternalhost.net
regionads.ru

Subject Issuer	Validity	Valid
gugl.ga R3	`2022-09-15` - `2022-12-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.webtrafic.ru E1	`2022-09-30` - `2022-12-29`	3 months	crt.sh
468.surf R3	`2022-09-21` - `2022-12-20`	3 months	crt.sh
unitraffic.net R3	`2022-10-16` - `2023-01-14`	3 months	crt.sh
regionads.ru R3	`2022-11-10` - `2023-02-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh
in-surf.ru R3	`2022-10-28` - `2023-01-26`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.linkslot.ru E1	`2022-11-02` - `2023-01-31`	3 months	crt.sh
metrika-informer.com GlobalSign ECC OV SSL CA 2018	`2022-10-11` - `2023-03-20`	5 months	crt.sh
*.payeer.com Sectigo RSA Domain Validation Secure Server CA	`2022-07-04` - `2023-07-04`	a year	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2021-12-08` - `2023-01-08`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://gugl.ga/
Frame ID: CC5D706D5DAB2A1290C0C41FB31D5C7B
Requests: 55 HTTP requests in this frame

Frame: https://www.netvisiteurs.com/promotion-86991.php
Frame ID: 6BEEBDD8CAD688233F1F1A58FFEE60AC
Requests: 5 HTTP requests in this frame

Frame: https://crypto-fire.website/mine/partner/dexeeck
Frame ID: F5B756B374E66244C5BF6A0378053EA0
Requests: 28 HTTP requests in this frame

Frame: https://webtrafic.ru/
Frame ID: A25721A52A25A4DA36A0EAE42349ED9D
Requests: 35 HTTP requests in this frame

Frame: https://468.surf/view/468/fv.php?size=1&ison=1&user=4480&vt=6&dref=https://gugl.ga/&scrw=1600&scrh=1200&timestamp=1668267975187
Frame ID: C8A5AD860FC923A817540B3297DE44D5
Requests: 3 HTTP requests in this frame

Frame: https://payeer.com/en/
Frame ID: C030C5AC65775E70E6B58A723C85CC83
Requests: 2 HTTP requests in this frame

Frame: https://acceptable.a-ads.com/2081947?size=Adaptive&background_color=f1f1f1
Frame ID: 36601EF6D2520B48BD60F30401CE0B48
Requests: 2 HTTP requests in this frame

Frame: https://regionads.ru/js/banner.php?id=840&f=728x90
Frame ID: B7F82B86897DBACDEE143B19C9C02D2B
Requests: 9 HTTP requests in this frame

Frame: https://www.netvisiteurs.com/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=7690663d3dda6943
Frame ID: 8776D0ADF1D610079C69C034856E7BF8
Requests: 5 HTTP requests in this frame

Frame: data://truncated
Frame ID: 2CA25036D1A5CC0EF0D38453E91BED2D
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: C350B1BB37C2A976D446F7B58F7EF1DE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221109/r20190131/zrt_lookup.html
Frame ID: 7EA28D1C4349C80C61BC653BFDDABBD7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2242642741687493&output=html&adk=1812271804&adf=3279755396&plat=1%3A147968%2C2%3A147968%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fgugl.ga%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668267978478&bpp=2&bdt=2933&idt=265&shv=r20221109&mjsv=m202211090101&ptt=9&saldr=aa&nras=1&correlator=4562689546154&frm=24&ife=1&pv=2&ga_vid=93552599.1668267979&ga_sid=1668267979&ga_hid=988924646&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2233692847&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070852%2C44770881%2C44774292%2C44773747&oid=2&pvsid=3041029479357777&tmod=770958068&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.ro8wk4wh6zih&fsb=1&dtd=276
Frame ID: 47826B9C15CB134C9A8CD70F296A23D6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 55ACED54F017B3B578F014A84F9E2070
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CEB5F6A769BC16C4F4DBF2B984627352
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gugl.Ga - Реклама & Бесплатная реклама

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

152
Requests

95 %
HTTPS

69 %
IPv6

27
Domains

31
Subdomains

31
IPs

6
Countries

7162 kB
Transfer

10181 kB
Size

29
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://payeer.com/0980275

Search URL Search Domain Scan URL

URL: https://www.bestchange.ru/?p=1270015

Search URL Search Domain Scan URL

URL: https://translate.google.com/
Title: Google Übersetzer

Search URL Search Domain Scan URL

URL: https://trafiframe.ru/iframe.php

Search URL Search Domain Scan URL

URL: https://webtrafic.ru/reklama?uid=550
Title: WEBTRAFIC.RU

Search URL Search Domain Scan URL

URL: https://unitraffic.net/reklama?user=1571
Title: Реклама 2.00 RUB за 1000 уникальных просмотров.

Search URL Search Domain Scan URL

URL: https://in-surf.ru/adv.php
Title: Добавить сайт

Search URL Search Domain Scan URL

URL: https://in-surf.ru/

Search URL Search Domain Scan URL

URL: https://bilet.aero/

Search URL Search Domain Scan URL

URL: https://bilet.aero/site/jdbilet

Search URL Search Domain Scan URL

URL: http://www.isp56.ru/

Search URL Search Domain Scan URL

URL: https://eternalhost.net/?from=5403
Title: Eternalhost.net

Search URL Search Domain Scan URL

URL: http://regionads.ru/
Title: RegionAds.ru

Search URL Search Domain Scan URL

URL: http://regionads.ru/click/slider.php?idwm=840&idadv=24&hash=04580c444ae19794d94bd3ea23b5a1a8

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://gugl.ga/redirect.php?u=https://redsurf.ru/bn/3.gif HTTP 302
https://redsurf.ru/bn/3.gif

Request Chain 114

https://mc.yandex.ru/watch/70669177?wmode=7&page-url=https%3A%2F%2Fwebtrafic.ru%2F&page-ref=https%3A%2F%2Fgugl.ga%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A15m5t3makqb6yg1f8bcanw%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A722615464841%3Ahid%3A973057815%3Az%3A0%3Ai%3A20221112154616%3Aet%3A1668267976%3Ac%3A1%3Arn%3A707834462%3Arqn%3A1%3Au%3A16682679761004679598%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C211%2C1%2C0%2C0%2C%2C397%2C0%2C%2C%2C%2C611%3Acpf%3A1%3Ans%3A1668267975184%3Arqnl%3A1%3Ast%3A1668267976%3At%3AWEBTRAFIC.RU%20%7C%20%D0%A1%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/70669177/1?wmode=7&page-url=https%3A%2F%2Fwebtrafic.ru%2F&page-ref=https%3A%2F%2Fgugl.ga%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A15m5t3makqb6yg1f8bcanw%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A722615464841%3Ahid%3A973057815%3Az%3A0%3Ai%3A20221112154616%3Aet%3A1668267976%3Ac%3A1%3Arn%3A707834462%3Arqn%3A1%3Au%3A16682679761004679598%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C211%2C1%2C0%2C0%2C%2C397%2C0%2C%2C%2C%2C611%3Acpf%3A1%3Ans%3A1668267975184%3Arqnl%3A1%3Ast%3A1668267976%3At%3AWEBTRAFIC.RU%20%7C%20%D0%A1%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29

Request Chain 116

https://payeer.com/iproxy/j?TXMvj4j4wbLa1GWaS/iSoi8/c2Vzc2lvbj0yMTAzOTU0 HTTP 302
https://payeer.com/?session=2103954 HTTP 302
https://payeer.com/en/

Request Chain 125

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9820.wqmPjcI440ayydCP3WJzK3ZU8itZRH84Lm4AF3SHzsw7f9bvkipi-JzMpees-fVW.ZXjwjhR9EZe2MqIJUKnR5MubeE0%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9820.k6ACWNMoJkrvRIGRQMocDW_WptflV0LtTTKilf5SjxJ032c9nuOSUcdJ0u0_0QGem6bWbKRfWd3njoRn8dmrhiXSX8Druiu-OUzVC_YZtB8%2C.Rsq-YQ1PYYUEf17mhF4He897eR4%2C

Request Chain 127

https://mc.yandex.com/watch/54518020?wmode=7&page-url=https%3A%2F%2Fregionads.ru%2Fjs%2Fbanner.php%3Fid%3D840%26f%3D728x90&page-ref=https%3A%2F%2Fgugl.ga%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfm45xylrqz94o3kspt6k%3Afp%3A208%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1333921749911%3Ahid%3A836288115%3Az%3A0%3Ai%3A20221112154616%3Aet%3A1668267976%3Ac%3A1%3Arn%3A436531466%3Arqn%3A1%3Au%3A166826797646863856%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C117%2C1%2C1%2C0%2C%2C12%2C0%2C%2C%2C%2C132%3Acpf%3A1%3Ans%3A1668267975793%3Arqnl%3A1%3Ast%3A1668267976%3At%3ARegionAds.ru&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/54518020/1?wmode=7&page-url=https%3A%2F%2Fregionads.ru%2Fjs%2Fbanner.php%3Fid%3D840%26f%3D728x90&page-ref=https%3A%2F%2Fgugl.ga%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfm45xylrqz94o3kspt6k%3Afp%3A208%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1333921749911%3Ahid%3A836288115%3Az%3A0%3Ai%3A20221112154616%3Aet%3A1668267976%3Ac%3A1%3Arn%3A436531466%3Arqn%3A1%3Au%3A166826797646863856%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C117%2C1%2C1%2C0%2C%2C12%2C0%2C%2C%2C%2C132%3Acpf%3A1%3Ans%3A1668267975793%3Arqnl%3A1%3Ast%3A1668267976%3At%3ARegionAds.ru&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29

Request Chain 128

https://mc.yandex.com/watch/54517903?wmode=7&page-url=https%3A%2F%2Fregionads.ru%2Fjs%2Fbanner.php%3Fid%3D840%26f%3D728x90&page-ref=https%3A%2F%2Fgugl.ga%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfm45xylrqz94o3kspt6k%3Afp%3A208%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A1128563284859%3Ahid%3A836288115%3Az%3A0%3Ai%3A20221112154616%3Aet%3A1668267976%3Ac%3A1%3Arn%3A95566174%3Arqn%3A1%3Au%3A166826797646863856%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C117%2C1%2C1%2C0%2C%2C12%2C0%2C%2C%2C%2C132%3Acpf%3A1%3Ans%3A1668267975793%3Arqnl%3A1%3Ast%3A1668267976%3At%3ARegionAds.ru&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/54517903/1?wmode=7&page-url=https%3A%2F%2Fregionads.ru%2Fjs%2Fbanner.php%3Fid%3D840%26f%3D728x90&page-ref=https%3A%2F%2Fgugl.ga%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfm45xylrqz94o3kspt6k%3Afp%3A208%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A1128563284859%3Ahid%3A836288115%3Az%3A0%3Ai%3A20221112154616%3Aet%3A1668267976%3Ac%3A1%3Arn%3A95566174%3Arqn%3A1%3Au%3A166826797646863856%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C117%2C1%2C1%2C0%2C%2C12%2C0%2C%2C%2C%2C132%3Acpf%3A1%3Ans%3A1668267975793%3Arqnl%3A1%3Ast%3A1668267976%3At%3ARegionAds.ru&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29

152 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
gugl.ga/ 86 KB
14 KB 390ms
157ms Document
text/html 31.31.198.105
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://gugl.ga/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.31.198.105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server7.hosting.reg.ru
Software: nginx / PHP/5.6.36
Resource Hash: 79814e54c41a07e536c4b65ec983e50f3cf98d93a5ecc8255b9cb5437d19fe5b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 12 Nov 2022 15:46:14 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/5.6.36

GET
H2 200 style.css
gugl.ga/css/ 9 KB
2 KB 80ms
79ms Stylesheet
text/css 31.31.198.105
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://gugl.ga/css/style.css
Requested by: Host: gugl.ga
URL: https://gugl.ga/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.31.198.105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server7.hosting.reg.ru
Software: nginx /
Resource Hash: 89fc57e04ea47a3bb39c66fd38da7d5da9c5953e711d7ba301de06cdc08c1b82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:14 GMT
content-encoding: gzip
last-modified: Sat, 12 Nov 2022 14:52:10 GMT
server: nginx
etag: W/"636fb31a-22b5"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3888000
expires: Tue, 27 Dec 2022 15:46:14 GMT

GET
H2 200 fonts.css
gugl.ga/css/ 2 KB
536 B 81ms
79ms Stylesheet
text/css 31.31.198.105
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://gugl.ga/css/fonts.css
Requested by: Host: gugl.ga
URL: https://gugl.ga/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.31.198.105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server7.hosting.reg.ru
Software: nginx /
Resource Hash: ca38ee51f6c49c0f0e89e6969aacfd7da147d9e26046e1405edb13cf39383a25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:14 GMT
content-encoding: gzip
last-modified: Sat, 12 Nov 2022 14:52:10 GMT
server: nginx
etag: W/"636fb31a-755"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3888000
expires: Tue, 27 Dec 2022 15:46:14 GMT

GET
H2 200 all.css
gugl.ga/css/icons/css/ 489 KB
98 KB 85ms
84ms Stylesheet
text/css 31.31.198.105
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://gugl.ga/css/icons/css/all.css
Requested by: Host: gugl.ga
URL: https://gugl.ga/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.31.198.105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server7.hosting.reg.ru
Software: nginx /
Resource Hash: 1a02638af64044a18e7e8489e13fd4ce0cc537e09a97ea71c416b6cd4a0f458b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:14 GMT
content-encoding: gzip
last-modified: Sat, 12 Nov 2022 14:52:45 GMT
server: nginx
etag: W/"636fb33d-7a3f5"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3888000
expires: Tue, 27 Dec 2022 15:46:14 GMT

GET
H2 404 all.css
gugl.ga/css/icons/js/ 0
0 238ms
236ms Script
text/html 31.31.198.105
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://gugl.ga/css/icons/js/all.css
Requested by: Host: gugl.ga
URL: https://gugl.ga/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.31.198.105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server7.hosting.reg.ru
Software: nginx / PHP/5.6.36
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 15:46:14 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.6.36
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 jquery.min.js Show response
gugl.ga/js/ 87 KB
31 KB 236ms
235ms Script
application/javascript 31.31.198.105
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://gugl.ga/js/jquery.min.js
Requested by: Host: gugl.ga
URL: https://gugl.ga/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.31.198.105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server7.hosting.reg.ru
Software: nginx /
Resource Hash: 6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:14 GMT
content-encoding: gzip
last-modified: Sat, 12 Nov 2022 14:51:55 GMT
server: nginx
etag: W/"636fb30b-15d83"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3888000
expires: Tue, 27 Dec 2022 15:46:14 GMT

GET
H2 200 jquery-1.5.2.min.js Show response
gugl.ga/js/ 84 KB
30 KB 236ms
235ms Script
application/javascript 31.31.198.105
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://gugl.ga/js/jquery-1.5.2.min.js
Requested by: Host: gugl.ga
URL: https://gugl.ga/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.31.198.105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server7.hosting.reg.ru
Software: nginx /
Resource Hash: 9b207b0bbcb38b750fcc55ddfa727b2b8fa6a2265aa7e9195392505ee4e72122

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:14 GMT
content-encoding: gzip
last-modified: Sat, 12 Nov 2022 14:51:54 GMT
server: nginx
etag: W/"636fb30a-14fa4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3888000
expires: Tue, 27 Dec 2022 15:46:14 GMT

GET
H2 200 jquery-1.11.2.min.js Show response
gugl.ga/js/ 94 KB
33 KB 237ms
236ms Script
application/javascript 31.31.198.105
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://gugl.ga/js/jquery-1.11.2.min.js
Requested by: Host: gugl.ga
URL: https://gugl.ga/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.31.198.105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server7.hosting.reg.ru
Software: nginx /
Resource Hash: 2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:14 GMT
content-encoding: gzip
last-modified: Sat, 12 Nov 2022 14:51:53 GMT
server: nginx
etag: W/"636fb309-176bb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3888000
expires: Tue, 27 Dec 2022 15:46:14 GMT

GET
H2 200 prefixfree.min.js Show response
gugl.ga/js/ 7 KB
3 KB 237ms
236ms Script
application/javascript 31.31.198.105
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://gugl.ga/js/prefixfree.min.js
Requested by: Host: gugl.ga
URL: https://gugl.ga/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.31.198.105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server7.hosting.reg.ru
Software: nginx /
Resource Hash: e877f06bde4d9291b2b4d57898866401f82bb096f3c4eca6dc6a21783be9f73f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:14 GMT
content-encoding: gzip
last-modified: Sat, 12 Nov 2022 14:51:55 GMT
server: nginx
etag: W/"636fb30b-1a30"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3888000
expires: Tue, 27 Dec 2022 15:46:14 GMT

GET
H2 200 logo.png
gugl.ga/img/ 3 KB
3 KB 82ms
79ms Image
image/png 31.31.198.105
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gugl.ga/img/logo.png
Requested by: Host: gugl.ga
URL: https://gugl.ga/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.31.198.105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server7.hosting.reg.ru
Software: nginx /
Resource Hash: a7fa9350e6f29f203ebe4e13a85388fb725dbdcad59c37331a0376512d9fa320

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
last-modified: Sat, 12 Nov 2022 14:57:15 GMT
server: nginx
etag: "636fb44b-a5b"
content-type: image/png
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 2651
expires: Tue, 27 Dec 2022 15:46:15 GMT

GET
H2 200 1.png
gugl.ga/img/flag/ 10 KB
10 KB 83ms
79ms Image
image/png 31.31.198.105
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gugl.ga/img/flag/1.png
Requested by: Host: gugl.ga
URL: https://gugl.ga/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.31.198.105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server7.hosting.reg.ru
Software: nginx /
Resource Hash: 856d85d82118cc840d764cb322eac34e6d577d72bbdfb3348ad11cd7dfebbb28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
last-modified: Sat, 12 Nov 2022 14:57:30 GMT
server: nginx
etag: "636fb45a-274f"
content-type: image/png
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 10063
expires: Tue, 27 Dec 2022 15:46:15 GMT

GET
H2 200 2.png
gugl.ga/img/flag/ 24 KB
24 KB 83ms
80ms Image
image/png 31.31.198.105
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gugl.ga/img/flag/2.png
Requested by: Host: gugl.ga
URL: https://gugl.ga/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.31.198.105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server7.hosting.reg.ru
Software: nginx /
Resource Hash: ea51d9d940a35bff2403d155b95cdbc3bfd3672885d49bedf7b3333f09876d92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
last-modified: Sat, 12 Nov 2022 14:57:31 GMT
server: nginx
etag: "636fb45b-5f3f"
content-type: image/png
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 24383
expires: Tue, 27 Dec 2022 15:46:15 GMT

GET
H2 200 3.png
gugl.ga/img/flag/ 14 KB
15 KB 84ms
81ms Image
image/png 31.31.198.105
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gugl.ga/img/flag/3.png
Requested by: Host: gugl.ga
URL: https://gugl.ga/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.31.198.105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server7.hosting.reg.ru
Software: nginx /
Resource Hash: 860af4136ed57882e2e9b37091969ae268046ba040d7054fe105571cea99ce3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
last-modified: Sat, 12 Nov 2022 14:57:32 GMT
server: nginx
etag: "636fb45c-3952"
content-type: image/png
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 14674
expires: Tue, 27 Dec 2022 15:46:15 GMT

GET
H2 200 4.png
gugl.ga/img/flag/ 14 KB
14 KB 84ms
81ms Image
image/png 31.31.198.105
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gugl.ga/img/flag/4.png
Requested by: Host: gugl.ga
URL: https://gugl.ga/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.31.198.105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server7.hosting.reg.ru
Software: nginx /
Resource Hash: 812d0f07f26b14bc12ebf74d699099e3fa049ec09c2aaaacec25cf5ce8547f2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
last-modified: Sat, 12 Nov 2022 14:57:32 GMT
server: nginx
etag: "636fb45c-36cd"
content-type: image/png
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 14029
expires: Tue, 27 Dec 2022 15:46:15 GMT

GET
H2 200 5.png
gugl.ga/img/flag/ 13 KB
13 KB 85ms
82ms Image
image/png 31.31.198.105
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gugl.ga/img/flag/5.png
Requested by: Host: gugl.ga
URL: https://gugl.ga/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.31.198.105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server7.hosting.reg.ru
Software: nginx /
Resource Hash: daaede23b88adfdab069eb1633cda9abb7326ecaff2207a8b5649f046fe86a76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
last-modified: Sat, 12 Nov 2022 14:57:33 GMT
server: nginx
etag: "636fb45d-3512"
content-type: image/png
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 13586
expires: Tue, 27 Dec 2022 15:46:15 GMT

GET
H2 200 6.png
gugl.ga/img/flag/ 8 KB
8 KB 86ms
83ms Image
image/png 31.31.198.105
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gugl.ga/img/flag/6.png
Requested by: Host: gugl.ga
URL: https://gugl.ga/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.31.198.105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server7.hosting.reg.ru
Software: nginx /
Resource Hash: 329f79c0441a8516e75e17ea8a736903a739d32f97b35af8b5f6ed72a76173d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
last-modified: Sat, 12 Nov 2022 14:57:32 GMT
server: nginx
etag: "636fb45c-1ec9"
content-type: image/png
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 7881
expires: Tue, 27 Dec 2022 15:46:15 GMT

GET
H2 200 7.png
gugl.ga/img/flag/ 13 KB
13 KB 86ms
83ms Image
image/png 31.31.198.105
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gugl.ga/img/flag/7.png
Requested by: Host: gugl.ga
URL: https://gugl.ga/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.31.198.105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server7.hosting.reg.ru
Software: nginx /
Resource Hash: 7f9aecc97ef6427f89867b031e002c608781afb858bc9507f559e1a8b53e0b80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
last-modified: Sat, 12 Nov 2022 14:57:33 GMT
server: nginx
etag: "636fb45d-34f5"
content-type: image/png
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 13557
expires: Tue, 27 Dec 2022 15:46:15 GMT

GET
H2 200 8.png
gugl.ga/img/flag/ 12 KB
13 KB 87ms
84ms Image
image/png 31.31.198.105
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gugl.ga/img/flag/8.png
Requested by: Host: gugl.ga
URL: https://gugl.ga/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.31.198.105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server7.hosting.reg.ru
Software: nginx /
Resource Hash: 154fda8f4a115fbd1d424d1e777d6866504f59d24212573742ab647f671f9627

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
last-modified: Sat, 12 Nov 2022 14:57:33 GMT
server: nginx
etag: "636fb45d-3177"
content-type: image/png
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 12663
expires: Tue, 27 Dec 2022 15:46:15 GMT

GET
H2 200 9.png
gugl.ga/img/flag/ 8 KB
8 KB 87ms
85ms Image
image/png 31.31.198.105
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gugl.ga/img/flag/9.png
Requested by: Host: gugl.ga
URL: https://gugl.ga/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.31.198.105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server7.hosting.reg.ru
Software: nginx /
Resource Hash: 83fabdd1f5a6314701f3d045b425a8375408896a1c32cf09c3624e511604d496

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
last-modified: Sat, 12 Nov 2022 14:57:33 GMT
server: nginx
etag: "636fb45d-1f0d"
content-type: image/png
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 7949
expires: Tue, 27 Dec 2022 15:46:15 GMT

GET
H2 200 10.png
gugl.ga/img/flag/ 19 KB
19 KB 88ms
86ms Image
image/png 31.31.198.105
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gugl.ga/img/flag/10.png
Requested by: Host: gugl.ga
URL: https://gugl.ga/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.31.198.105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server7.hosting.reg.ru
Software: nginx /
Resource Hash: 1a634416a45d5b46ca42d0f727f9f488aac58ac040ce1d800748f7c9a06ab141

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
last-modified: Sat, 12 Nov 2022 14:57:30 GMT
server: nginx
etag: "636fb45a-4c1d"
content-type: image/png
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 19485
expires: Tue, 27 Dec 2022 15:46:15 GMT

GET
H2 200 11.png
gugl.ga/img/flag/ 22 KB
22 KB 88ms
86ms Image
image/png 31.31.198.105
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gugl.ga/img/flag/11.png
Requested by: Host: gugl.ga
URL: https://gugl.ga/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.31.198.105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server7.hosting.reg.ru
Software: nginx /
Resource Hash: e74d72b279797f0486c4659a646354c787a55f7c3f062f7ca91d6fc35e097f95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
last-modified: Sat, 12 Nov 2022 14:57:31 GMT
server: nginx
etag: "636fb45b-588c"
content-type: image/png
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 22668
expires: Tue, 27 Dec 2022 15:46:15 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 76 KB
26 KB 152ms
52ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2

Requested by

Host: gugl.ga
URL: https://gugl.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

64031c1784f63faf317e1557524eee06cb4f7e31edb284164f02a73242c90df6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 15:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads.php Show response
webtrafic.ru/ 4 KB
2 KB 292ms
190ms Script
text/html 2606:4700:3031::6815:17b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrafic.ru/ads.php?uid=550
Requested by: Host: gugl.ga
URL: https://gugl.ga/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:17b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fda2cb647bc3d027876f95095e33dfb8a53ce9065774e27dd7a8e9c33088979b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxfJphs9Vu7y6PbEWr%2BmRIGbVcoKyMqrAcCaDSP1ZF4FUm2B1IN2c%2BurNTIoNHlpIAjQHyOyXe6eQ7kORnUr2k%2BdvYNflI9h1quY5lC9m%2Fvl6N%2FGZ8fdbTYWwQA1KFGdZ7baF5bVAQ1NeXw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-ray: 7690663bc8f49106-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK / Show response
468.surf/view/468/ 1 KB
955 B 297ms
45ms Script
text/javascript 37.1.216.156
SCALAXY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://468.surf/view/468/?uid=4480

Requested by

Host: gugl.ga
URL: https://gugl.ga/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

37.1.216.156 Meppel, Netherlands, ASN58061 (SCALAXY-AS, NL),

Reverse DNS

468.surf

Software

nginx / PHP/7.1.33

Resource Hash

9dd3a3ef12f78cc39d68e37dd141135f1499dd167078cd81ce6cc85cbc7d2896

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sat, 12 Nov 2022 15:46:15 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.1.33
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 551
X-XSS-Protection: 1; mode=block
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK banner.php Show response
unitraffic.net/ 2 KB
1 KB 256ms
47ms Script
text/html 85.208.187.144
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL: https://unitraffic.net/banner.php?user=1571
Requested by: Host: gugl.ga
URL: https://gugl.ga/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.208.187.144 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: unitraffic.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4c84f17307acf7437f33cae9bea29c631186f4506513d7a916462c093e8b9b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 12 Nov 2022 15:46:15 GMT
Content-Encoding: gzip
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

3.gif
redsurf.ru/bn/
Redirect Chain

https://gugl.ga/redirect.php?u=https://redsurf.ru/bn/3.gif
https://redsurf.ru/bn/3.gif

11 KB
11 KB

498ms
37ms

Image
image/gif

5.187.6.123
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redsurf.ru/bn/3.gif
Requested by: Host: gugl.ga
URL: https://gugl.ga/
Protocol: HTTP/1.1
Server: 5.187.6.123 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS: dsde457.fornex.org
Software: nginx/1.0.15 /
Resource Hash: 40ab0146feecfcf7cebdc86be12afdc113910bf15977d232916dd9fccc85b517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sat, 12 Nov 2022 15:08:13 GMT
Last-Modified: Fri, 02 Mar 2018 06:42:20 GMT
Server: nginx/1.0.15
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11214
Content-Type: image/gif

Redirect headers

location: https://redsurf.ru/bn/3.gif
date: Sat, 12 Nov 2022 15:46:15 GMT
server: nginx
x-powered-by: PHP/5.6.36
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK slider.php Show response
regionads.ru/js/ 7 KB
8 KB 517ms
95ms Script
text/html 188.120.236.88
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://regionads.ru/js/slider.php?id=840

Requested by

Host: gugl.ga
URL: https://gugl.ga/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.120.236.88 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

viktor13kuznetsov1.fvds.ru

Software

nginx/1.16.1 / PHP/5.3.3

Resource Hash

92f29f19d64f54be88a80791fb7ae162f2d68505435632606a806c22a3874ebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sat, 12 Nov 2022 15:46:15 GMT
Strict-Transport-Security: max-age=31536000;
Server: nginx/1.16.1
Connection: keep-alive
X-Powered-By: PHP/5.3.3
Transfer-Encoding: chunked
Content-Type: text/html; charset=windows-1251

GET
H2 200 fon.jpg
gugl.ga/img/ 2 MB
2 MB 83ms
83ms Image
image/jpeg 31.31.198.105
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gugl.ga/img/fon.jpg
Requested by: Host: gugl.ga
URL: https://gugl.ga/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.31.198.105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server7.hosting.reg.ru
Software: nginx /
Resource Hash: 90f2a454e9086b194f8303e82031e0aea6a221626384e18177af2000ca461ea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
last-modified: Sat, 12 Nov 2022 14:57:28 GMT
server: nginx
etag: "636fb458-1ee547"
content-type: image/jpeg
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 2024775
expires: Tue, 27 Dec 2022 15:46:15 GMT

GET
H2 200 fa-solid-900.woff2
gugl.ga/css/icons/webfonts/ 311 KB
311 KB 154ms
153ms Font
application/octet-stream 31.31.198.105
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://gugl.ga/css/icons/webfonts/fa-solid-900.woff2
Requested by: Host: gugl.ga
URL: https://gugl.ga/css/icons/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.31.198.105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server7.hosting.reg.ru
Software: nginx /
Resource Hash: c5d9c49183cdd250b5282ddf8e8e9272b26fb15348ac8aea037ec45dfbdc53aa

Request headers

Referer: https://gugl.ga/css/icons/css/all.css
Origin: https://gugl.ga
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
last-modified: Sat, 12 Nov 2022 14:57:10 GMT
server: nginx
accept-ranges: bytes
etag: "4da54-5ed473883053b"
content-length: 318036

GET
H2 200 fa-duotone-900.woff2
gugl.ga/css/icons/webfonts/ 422 KB
422 KB 154ms
153ms Font
application/octet-stream 31.31.198.105
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://gugl.ga/css/icons/webfonts/fa-duotone-900.woff2
Requested by: Host: gugl.ga
URL: https://gugl.ga/css/icons/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.31.198.105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server7.hosting.reg.ru
Software: nginx /
Resource Hash: 06323e048f41aef56c7753ecbb5a7a3c91113ea1a2514905c30e049cfcf06be3

Request headers

Referer: https://gugl.ga/css/icons/css/all.css
Origin: https://gugl.ga
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
last-modified: Sat, 12 Nov 2022 14:56:15 GMT
server: nginx
accept-ranges: bytes
etag: "696ec-5ed4735471bed"
content-length: 431852

GET
H2 200 TRYClother-Black.woff2
gugl.ga/css/fonts/ 51 KB
51 KB 154ms
154ms Font
application/octet-stream 31.31.198.105
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://gugl.ga/css/fonts/TRYClother-Black.woff2
Requested by: Host: gugl.ga
URL: https://gugl.ga/css/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.31.198.105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server7.hosting.reg.ru
Software: nginx /
Resource Hash: 1d4d9d85b55d8468bf31debe61aad6da808ef389ec72b1e677bf68c46c867b8f

Request headers

Referer: https://gugl.ga/css/fonts.css
Origin: https://gugl.ga
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
last-modified: Sat, 12 Nov 2022 14:52:40 GMT
server: nginx
accept-ranges: bytes
etag: "cafc-5ed472875821e"
content-length: 51964

GET
H2 200 style.css Show response
gugl.ga/css/ 9 KB
2 KB 145ms
145ms XHR
text/css 31.31.198.105
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://gugl.ga/css/style.css
Requested by: Host: gugl.ga
URL: https://gugl.ga/js/prefixfree.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.31.198.105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server7.hosting.reg.ru
Software: nginx /
Resource Hash: 89fc57e04ea47a3bb39c66fd38da7d5da9c5953e711d7ba301de06cdc08c1b82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
content-encoding: gzip
last-modified: Sat, 12 Nov 2022 14:52:10 GMT
server: nginx
etag: W/"636fb31a-22b5"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3888000
expires: Tue, 27 Dec 2022 15:46:15 GMT

GET
H2 200 fonts.css Show response
gugl.ga/css/ 2 KB
536 B 145ms
145ms XHR
text/css 31.31.198.105
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://gugl.ga/css/fonts.css
Requested by: Host: gugl.ga
URL: https://gugl.ga/js/prefixfree.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.31.198.105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server7.hosting.reg.ru
Software: nginx /
Resource Hash: ca38ee51f6c49c0f0e89e6969aacfd7da147d9e26046e1405edb13cf39383a25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
content-encoding: gzip
last-modified: Sat, 12 Nov 2022 14:52:10 GMT
server: nginx
etag: W/"636fb31a-755"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3888000
expires: Tue, 27 Dec 2022 15:46:15 GMT

GET
H2 200 all.css Show response
gugl.ga/css/icons/css/ 489 KB
98 KB 145ms
145ms XHR
text/css 31.31.198.105
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://gugl.ga/css/icons/css/all.css
Requested by: Host: gugl.ga
URL: https://gugl.ga/js/prefixfree.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.31.198.105 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: server7.hosting.reg.ru
Software: nginx /
Resource Hash: 1a02638af64044a18e7e8489e13fd4ce0cc537e09a97ea71c416b6cd4a0f458b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
content-encoding: gzip
last-modified: Sat, 12 Nov 2022 14:52:45 GMT
server: nginx
etag: W/"636fb33d-7a3f5"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3888000
expires: Tue, 27 Dec 2022 15:46:15 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 133ms
37ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.Vc127tLVbBs.O/d=1/rs=AN8SPfqoYtoeI2Vx8ajgyv27S_f2gtExlQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 14:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 12 Nov 2022 15:50:59 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.Vc127tLVbBs.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqoYtoeI2Vx8ajgyv27S_f2gtExlQ/ 207 KB
207 KB 134ms
38ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.Vc127tLVbBs.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqoYtoeI2Vx8ajgyv27S_f2gtExlQ/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.Vc127tLVbBs.O/d=1/rs=AN8SPfqoYtoeI2Vx8ajgyv27S_f2gtExlQ/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cef9ae613e310483b7a82169bdabb06d68af52447bdf6b586b234cf97f7bfcb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 12:28:34 GMT
x-content-type-options: nosniff
age: 184661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 211458
x-xss-protection: 0
last-modified: Sun, 23 Oct 2022 01:11:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Nov 2023 12:28:34 GMT

GET
H2 200 promotion-86991.php Show response
www.netvisiteurs.com/ Frame 6BEE 4 KB
2 KB 291ms
173ms Document
text/html 2606:4700:20::681a:a2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netvisiteurs.com/promotion-86991.php

Requested by

Host: gugl.ga
URL: https://gugl.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a0add16f90f3cbadc33a8374badbe5a35ef574e86404c6e177f6f179a5fe7b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gugl.ga/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7690663d3dda6943-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 12 Nov 2022 15:46:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: unsafe-url
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pbyuUy5RZ1XckA7XuLVQ9gem5HdsOnLYy2rYQ0yesPaTXSBQH2TBTxySvFOIvyh8D5mlyOKgzymcKKkccglVYkP21mbfAPj2oS7kp0RKrLJ6UCz%2FwNEuU%2Bi5Lsqhozklk0Db0HMG03P%2FPQHXcH6mgAr%2F"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 dexeeck Show response
crypto-fire.website/mine/partner/ Frame F5B7 11 KB
4 KB 202ms
103ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://crypto-fire.website/mine/partner/dexeeck
Requested by: Host: gugl.ga
URL: https://gugl.ga/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e07c6c1175efe1e4930d6004b3cc18cd75abbcd055e6c74dbf21d473647f7c1

Request headers

Referer: https://gugl.ga/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7690663d1878bb4a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 12 Nov 2022 15:46:15 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3Fd8cyeh28LrektXU3l64M8utWT79GvNd%2BR4dCKoOz9etU2Yq9PEAlRnrNPfwwEyNgZ6g%2Bir8AbvTiUyrTP3QCTxwSjI0jf%2BOV9o4NPESjZcroUCrTYVyDuXagU0D8pHTrPfLq529iVfsRHU3C7DkK0"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 js.php Show response
in-surf.ru/adv/ 6 KB
7 KB 562ms
82ms Script
text/html 78.110.50.124
HOSTING-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://in-surf.ru/adv/js.php?i=535&b=3&w=728px&u=https%3A%2F%2Fgugl.ga%2F&r=484383
Requested by: Host: gugl.ga
URL: https://gugl.ga/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.110.50.124 Moscow, Russian Federation, ASN12616 (HOSTING-MSK, RU),
Reverse DNS: cl9-w.ht-systems.ru
Software: Apache/2.2.15 (Red Hat) mod_rpaf/0.6 PHP/5.4.45 / PHP/5.4.45
Resource Hash: 7595a51e52566e3ce271a09f54e96a0ef70601ce49f01c6a039000d235f4ec7a

Request headers

Referer: https://gugl.ga/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
server: Apache/2.2.15 (Red Hat) mod_rpaf/0.6 PHP/5.4.45
x-powered-by: PHP/5.4.45
content-length: 6614
content-type: text/html; charset=cp1251

GET
H/1.1 200
OK banner_empty.png
unitraffic.net/img/ 5 KB
6 KB 62ms
62ms Image
image/png 85.208.187.144
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unitraffic.net/img/banner_empty.png
Requested by: Host: gugl.ga
URL: https://gugl.ga/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.208.187.144 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: unitraffic.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8c9960fa2ab2600dad21e8bc1ad0062120067252c7920e8492df81808c2b0af4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sat, 12 Nov 2022 15:46:15 GMT
Last-Modified: Sun, 17 Apr 2022 06:44:13 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625bb73d-1510"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5392
Expires: Sun, 13 Nov 2022 15:46:15 GMT

GET
H2 200 / Show response
webtrafic.ru/ Frame A257 19 KB
6 KB 212ms
211ms Document
text/html 2606:4700:3031::6815:17b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrafic.ru/
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/ads.php?uid=550
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:17b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 576da03605f43ae5ba24bee120e6be0cefc33a807fff45b1c94664ab5d0688d3

Request headers

Referer: https://gugl.ga/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7690663d0be29106-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 12 Nov 2022 15:46:15 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SE2LfoGAhvP8InLDpm7wtizVv3dZihGXTagybi3FHqZrOWxDPBJh2Gsmh5hjLpYfkR2mt7ov6GQk4Sij%2FvV4mp9EZQdwDXO%2FzilEtWfvMJs%2FCOEEnd9oJfG8UgN4kGmE6wLf2KQvp%2BVpue0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 e9b78946ebb05e9284c7df06ab49e5d7.gif
webtrafic.ru/banners/ 118 KB
118 KB 47ms
45ms Image
image/gif 2606:4700:3031::6815:17b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webtrafic.ru/banners/e9b78946ebb05e9284c7df06ab49e5d7.gif
Requested by: Host: gugl.ga
URL: https://gugl.ga/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:17b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bef36d1149db269dcae3850c398c7c21e801d1e68b6c7af5fde2170354163b4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
cf-cache-status: HIT
last-modified: Sat, 12 Nov 2022 12:46:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3552
etag: "636f95bb-1d7ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NoXByZhwEHCn9s0ewUTIDrsc6pMzZJoeFOuiRBKwLL0sq49wQni12Mkq1vHgQGSzsnvTY%2BQEvv9gfyaH667mes%2B%2FixkzNAXgPGIQW5Tn5D6UoJDZM6WvZY7LLFWL2RmMupHBhPDskuSO0Ow%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7690663d0bdf9106-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 120812

GET
H/1.1 200
OK fv.php Show response
468.surf/view/468/ Frame C8A5 2 KB
1 KB 55ms
55ms Document
text/html 37.1.216.156
SCALAXY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://468.surf/view/468/fv.php?size=1&ison=1&user=4480&vt=6&dref=https://gugl.ga/&scrw=1600&scrh=1200&timestamp=1668267975187

Requested by

Host: 468.surf
URL: https://468.surf/view/468/?uid=4480

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

37.1.216.156 Meppel, Netherlands, ASN58061 (SCALAXY-AS, NL),

Reverse DNS

468.surf

Software

nginx / PHP/7.1.33

Resource Hash

7af9c4bd00f0301fea6c5f55e330d8c01fe2e65bbf30e9c27c2c8f6872730c48

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gugl.ga/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 782
Content-Type: text/html; charset=UTF-8
Date: Sat, 12 Nov 2022 15:46:15 GMT
Expires: Mon, 12 Dec 2022 15:46:15 GMT
Keep-Alive: timeout=60
Server: nginx
Vary: Accept-Encoding
X-Powered-By: PHP/7.1.33
X-XSS-Protection: 1; mode=block

GET
H2 200 468x60.gif
imdbux.com/assets/banners/ Frame C8A5 292 KB
293 KB 164ms
52ms Image
image/gif 2606:4700:3034::6815:5922
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imdbux.com/assets/banners/468x60.gif
Requested by: Host: 468.surf
URL: https://468.surf/view/468/fv.php?size=1&ison=1&user=4480&vt=6&dref=https://gugl.ga/&scrw=1600&scrh=1200&timestamp=1668267975187
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5922 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 188eb686cb3f43df6923ef93027c80f42d03026af33dfe9512461b2997f7876d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://468.surf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
cf-cache-status: HIT
last-modified: Thu, 20 Aug 2020 06:59:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1200725
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFadhRc2yjnK%2BRRaW0lVtHK4Et68tfp3NC%2FBdJF1Bl6bQLJFksQAfl8uWB7RICmd4APNlHCmnRH1bACnGcSbo%2FJZ%2FaHzWQRsgQquf2ZLpvWLUjCUUqb4koZUMCjdFjfVJLdmDH0cYzv0"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7690663e4a7e912b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 299494
expires: Mon, 28 Nov 2022 18:14:09 GMT

GET
H/1.1 200
OK icon.ico
468.surf/img/ Frame C8A5 1 KB
1 KB 44ms
44ms Image
image/x-icon 37.1.216.156
SCALAXY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://468.surf/img/icon.ico
Requested by: Host: 468.surf
URL: https://468.surf/view/468/fv.php?size=1&ison=1&user=4480&vt=6&dref=https://gugl.ga/&scrw=1600&scrh=1200&timestamp=1668267975187
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.1.216.156 Meppel, Netherlands, ASN58061 (SCALAXY-AS, NL),
Reverse DNS: 468.surf
Software: nginx /
Resource Hash: 94bf0ccb8d73cf9803956c9e069a89e8b470b3671e903591f4259008afec7ed6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://468.surf/view/468/fv.php?size=1&ison=1&user=4480&vt=6&dref=https://gugl.ga/&scrw=1600&scrh=1200&timestamp=1668267975187
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sat, 12 Nov 2022 15:46:15 GMT
Last-Modified: Thu, 30 Sep 2021 10:56:17 GMT
Server: nginx
ETag: "615597d1-47e"
Content-Type: image/x-icon
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 1150
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 font-awesome.min.css
crypto-fire.website/fonts/font-awesome/css/ Frame F5B7 23 KB
6 KB 103ms
50ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://crypto-fire.website/fonts/font-awesome/css/font-awesome.min.css
Requested by: Host: crypto-fire.website
URL: https://crypto-fire.website/mine/partner/dexeeck
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 222d75918bb518d46a4d283da7de243b4409d597a8c6856070a07e96b600e6d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crypto-fire.website/mine/partner/dexeeck
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 08 Oct 2021 16:00:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 77318
etag: W/"61606b32-5cbe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ic0PVdZnaqU7f6ZmJzZjuWDOlgRDICRijelgrwm%2Fi9QPxBAG8kZ2PfSEoC0YED4d8xqrHc4u9ipJfQzc0YXal0O6k4V0D%2B9KAJFj3ZaC4nU037UGVLNADwgzOTqxWhTn52lknQPgfMpTudJ6osDnLIZL"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 7690663fad2a90af-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 18 Nov 2022 18:17:37 GMT

GET
H3 200 style.css
crypto-fire.website/css/ Frame F5B7 7 KB
2 KB 104ms
53ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://crypto-fire.website/css/style.css
Requested by: Host: crypto-fire.website
URL: https://crypto-fire.website/mine/partner/dexeeck
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8559c828ef9ff57ce9858747f4cee96bbef1b556d1bed76663f91211d69be09c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crypto-fire.website/mine/partner/dexeeck
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 13 Feb 2022 18:11:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 77318
etag: W/"620949d3-1d8c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Ly9KzCAoHgcOVByQU2%2B09fAZ9TicT5cCAQ3gtJ3MjJIc8etfbLDW99dUJU2ViKfFMz3RotIIk54nqECEtJ%2BdQs%2B%2Fp2m1I2dYd7yIb4AeLO3Dl%2FPso7qDlKF4HA37cPOhFExpG4Dme739J3sMazfxAyQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 7690663fad2890af-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 18 Nov 2022 18:17:37 GMT

GET
H2 200 jquery-3.2.1.js Show response
code.jquery.com/ Frame F5B7 262 KB
78 KB 2828ms
2585ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.js
Requested by: Host: crypto-fire.website
URL: https://crypto-fire.website/mine/partner/dexeeck
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9027289ffa5d9f6c8b4e0782bb31bbff2cef5ee3708ccbcb7a22df9128bb21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crypto-fire.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:16 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-41707"
vary: Accept-Encoding
x-hw: 1668267976.dop226.fr8.t,1668267976.cds124.fr8.hn,1668267976.cds221.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 79082

GET
H3 200 noty.css
crypto-fire.website/css/ Frame F5B7 18 KB
3 KB 105ms
52ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://crypto-fire.website/css/noty.css
Requested by: Host: crypto-fire.website
URL: https://crypto-fire.website/mine/partner/dexeeck
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7e3e1289103a8df5fe67d381fec0db46a27576a535c6981e19afb3d9de527fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crypto-fire.website/mine/partner/dexeeck
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Oct 2021 16:59:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 77318
etag: W/"6172eddd-495e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUJrVeX0XytoRnZKfUUsnUNpRMaeUP41JA%2BOoCS1lyNHATtjc5VIH4LUDXcri2ytKn0iqhI5A9I5%2B01P9LmizNCqORdRG5a8suxM4qK9aSmk7AqeMhFUZJq7za1ahe39TC%2BJIyjBgDtWcwJxGqN0mZ1G"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 7690663fad2d90af-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 18 Nov 2022 18:17:37 GMT

GET
H3 200 animate.min.css
crypto-fire.website/css/ Frame F5B7 52 KB
5 KB 139ms
87ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://crypto-fire.website/css/animate.min.css
Requested by: Host: crypto-fire.website
URL: https://crypto-fire.website/mine/partner/dexeeck
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crypto-fire.website/mine/partner/dexeeck
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Oct 2021 17:22:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 77318
etag: W/"6172f361-ce35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxcluQGOxVXG%2BVWfFYablRstcrcE%2FY%2FV8nP3X0A22jXcA%2B%2FOOjwF0JPMoVK63z%2BZAuE%2Foahq6CYv5obVliRahc6Ga5PmSYC4pnLbh8XhDM4hJfTXnwAFqx51jWw%2FQqunaWCLYiEURAne4rf73d%2BBbQwV"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 7690663fad2f90af-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 18 Nov 2022 18:17:37 GMT

GET
H3 200 noty.min.js Show response
crypto-fire.website/js/ Frame F5B7 30 KB
10 KB 140ms
88ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://crypto-fire.website/js/noty.min.js
Requested by: Host: crypto-fire.website
URL: https://crypto-fire.website/mine/partner/dexeeck
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab3c4246aa42f5d76d523162099fd39b28a648c50a865c3d71a68ea315df3616

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crypto-fire.website/mine/partner/dexeeck
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Oct 2021 17:24:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 77452
etag: W/"6172f3c6-7909"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0VvSVECwB2StzbtyGNlof%2FDY4kadzSC6KWP%2FPdTb2y4d6EVDu6hzukY5zKV38UZsc1Csg%2F4agltccHcMqR1SQJ0EIL2T3pcsRBILS4nH0QXa8154nqI1QPsyiCsN0L9lR8FaQcSRlyPt8m%2FI3lCFVR4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 7690663fad3090af-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 18 Nov 2022 18:15:23 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F5B7 166 KB
54 KB 173ms
63ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: crypto-fire.website
URL: https://crypto-fire.website/mine/partner/dexeeck

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8d59b5e5b5a65e098c00a1c63d72ff470567e784fd2303a4eb73daff749dbe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crypto-fire.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55084
x-xss-protection: 0
server: cafe
etag: 7083415191737086968
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 12 Nov 2022 15:46:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame F5B7 211 KB
75 KB 138ms
55ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DK2BL5MDMQ

Requested by

Host: crypto-fire.website
URL: https://crypto-fire.website/mine/partner/dexeeck

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4631f730fd5e1de10c2c0d9ca47a904bba3ea49992a1660c5de8227a3d7e12e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crypto-fire.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75981
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 12 Nov 2022 15:46:16 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F5B7 166 KB
54 KB 139ms
63ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2242642741687493

Requested by

Host: crypto-fire.website
URL: https://crypto-fire.website/mine/partner/dexeeck

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

195f1be8beee0dd767c26cd69f138e294b163b7c1f7dc3127f7c3a9c590618b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://crypto-fire.website/
Origin: https://crypto-fire.website
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55067
x-xss-protection: 0
server: cafe
etag: 6376209396933103620
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 12 Nov 2022 15:46:16 GMT

GET
H3 200 88.gif
crypto-fire.website/ Frame F5B7 78 KB
79 KB 53ms
53ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto-fire.website/88.gif
Requested by: Host: crypto-fire.website
URL: https://crypto-fire.website/mine/partner/dexeeck
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e84faefaf7324312620feaecb1cc52fdad0b870ed79e0e1fca8179c18555330

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crypto-fire.website/mine/partner/dexeeck
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77452
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80373
last-modified: Mon, 01 Nov 2021 13:25:24 GMT
server: cloudflare
etag: "617feac4-139f5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQMdSSuJiOfTae%2BdMrQGW9xM6tLqrusyIdafzNSCvV1QxS%2BkPIf66S82O%2BV67vjGjwZEDxi7HpuEerEgsaZNtl9H2lP64JPykANsq1yDgYfRDwT2VCO3bjx1hpAeXFLGuR1UAGjFOoORV4vmNXC0e0Hz"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 76906644fcd590af-FRA
expires: Fri, 18 Nov 2022 18:15:24 GMT

GET
H3 200 728.gif
crypto-fire.website/ Frame F5B7 295 KB
296 KB 49ms
48ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto-fire.website/728.gif
Requested by: Host: crypto-fire.website
URL: https://crypto-fire.website/mine/partner/dexeeck
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0e08e64ac34d8a6b70a3947a0c231dbc7e6413ab4ef8e62903be8c399ce00de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crypto-fire.website/mine/partner/dexeeck
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77452
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 302355
last-modified: Mon, 01 Nov 2021 11:03:29 GMT
server: cloudflare
etag: "617fc981-49d13"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=agOw4CesTBZs5CBW2k5q95NGqS2qRCXA%2F5KnGkXo3R3sH2519nVNYG5gEbgXltyeuigCEZfLV6Eom3QfRWb0itAC52fbRl%2B8v64AmytXtgcKLAniJ7NP7JZU5uoTcLx7u4w8rzNQgcwBlfD28zmG0w0u"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 76906645de0390af-FRA
expires: Fri, 18 Nov 2022 18:15:24 GMT

GET
H3 200 logo.png
crypto-fire.website/img/ Frame F5B7 62 KB
63 KB 46ms
46ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto-fire.website/img/logo.png
Requested by: Host: crypto-fire.website
URL: https://crypto-fire.website/mine/partner/dexeeck
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87d1b840ecfcb4410e64b8b12fc64ad943b7ce0ffb8e651764c91e1844b6bab6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crypto-fire.website/mine/partner/dexeeck
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77319
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63919
last-modified: Fri, 22 Oct 2021 12:27:30 GMT
server: cloudflare
etag: "6172ae32-f9af"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dIxB4cVtrvX7UfQ66nSEy5WYZ9W3lEq3hxGtIOhjqreWnMHgQVn%2BzqjHiRL%2B0rGShVR95ZKmgodO4UkTi1T8vPeydUvT%2Bx%2BhM1RWaJRaSIjLICEs8KIOGFG7f9xTGxHb9NKp15nqVG6mLVItQ74jTWzz"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 76906646af0590af-FRA
expires: Fri, 18 Nov 2022 18:17:37 GMT

GET
H3 200 st1.png
crypto-fire.website/img/ Frame F5B7 4 KB
4 KB 52ms
51ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto-fire.website/img/st1.png
Requested by: Host: crypto-fire.website
URL: https://crypto-fire.website/mine/partner/dexeeck
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ec986873120c2a9b681c1c8d94d0ec03cbb49f11a70e6e1835572ed8959392f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crypto-fire.website/mine/partner/dexeeck
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77319
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3920
last-modified: Fri, 22 Oct 2021 12:55:44 GMT
server: cloudflare
etag: "6172b4d0-f50"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1LHaUuzMmkk3TmQ74IfO7P%2BtmDeXVjeFOl7BjYkpdsOKWaW0HkQh523VWTochh534awCfc7SkPhrObPLPUnUugK4V6J2zKLzf8C4LiO1idJUnbobp1a1jHDNh8q%2BmrgeAjcGr2%2BWOXOsG65M5fqdYzgp"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 76906646ff6a90af-FRA
expires: Fri, 18 Nov 2022 18:17:37 GMT

GET
H3 200 st2.png
crypto-fire.website/img/ Frame F5B7 17 KB
18 KB 47ms
47ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto-fire.website/img/st2.png
Requested by: Host: crypto-fire.website
URL: https://crypto-fire.website/mine/partner/dexeeck
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: add2b51573f21ced2f52bc8c0fdcfabc12b1dc44dfe3af0337d6f21b6ef90b45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crypto-fire.website/mine/partner/dexeeck
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77451
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17444
last-modified: Fri, 22 Oct 2021 12:55:44 GMT
server: cloudflare
etag: "6172b4d0-4424"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLKIt8%2BEz0mZ5BKZzlmsqc4mcRY1cQV462pVEnJLQMOkLnkmUsRQWdGmFs0i5glAA3ZuCexgImfb2uBFAYUXOjTKPHmhkg6OF7zN0Yt4ns4OHnP8lYtmhgw0SkPY9UyPNiFO6HX8xIKLgQEydtV9wxph"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 769066474fd390af-FRA
expires: Fri, 18 Nov 2022 18:15:25 GMT

GET
H3 200 st3.png
crypto-fire.website/img/ Frame F5B7 14 KB
15 KB 50ms
49ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto-fire.website/img/st3.png
Requested by: Host: crypto-fire.website
URL: https://crypto-fire.website/mine/partner/dexeeck
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2e4ec5af902fd16d7f68ce095f53bcf489ee83ea9569f9fb3ab905afdb500f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crypto-fire.website/mine/partner/dexeeck
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77318
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14542
last-modified: Fri, 22 Oct 2021 12:55:44 GMT
server: cloudflare
etag: "6172b4d0-38ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GLWQ73PKJ%2Fcpt9SHbO1sxTNo5YloF25A7H263xXYlHMHLYCOVraBHgdSsqdrdzXmnz9zF%2BXlG4PPetkVD2s%2FY0Y8xvYsCUFfCji%2BD9OsgPRY3jz3YBCYcjOhyhQ0tTPW8hpNSJRmyka9OzDU3sDBWxmG"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 76906647983d90af-FRA
expires: Fri, 18 Nov 2022 18:17:38 GMT

GET
H3 200 btc.png
crypto-fire.website/img/ Frame F5B7 26 KB
26 KB 65ms
65ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto-fire.website/img/btc.png
Requested by: Host: crypto-fire.website
URL: https://crypto-fire.website/mine/partner/dexeeck
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4cb710135307100f2c6fb1314fbf33d24ed6076fc39c8009ed70b3e561bab38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crypto-fire.website/mine/partner/dexeeck
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77451
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26278
last-modified: Fri, 22 Oct 2021 13:53:20 GMT
server: cloudflare
etag: "6172c250-66a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v2eKtt6hl7Tz19PkxmOph9vk3w4fUwHZlHa83hVlSb6rvc2t32ATS1CW8xrmTF2jzlEKXory4BV%2FhFLXEZ89dEv8kdAkQ8M%2FJGqC9TnJN8WQ26GtGbpTUiNV6pQ6aUSN3MkYbLCxqFXo1TtPDdRao1hy"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 76906647e8be90af-FRA
expires: Fri, 18 Nov 2022 18:15:25 GMT

GET
H3 200 eth.png
crypto-fire.website/img/ Frame F5B7 25 KB
25 KB 51ms
51ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto-fire.website/img/eth.png
Requested by: Host: crypto-fire.website
URL: https://crypto-fire.website/mine/partner/dexeeck
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bcb18dc726fae16367b930f8754fce02b2545e68fb8f956bedff90acc23cc69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crypto-fire.website/mine/partner/dexeeck
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77319
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25116
last-modified: Fri, 22 Oct 2021 13:53:20 GMT
server: cloudflare
etag: "6172c250-621c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qtTRGTUDBL%2BW6hygwoPD0h53u3barOiv0qBDTb%2Fj27CR8tfw%2FEUZUUzj1H4kt6UPzHclYtDAYFY6vkmHFK4%2BrIEOmK%2FBnbxCTkjn%2F6QQijjtcBkx%2BNBtzxrgeA0VD2b4%2FjRFAWc3tP%2BDZub9I1BlrAQ1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 76906648595190af-FRA
expires: Fri, 18 Nov 2022 18:17:38 GMT

GET
H3 200 doge.png
crypto-fire.website/img/ Frame F5B7 25 KB
25 KB 46ms
46ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto-fire.website/img/doge.png
Requested by: Host: crypto-fire.website
URL: https://crypto-fire.website/mine/partner/dexeeck
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fdf6d2b825d6869430ec46c51bad520f1770f6e57fa1e39a69356bbfeaa4ad4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crypto-fire.website/mine/partner/dexeeck
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77452
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25495
last-modified: Fri, 22 Oct 2021 13:53:20 GMT
server: cloudflare
etag: "6172c250-6397"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vt0%2B9f2Y8ICiIQbL7W4B5TOTlCzk4WdcEOq8mowx%2BTu%2BoHS1%2BDh8bmUharI%2BUddMF4A765IUUpp4CmAAhhTtAiMXntuPEH%2F0evNyIohHsUGuBlKIFw9x776hZvNhTp3TOq81KkYGfG7MvHUUvhuSkIyF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 76906648a9c490af-FRA
expires: Fri, 18 Nov 2022 18:15:25 GMT

GET
H2 200 bancode.php Show response
linkslot.ru/ Frame F5B7 14 KB
5 KB 203ms
97ms Script
application/javascript 2606:4700:3034::6815:4e27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://linkslot.ru/bancode.php?id=344031

Requested by

Host: crypto-fire.website
URL: https://crypto-fire.website/mine/partner/dexeeck

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4e27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e22581bb16889cbe9784dab793764875d07145e5aa53c8bc9466e646427354ba

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crypto-fire.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LsMRsJ%2FIRhvd8qDHV%2B0m7zTEbno9jascMrjuFQqu31ytE4sXTstIC8j83GHD9cS4yDjTW19yNsCTKwgbmrIQGnVgeazvow6jRSUSaNlE66BVzPfe9d20IKVVoKLF8ByzfW98%2FrwBAke0hA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=windows-1251
cf-ray: 7690664a0ff7716e-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 /
images.weserv.nl/ Frame 6BEE 11 KB
12 KB 151ms
50ms Image
image/jpeg 2606:4700:20::ac43:4453
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?url=nouvellecommunaute.com/images/banners/Nouvelle%20communaut%C3%A9.jpg

Requested by

Host: www.netvisiteurs.com
URL: https://www.netvisiteurs.com/promotion-86991.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4453 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efa9831bf50f3196bb99e0b2bd832e7f9cd770683e149c02d07543d167b48552

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.netvisiteurs.com/promotion-86991.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-images-api: 5
date: Sat, 12 Nov 2022 15:46:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 360041
x-cache-status: HIT
x-upstream-response-length: 37277
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11418
cf-bgj: h2pri
last-modified: Tue, 08 Nov 2022 10:47:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EvW3FQIMKOAXButJZqfkxGwU%2FAVne8yZCf88ARTz3wEPG0K44JwFk56bMLHe%2FB0MnOcbG0E1qv9v0BoL%2FNqdkj%2BZn3IZAwIOBREtb1GpkGVc%2BV0l98c0f7IFSuUOdLCTR0Qj2y0m16NWd%2Bcfflo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
link: <https://nouvellecommunaute.com/images/banners/Nouvelle%20communaut%C3%A9.jpg>; rel="canonical"
cf-ray: 7690663fff79bbe3-FRA
expires: Wed, 08 Nov 2023 10:46:51 GMT

GET
H3 200 rocket-loader.min.js Show response
www.netvisiteurs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 6BEE 12 KB
4 KB 88ms
42ms Script
application/javascript 2606:4700:20::681a:a2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netvisiteurs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.netvisiteurs.com
URL: https://www.netvisiteurs.com/promotion-86991.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:a2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.netvisiteurs.com/promotion-86991.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Nov 2022 12:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"636ba270-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v8TNdVnvzi5MoLhaw6tifQLy7JchEvzkGdx7S1KQNqAXYWhKJSgW11TjMQytaLyHz3ZbyJyz5FyZez5invnyRmub3sBIAi3lmGiVpf7lOG%2FnEOybpm0ADXLG890J6iHBOBGBMl1IqTOkMYIGNNKizBzF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7690663faeff6933-FRA
expires: Mon, 14 Nov 2022 15:46:15 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 6BEE 17 KB
6 KB 268ms
179ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: www.netvisiteurs.com
URL: https://www.netvisiteurs.com/promotion-86991.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://www.netvisiteurs.com/promotion-86991.php
Origin: https://www.netvisiteurs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 769066401fea9259-FRA

GET
H3 200 bootstrap.min.css
webtrafic.ru/bootstrap-4.5.0-dist/css/ Frame A257 211 KB
28 KB 88ms
88ms Stylesheet
text/css 2606:4700:3031::6815:17b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrafic.ru/bootstrap-4.5.0-dist/css/bootstrap.min.css
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:17b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 924845387eba579eca9654fc44463904ae1b1d8e41b26586734f2b87a8ae664d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 09 Jan 2022 10:25:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6353
etag: W/"61dab80a-34bac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tSFfRW1GyQbtEGU4r2XNY1HHhPENx5vvuNqgMz5LdSBxGQPDo0IYMiNQe1nAr6qeyB6JTbwqkYmA6gk8ZqGwv6dufEWcJy0w%2F0zSmfQSJS%2Fj0la%2B3PPaTJKN35C6b6tUvkyj7wdIsjp7T8M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7690663f6d11bbd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 font-awesome.min.css
webtrafic.ru/font-awesome-4.7.0/ Frame A257 30 KB
7 KB 49ms
47ms Stylesheet
text/css 2606:4700:3031::6815:17b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrafic.ru/font-awesome-4.7.0/font-awesome.min.css
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:17b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a21a45666b6f49e755d4531a26979916ae3860583b42a56c97b4ccd85fc0419

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 14 Mar 2021 14:24:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6353
etag: W/"604e1ca3-7912"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vWFjLL1IAECTm%2FECPC2bLOZYGHCFa3ncasSVXLwV%2ByeWFRcFzuILr8D3%2BKEvG4vuhFk%2BW1i4F4moe3ZWjlsAjzsb01rOinhaBE6DzZJKWaUICDbWafkhYDwS1ZcUh9xG%2BGfSsxGLNCCx0Eg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7690663f6d1ebbd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 sfs.main.css
webtrafic.ru/css/ Frame A257 19 KB
4 KB 133ms
130ms Stylesheet
text/css 2606:4700:3031::6815:17b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrafic.ru/css/sfs.main.css?v=17
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:17b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13d0a1834bdfe11c9b86dfdd65c16d8134ae8b3bdb0cedc2ae4207b521f03fd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1723
cf-polished: origSize=24226
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 10 Nov 2022 15:14:57 GMT
server: cloudflare
etag: W/"636d1571-5ea2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VD%2FEjDVz1zJB5bhCBXxv5vXX2EqsbrNZhWdOqo9yOeup%2FY4kx2O67np%2FVarWohpCZo%2FtXI1SWIpUMIvBAFIR6kf2hC2CifE5uojKk%2FLCtjZLPhkmbJ7UWVED57mgag5kvbZNvVAYsvrBPv8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7690663f6d21bbd7-FRA

GET
H3 200 jquery-3.4.1.min.js Show response
webtrafic.ru/js/ Frame A257 86 KB
31 KB 133ms
131ms Script
application/javascript 2606:4700:3031::6815:17b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrafic.ru/js/jquery-3.4.1.min.js
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:17b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 14 Mar 2021 14:24:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6345
etag: W/"604e1ca5-15851"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GkqSn0brlBMQYnghRTYpqjf9viFn6XQH2ExmOERKE%2Fv9%2FSXWsNVitaqOQJVDkOFckRF%2Ffdu33QkB5wjq5PVQIGU1%2ByaWVpWg9Ey53ZEMFevr9a7UQTLvClokmn1bUBAZqoWe6gH5BGIwvUA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7690663f6d24bbd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 bootstrap.bundle.min.js Show response
webtrafic.ru/bootstrap-4.5.0-dist/js/ Frame A257 79 KB
22 KB 170ms
168ms Script
application/javascript 2606:4700:3031::6815:17b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrafic.ru/bootstrap-4.5.0-dist/js/bootstrap.bundle.min.js
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:17b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 14 Mar 2021 14:24:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6274
etag: W/"604e1ca2-13cbc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRrYyTG6JSqPZ5Ug%2BpbgbAuo4YvfnjDO%2FbXCkVCbfEnT864PlRB3fdYwUzRc3oLcrXqyi3LNroyz8f4pa4k8n8Ug4PLdQkwML%2F4SfqiD8OksYx4Y5Vz3FH6QYFyqzHohc9aD5IUmnlUoiQg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7690663f6d26bbd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 sfs.main.js Show response
webtrafic.ru/js/ Frame A257 12 KB
5 KB 49ms
47ms Script
application/javascript 2606:4700:3031::6815:17b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrafic.ru/js/sfs.main.js?v=28
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:17b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 128e3065a4f39914c4110615426f8783b0f76f06514f9d5d9869e137dab06dad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6274
cf-polished: origSize=27342
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 18 Oct 2022 14:58:46 GMT
server: cloudflare
etag: W/"634ebf26-6ace"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5OYenYSoItt%2FfQ6la74V1Bpy0p1oKEXFzzF1IFIYpnS%2BoIU5j5TX73SzAtYEJo%2BaLXmABA74nyLtHMW7Td9DjxGaxD4uMOwlw32%2FNJibEkbnUtQ1kt884Tm5Is9Mc7s0ZpCh2wCh3Gu%2FUF4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7690663f6d27bbd7-FRA

GET
H3 200 jquery-ui.min.js Show response
webtrafic.ru/js/ Frame A257 22 KB
7 KB 172ms
170ms Script
application/javascript 2606:4700:3031::6815:17b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrafic.ru/js/jquery-ui.min.js
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:17b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01892468d17dd0e7d8e1f4725608488b8f11b25ae4c63640c3efc74dea845e29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 14 Mar 2021 14:24:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6274
etag: W/"604e1ca5-56d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9WcjwfO%2BcmXh3e2FnWKWuFUi9lSjkolx0vJigr1fjhWBWu7iiJPwo81dyz9BnCuy4RJSPB1pVpT4YJ46gvL87dmFCtS1NrHxbZEOp5Y6TJZXHo9euFjY%2FO4QFMtAe41QxiKUhPGef1yKdJU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7690663f6d28bbd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery-ui.css
webtrafic.ru/css/ Frame A257 16 KB
4 KB 172ms
170ms Stylesheet
text/css 2606:4700:3031::6815:17b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrafic.ru/css/jquery-ui.css
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:17b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f2ad3667151fc31d5de0670357709153ec32b29eb9fa3be061a398dd2cf01ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6353
cf-polished: origSize=19750
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 14 Mar 2021 14:24:35 GMT
server: cloudflare
etag: W/"604e1ca3-4d26"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Oq5UNKqfKmRjhC%2BtY8N4ZRFrbkgIYKp6u%2FsVmiRCdFSdK7RxHFeo%2BMoxZxAHpkSmL4kjSmgZQdzkmT%2BAOKi4eC0ebhIV7HdHB7nvmQmHhMc3A1dHuQSB9WqIu4TuIu%2ByBboHxKttBpp%2BaI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7690663f6d2abbd7-FRA

GET
H3 200 socket.io.min.js Show response
webtrafic.ru/js/ Frame A257 63 KB
16 KB 173ms
171ms Script
application/javascript 2606:4700:3031::6815:17b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrafic.ru/js/socket.io.min.js
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:17b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c0ec901a63dcdf295fe43a8d2cfb39a52694971e94a76a1a230e9125ab0cef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 Oct 2022 14:56:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6274
etag: W/"63482728-fbf8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxjCJRpnb6IPqYITNsTOh2YFpPP9f4LKM%2BA2b%2BrG3lv6LTgdwCxMBlhjYjIxZt66E5WXR2EAx7%2FpUp2U7qLnZp3NI822D7Jc83EV7X1JQWTj0%2BVfoqvDkBEpAsdOLOJ5%2F3hyPwJpiU94o7s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 7690663f6d2cbbd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js.cookie.min.js Show response
cdn.jsdelivr.net/npm/js-cookie@2/src/ Frame A257 2 KB
2 KB 141ms
61ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js

Requested by

Host: webtrafic.ru
URL: https://webtrafic.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20574
x-jsd-version: 2.2.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19144-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"79f-7pVBzxqV0qiF+LFDoQXKqgjKnJ0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbcJc%2F6gV5KRLg9e6womx0Q1FkBRMbq2aL%2FpT5dqQs%2BZbcejHj%2F0xwkmhY%2BOgYR9Nln4KFIylSYtFj2KxT9z1mrN1ynJzrATrUR%2BfowatyQ6cV047V8ZSIb4Kn94IH5KpbV1YSa5svgCAsN%2FzLw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7690663feead926d-FRA

GET
H3 200 google-translate_1.js Show response
webtrafic.ru/js/ Frame A257 2 KB
1 KB 174ms
172ms Script
application/javascript 2606:4700:3031::6815:17b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrafic.ru/js/google-translate_1.js?v=1
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:17b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd69ff752df3dd6dd75cb0f3a297aaa20a1bc062fd04b02824783310b3697b13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6274
cf-polished: origSize=3748
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 14 Mar 2021 14:24:37 GMT
server: cloudflare
etag: W/"604e1ca5-ea4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47imSVuApFY4OjvBNlMBB%2FMCYcYTbWD1JV8zkzjnWeYSQRikasG1AlMfMEDV7PUfNlFDdDhLSibUmBaBXSejbLfzBnErllN3lIOufxwk4JjK3pdNTmPS3B9m8fIQ75biPmOrOsjAq0yQqN8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7690663f6d30bbd7-FRA

GET
H3 200 element.js Show response
translate.google.com/translate_a/ Frame A257 76 KB
26 KB 133ms
55ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=TranslateInit

Requested by

Host: webtrafic.ru
URL: https://webtrafic.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb027c263fc656814dc3b559851da7e9ef7efd90b5266a893a2ea7025941fb29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 15:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 language.css
webtrafic.ru/css/ Frame A257 1 KB
902 B 174ms
172ms Stylesheet
text/css 2606:4700:3031::6815:17b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrafic.ru/css/language.css?v=5
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:17b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47d93873a4cc0d80509412a8b875f3c5249c8c5ed84105e0f8275fe7a7dfca0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6353
cf-polished: origSize=1575
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 24 Sep 2021 08:50:19 GMT
server: cloudflare
etag: W/"614d914b-627"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vo8SXJSh5KgSJswfzgPQub14UvnStxLdS4QqgwLCx6nPu6qul5crWtKXnJKR2diG%2FCF2BX0q9HjRrUQAR3cX90c5jFfS%2Bk4Gr8NeqEoPbuvpd%2BLUQkI74xzQu5qYbVx373agcTespZGzxDg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7690663f6d31bbd7-FRA

GET
H3 200 lang__ru.png
webtrafic.ru/images/lang/ Frame A257 899 B
1 KB 47ms
46ms Image
image/png 2606:4700:3031::6815:17b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webtrafic.ru/images/lang/lang__ru.png
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:17b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73ba093d2e134bee9f470147aad2521ef9ee5d6a48e32dc6377553546a7ce628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
cf-cache-status: HIT
last-modified: Sun, 14 Mar 2021 14:24:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6274
etag: "604e1ca3-383"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wNi2h0Ezu1dWGEpVFZ7aDhB494vHOaZzdP%2FsIZH8VQprJr7Um2L0xRUh73OKib84aASteQ74YbkWoUv3NdADovNetgV9Pqspux6CMuyZg45r5q86zKgOwjMUMJdiPqIg8NY0KW1xPJ%2Fhls8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 76906640a881bbd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 899

GET
H3 200 lang__en.png
webtrafic.ru/images/lang/ Frame A257 1 KB
2 KB 64ms
63ms Image
image/png 2606:4700:3031::6815:17b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webtrafic.ru/images/lang/lang__en.png
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:17b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 270665a3d97e7d35e67813df4aef7c8dd7a31ba1795c72568a74e796337aa193

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
cf-cache-status: HIT
last-modified: Sun, 14 Mar 2021 14:24:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6320
etag: "604e1ca3-4d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldhKNBsMWidavlAksWwxakWewn3hpRnGS5wWA0UbQ90ngYuLw3RetJ%2FG%2FMkCsxNcQPnbEwTbaowVsEChZstCpxjOf6SS3DJAqrM%2F%2FrmYQxSEIcBuiVHNtj%2BzzlWHLv%2BCgb3%2BIpuYnXLCPCs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 76906640a88dbbd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1237

GET
H3 200 lang__de.png
webtrafic.ru/images/lang/ Frame A257 302 B
782 B 50ms
50ms Image
image/png 2606:4700:3031::6815:17b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webtrafic.ru/images/lang/lang__de.png
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:17b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22afd4aaee14dea5dd0e34ac845e57585b18db3ef1d3390170ec8b7428ab99cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
cf-cache-status: HIT
last-modified: Sun, 14 Mar 2021 14:24:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6274
etag: "604e1ca3-12e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wYw8qI4vk2ZCPK6F4mHWwfUQTUF0n6%2BGdArePgkXUn4OIoBCoDfKVMziJEqrlF7Y3xYTeTtkp%2Ffk5CcJC%2ByNNX0L6ahTzsHPS%2BVLjzDPelK4ZWcoX7wmP8bd7z2czO1ggPouMhNsVBi1mE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 76906640b8b5bbd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 302

GET
H3 200 lang__fr.png
webtrafic.ru/images/lang/ Frame A257 286 B
766 B 57ms
54ms Image
image/png 2606:4700:3031::6815:17b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webtrafic.ru/images/lang/lang__fr.png
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:17b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4352a0d79f1614b5b6cd1ecf8a90b0e1463fab675f19877bd79f934144df9ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
cf-cache-status: HIT
last-modified: Sun, 14 Mar 2021 14:24:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6336
etag: "604e1ca3-11e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tkURdmVcJutHYUxgS8oxjjXc4xf2%2FVY4GkuxKPTrA0sb9vnAddz%2BCWkSLUTEprbLDuPpaKwkQa5lkhRNtqVqdm74WHJ%2F8Ok48bV5wCbO3UXg8TWc1ASMnjVSJWIAeCKk4rpCrmM2zSGj5ws%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 76906640b8b9bbd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 286

GET
H3 200 lang__pt.png
webtrafic.ru/images/lang/ Frame A257 2 KB
2 KB 48ms
46ms Image
image/png 2606:4700:3031::6815:17b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webtrafic.ru/images/lang/lang__pt.png
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:17b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51c13c97400af32f974e0b5c938ccb7e2af6a7a59205c61b3ac34baa66f20258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
cf-cache-status: HIT
last-modified: Sun, 14 Mar 2021 14:24:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6274
etag: "604e1ca3-62d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MOpkEviXZN9RatB9SnKuzZnmAncHTnXSQ2XV3xhEq%2BMLKHj%2BfdqNDjID%2FneoKqKxEmMFAyyfktmcMczo%2FzNAYVA%2Fby8aUYCZQzEGP%2BCLBqKo%2FqUyMhXMEVaYeRwGqgGGBy52V4LvJNWwyzM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 76906640b8bebbd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1581

GET
H3 200 lang__es.png
webtrafic.ru/images/lang/ Frame A257 1 KB
2 KB 47ms
45ms Image
image/png 2606:4700:3031::6815:17b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webtrafic.ru/images/lang/lang__es.png
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:17b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81323484fb01528c9ac56bc226165b30a712823a85d9a7b7ac59e77ce1b6810f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
cf-cache-status: HIT
last-modified: Sun, 14 Mar 2021 14:24:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6274
etag: "604e1ca3-551"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tnCCMpvJ9K7Z5SsIrhb4%2Bl3%2FV2KgM%2FrPEj7mFREiShjnKWwUQBJe464%2F2or0eyT7gwWFTZ4w2pSQhwK89lHJJpVG0H%2Bvnf5RubpleymMzrmqAVNghsV3r1a6AeTHM2LWg%2FqFgdSU9sLFkLQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 76906640b8bfbbd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1361

GET
H3 200 lang__it.png
webtrafic.ru/images/lang/ Frame A257 1 KB
2 KB 58ms
56ms Image
image/png 2606:4700:3031::6815:17b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webtrafic.ru/images/lang/lang__it.png
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:17b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b636caa73945fb1e0091ac1d7358b6bc1c437f10727ae2a32b00c599dd9c82e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
cf-cache-status: HIT
last-modified: Sun, 14 Mar 2021 14:24:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6274
etag: "604e1ca3-542"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gkJsiqQeVki%2BDXwnxchKhKmz9arYSeDwb3CPuMoTKiqu2Ao7O5K0M4Zxpy%2Fo8EFI9iEB6WwbEmg4%2FlNZwPdKfCnqSxxVFbzkOUrHUY6%2BE4SQX%2BGmnonXdfh7IB5wV0yIQd1OBXO9wycdGiU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 76906640b8c1bbd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1346

GET
H3 200 lang__zh.png
webtrafic.ru/images/lang/ Frame A257 1 KB
2 KB 54ms
52ms Image
image/png 2606:4700:3031::6815:17b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webtrafic.ru/images/lang/lang__zh.png
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:17b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b585ea7c894c20dfe06b0482d86ead523f772a38318c1607886b21e972d5a61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
cf-cache-status: HIT
last-modified: Sun, 14 Mar 2021 14:24:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6274
etag: "604e1ca3-521"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0DP52Nl5niwFkikL3wXJ1UNUvdM%2FQBWcVVFrrMkuSk2WBh5Wx%2B852Ig5Qe7QGDQaTFAX1SUEIHLto4xB6GfGkj%2BKAU678vyynhw1GbjpKskRbb2rt1DUKJwawPKgp0pXXhrvHu0JySIEaAU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 76906640b8c6bbd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1313

GET
H3 200 lang__ar.png
webtrafic.ru/images/lang/ Frame A257 1 KB
2 KB 57ms
55ms Image
image/png 2606:4700:3031::6815:17b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webtrafic.ru/images/lang/lang__ar.png
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:17b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1566247e66b46645c1bf31aa31efb5d2d5c12395a9ac5d48466bb66db8ebf67e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
cf-cache-status: HIT
last-modified: Sun, 14 Mar 2021 14:24:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6274
etag: "604e1ca3-4c1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=18uVquCHKstgzQtnctm%2BDX6OcC9mWvc0Gjt93eVSm6Jm%2F32nJoDOD5W0AdHNirL5KP2Il9cgZ2xMZlgzfhOblDuwVM2WpAqDqCY1RcsDngvO5zE6bYlArazSt2Y8QnCQg7PFE12oUfZcwvw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 76906640b8cabbd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1217

GET
H3 200 lang__nl.png
webtrafic.ru/images/lang/ Frame A257 1 KB
2 KB 53ms
51ms Image
image/png 2606:4700:3031::6815:17b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webtrafic.ru/images/lang/lang__nl.png
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:17b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2b75bf36dbe5c5831874eefc44dfd61f204b664e9146e43e13bda7997fe8fa0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
cf-cache-status: HIT
last-modified: Sun, 14 Mar 2021 14:24:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6273
etag: "604e1ca3-4ab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aG2ST9bPKQzYqG3Sn%2FHqXTvZbwYnmM2UlkKVexAd0ze9Vx%2FCBlJEBQa0HmBhLRN5fzolYgnVQr%2Fm8sh1jiNBssMeIE8h0T3jCdHLRmsUM%2Fr%2Bw%2FvqYLi6ILL1Twyvl09DqI7dET191UDjkJc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 76906640b8cdbbd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1195

GET
H3 200 lang__sv.png
webtrafic.ru/images/lang/ Frame A257 1 KB
2 KB 51ms
49ms Image
image/png 2606:4700:3031::6815:17b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webtrafic.ru/images/lang/lang__sv.png
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:17b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7546f4a0d26eb4f5b653ce957356380849d80382a4cdb7521cd9923f05b87286

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
cf-cache-status: HIT
last-modified: Sun, 14 Mar 2021 14:24:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6274
etag: "604e1ca3-4f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVyiGyDjbYDEfORB5eMz%2BnMrTGbTz8NWNWEcEdSEdfD9%2BIOIjIknjtYxQPxmx8LANAoirvVSTrk3vTLdINdtF1ICmqyg4%2Fs5Vge9SDz4byAfHbou46pbaDlg6qlpzs%2FdrnRlo6qtffqBkUo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 76906640b8d2bbd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1264

GET
H2 200 2_0_FFFFFFFF_FFFFFFFF_0_visits
metrika-informer.com/informer/70669177/ Frame A257 1 KB
2 KB 276ms
85ms Image
image/png 80.239.201.105
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrika-informer.com/informer/70669177/2_0_FFFFFFFF_FFFFFFFF_0_visits

Requested by

Host: webtrafic.ru
URL: https://webtrafic.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

80.239.201.105 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),

Reverse DNS

80-239-201-105.teliacarrier-cust.com

Software

Resource Hash

9131aa7163d473e8bb424b2ede1e75f6d6d7d8b863dbdd4381d599782a649a6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
last-modified: Sat, 12-Nov-2022 15:46:16 GMT
content-type: image/png
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1472
x-xss-protection: 1; mode=block
expires: Sat, 12-Nov-2022 15:46:16 GMT

GET
H3 200 payeer.png
webtrafic.ru/img/ Frame A257 2 KB
2 KB 55ms
53ms Image
image/png 2606:4700:3031::6815:17b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webtrafic.ru/img/payeer.png
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:17b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff340ae0c91f3035c09234cccbe13f68abe1fd755ceee4ffda70f0ff5999ad3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
cf-cache-status: HIT
last-modified: Sun, 14 Mar 2021 14:24:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6274
etag: "604e1ca5-645"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7asR5RDiMRCClU%2B2IiCYjr4qQS%2BKZnu7UgsEhEg0THR%2FE0rBpGGQ0raSNi11AvwJtIyTyKMIXm1r3AmKsBrWC1ld8xfq3Ax8wzoZRzGzUjaWoPLoID1IOzyBKCDyRe2GSeiYb9WkuIh00wQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 76906640b8d3bbd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1605

GET
H3 200 yandex.png
webtrafic.ru/img/ Frame A257 2 KB
2 KB 53ms
51ms Image
image/png 2606:4700:3031::6815:17b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webtrafic.ru/img/yandex.png
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:17b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5e95e60f535db661aca0ed20f92e13caa9212e2909d39cd9724aa749352d218

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
cf-cache-status: HIT
last-modified: Sun, 14 Mar 2021 14:24:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6274
etag: "604e1ca5-770"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8GGuX66E42MPQdppBmzBszZ8xdg7rAnHjPVMdUUhpl6HkPKwqA72xVzFG7%2B7itazFyUkr%2BXaoB8V01WSXXCYmUdOz9Qrtgu5JjmAfjGIeJbF5Fy1aWpLcAPX4M1tSCY2xpDBriVReWt%2Fc3k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 76906640b8d5bbd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1904

GET
H3 200 btc.png
webtrafic.ru/img/ Frame A257 4 KB
5 KB 53ms
51ms Image
image/png 2606:4700:3031::6815:17b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webtrafic.ru/img/btc.png
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:17b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7e7035d933d7c570cf42224487bae8688355c6ece628239bf5743b388f5a31c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
cf-cache-status: HIT
last-modified: Sun, 14 Mar 2021 14:24:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6274
etag: "604e1ca4-119b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QPQeM24niaZvFY8r0d%2FlinH%2BATvb4moSAYC8IqQgo%2BfsZxnxvmblklHVrVgvBZLHEBHsuHmvfWNLGjC%2B8b7LPh5HNLGizMjcDUm22LVMjdoQq7dsf4CtfZIwOeuelHlCHhRYm50VE5RbDXA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 76906640b8d7bbd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4507

GET
H2 200 css.css
in-surf.ru/adv/ 505 B
765 B 82ms
82ms Stylesheet
text/css 78.110.50.124
HOSTING-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://in-surf.ru/adv/css.css
Requested by: Host: in-surf.ru
URL: https://in-surf.ru/adv/js.php?i=535&b=3&w=728px&u=https%3A%2F%2Fgugl.ga%2F&r=484383
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.110.50.124 Moscow, Russian Federation, ASN12616 (HOSTING-MSK, RU),
Reverse DNS: cl9-w.ht-systems.ru
Software: Apache/2.2.15 (Red Hat) mod_rpaf/0.6 PHP/5.4.45 /
Resource Hash: 7a475470de2974eac0e88b4374a94de32952dae8eeb1553b14091a045667a3de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
x-cache-lookup: MISS from hc2.hts.ru:80
last-modified: Mon, 24 Feb 2020 10:34:16 GMT
server: Apache/2.2.15 (Red Hat) mod_rpaf/0.6 PHP/5.4.45
etag: "6fc288a-1f9-59f4fe9b8fa00"
x-cache: MISS from hc2.hts.ru
content-type: text/css
accept-ranges: bytes
content-length: 505

GET
H2 200 iframe.php Show response
in-surf.ru/iframe/ 0
145 B 80ms
79ms Script
text/html 78.110.50.124
HOSTING-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://in-surf.ru/iframe/iframe.php
Requested by: Host: in-surf.ru
URL: https://in-surf.ru/adv/js.php?i=535&b=3&w=728px&u=https%3A%2F%2Fgugl.ga%2F&r=484383
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.110.50.124 Moscow, Russian Federation, ASN12616 (HOSTING-MSK, RU),
Reverse DNS: cl9-w.ht-systems.ru
Software: Apache/2.2.15 (Red Hat) mod_rpaf/0.6 PHP/5.4.45 / PHP/5.4.45
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gugl.ga/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
server: Apache/2.2.15 (Red Hat) mod_rpaf/0.6 PHP/5.4.45
x-powered-by: PHP/5.4.45
content-length: 0
content-type: text/html; charset=cp1251

GET
H3 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame A257 18 KB
4 KB 112ms
37ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.Vc127tLVbBs.O/d=1/rs=AN8SPfqoYtoeI2Vx8ajgyv27S_f2gtExlQ/m=el_conf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 14:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 12 Nov 2022 15:50:59 GMT

GET
H3 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.Vc127tLVbBs.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqoYtoeI2Vx8ajgyv27S_f2gtExlQ/ Frame A257 207 KB
207 KB 114ms
40ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.Vc127tLVbBs.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqoYtoeI2Vx8ajgyv27S_f2gtExlQ/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.Vc127tLVbBs.O/d=1/rs=AN8SPfqoYtoeI2Vx8ajgyv27S_f2gtExlQ/m=el_conf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cef9ae613e310483b7a82169bdabb06d68af52447bdf6b586b234cf97f7bfcb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 12:28:34 GMT
x-content-type-options: nosniff
age: 184661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 211458
x-xss-protection: 0
last-modified: Sun, 23 Oct 2022 01:11:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Nov 2023 12:28:34 GMT

GET
H3 200 tag.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ Frame A257 210 KB
85 KB 104ms
62ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Requested by

Host: webtrafic.ru
URL: https://webtrafic.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f2aa593046e7ccafdb3f6b20df74c3aec1db190ac849308ddd738b3bb7d8ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13549
x-jsd-version: 1.248.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19157-FRA, cache-yyz4582-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"346fc-af2z7qF2rEuERVVyudEDx70SML4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYfY7cZ84lXSj1RBSunTo%2FkwtsMnJVriWCoCYeTd5pXWC2zlXkfAhiSkP34bxkLVssjcA1Yhy%2B5En8JLW3gbSUa0QTTyjE1RUQQc0ERrh4dZbqcHTnLQm0d59qkXt9Jo3VatJWngXAuNonAjDAA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 769066410cd26945-FRA

GET
H/1.1 200
OK / Show response
payeer.com/ Frame C030 621 B
880 B 216ms
48ms Document
text/html 149.202.17.208
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://payeer.com/?session=2103954
Requested by: Host: webtrafic.ru
URL: https://webtrafic.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 149.202.17.208 , France, ASN16276 (OVH, FR),
Reverse DNS: node-9.1-208.17.202.149.vistnet.net
Software: iCore Proxy Module /
Resource Hash: 301646e034a84ff26a060ec867ebbf7c6eb8e799598804d7a6cb47869307176a

Request headers

Referer: https://webtrafic.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Date: Sat, 12 Nov 2022 15:46:15 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Server: iCore Proxy Module
Transfer-Encoding: chunked

GET
H2 200 2081947 Show response
acceptable.a-ads.com/ Frame 3660 25 KB
6 KB 172ms
54ms Document
text/html 148.251.233.147
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://acceptable.a-ads.com/2081947?size=Adaptive&background_color=f1f1f1

Requested by

Host: gugl.ga
URL: https://gugl.ga/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.251.233.147 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.147.233.251.148.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

7e77deba5346846ca4752d17d4e4a8da3406562af2b78602ab77e453435b21fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gugl.ga/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Sat, 12 Nov 2022 15:46:15 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://gugl.ga/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK banner.php Show response
regionads.ru/js/ Frame B7F8 2 KB
2 KB 118ms
117ms Document
text/html 188.120.236.88
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://regionads.ru/js/banner.php?id=840&f=728x90

Requested by

Host: gugl.ga
URL: https://gugl.ga/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.120.236.88 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

viktor13kuznetsov1.fvds.ru

Software

nginx/1.16.1 / PHP/5.3.3

Resource Hash

a3836dbed7ddf5209c3d461ac9247a80ebc5a5a38e9d1b2a8987943475471ed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://gugl.ga/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html; charset=windows-1251
Date: Sat, 12 Nov 2022 15:46:15 GMT
Server: nginx/1.16.1
Strict-Transport-Security: max-age=31536000;
Transfer-Encoding: chunked
X-Powered-By: PHP/5.3.3

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 209 KB
72 KB 410ms
183ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: gugl.ga
URL: https://gugl.ga/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ebe500e8da630b873b03057441fdf2185dbbcdeadf52a8720937ba1e67f21d83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
etag: "63575841-11ef4"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73460
expires: Sat, 12 Nov 2022 16:46:16 GMT

GET
H/1.1 200
OK 0_1639812004.gif
regionads.ru/images/slider/ 50 KB
51 KB 156ms
155ms Image
image/gif 188.120.236.88
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://regionads.ru/images/slider/0_1639812004.gif

Requested by

Host: gugl.ga
URL: https://gugl.ga/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.120.236.88 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

viktor13kuznetsov1.fvds.ru

Software

nginx/1.16.1 /

Resource Hash

a1dd2ba9bd158eea8052adb66f89d9ca4fc251c16ae615c4a35db82bd5dbdd2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sat, 12 Nov 2022 15:46:15 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Sat, 18 Dec 2021 07:20:04 GMT
Server: nginx/1.16.1
ETag: "61bd8ba4-c8ec"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51436

GET
H3 200 translateelement.css Show response
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 113ms
37ms XHR
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: gugl.ga
URL: https://gugl.ga/js/prefixfree.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 14:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 12 Nov 2022 15:50:59 GMT

GET css.css
in-surf.ru/adv/ 0
0

GET
H3 200 invisible.js Show response
www.netvisiteurs.com/cdn-cgi/challenge-platform/h/b/scripts/cb/ Frame 8776 39 KB
17 KB 53ms
53ms Script
application/javascript 2606:4700:20::681a:a2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netvisiteurs.com/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=7690663d3dda6943
Requested by: Host: gugl.ga
URL: https://gugl.ga/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:a2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a486c18a0db283dcc983c3c02abda0d240dba879879968ecb50dc8e46d4a15b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O3%2BYFSGLOgy9m9HBg5GQgJvyrY3XUR0hcXIUHe4Lbp0yIjFvd3BteqLHde%2BJkuNDJEafoRfy9wBLI9oa6jbT9qSNupJV1Tv57qXO1Q1OTbFFQk48hnGSYxd7QAnzUFUy3Js%2F1BGgGtpl1EqTYqZ70PZo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 769066413ad86933-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 204 rum Show response
www.netvisiteurs.com/cdn-cgi/ Frame 6BEE 0
144 B 45ms
44ms XHR
text/plain 2606:4700:20::681a:a2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netvisiteurs.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:a2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.netvisiteurs.com/promotion-86991.php
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type: application/json

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.netvisiteurs.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 769066413ae06933-FRA

GET
H/1.1 200
OK ra_logo.gif
regionads.ru/images/ Frame B7F8 695 B
979 B 75ms
75ms Image
image/gif 188.120.236.88
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://regionads.ru/images/ra_logo.gif

Requested by

Host: regionads.ru
URL: https://regionads.ru/js/banner.php?id=840&f=728x90

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.120.236.88 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

viktor13kuznetsov1.fvds.ru

Software

nginx/1.16.1 /

Resource Hash

df7be0d12117230256dd66d99ad9ca5febb7b3587e2ce5930a68de39399b2d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://regionads.ru/js/banner.php?id=840&f=728x90
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sat, 12 Nov 2022 15:46:15 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Sun, 23 Jun 2019 06:11:49 GMT
Server: nginx/1.16.1
ETag: "5d0f1825-2b7"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 695

GET
H/1.1 200
OK 5_1639745768.jpg
regionads.ru/images/banners/ Frame B7F8 31 KB
32 KB 226ms
153ms Image
image/jpeg 188.120.236.88
RU-JSCIOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://regionads.ru/images/banners/5_1639745768.jpg

Requested by

Host: regionads.ru
URL: https://regionads.ru/js/banner.php?id=840&f=728x90

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.120.236.88 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

viktor13kuznetsov1.fvds.ru

Software

nginx/1.16.1 /

Resource Hash

e8402e3d22b1f149ffa6d6a975688c7c90a105b6e94b2d0fd21f61388e48c047

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://regionads.ru/js/banner.php?id=840&f=728x90
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sat, 12 Nov 2022 15:46:16 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Fri, 17 Dec 2021 12:56:08 GMT
Server: nginx/1.16.1
ETag: "61bc88e8-7d69"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32105

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ Frame B7F8 209 KB
72 KB 279ms
183ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: regionads.ru
URL: https://regionads.ru/js/banner.php?id=840&f=728x90

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ebe500e8da630b873b03057441fdf2185dbbcdeadf52a8720937ba1e67f21d83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://regionads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
etag: "63575841-11ef4"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73460
expires: Sat, 12 Nov 2022 16:46:16 GMT

GET
H3 200 pica.js
www.netvisiteurs.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 8776 18 KB
8 KB 44ms
44ms Other
application/javascript 2606:4700:20::681a:a2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netvisiteurs.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: gugl.ga
URL: https://gugl.ga/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:a2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47431e117b5c259ee743306a45022ab6a55700dd5d53387d88ebf8647c6dbc76

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZHXWZbPLWbiSKpeCTIHaOuvtJCqnqMDCBDbyqqoD%2FKb4b%2FrMjEZeClRqezaRSES3BcThZD0XDTaX5lD9h430GWO4c2FXN2MzPBztWmUno8G7vsZKvDhWL63w2WKbF5fZNj59NEIJd9iJLp%2FkM4ZbCvgO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 76906641dcb26933-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
www.netvisiteurs.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 8776 19 KB
8 KB 51ms
50ms Other
application/javascript 2606:4700:20::681a:a2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netvisiteurs.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: gugl.ga
URL: https://gugl.ga/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:a2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecabf96cee00f9551f40aaad2179b2b6e506c91403112ae776fadd19460fba43

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:15 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gkXp%2FWGISxlEzHh3%2BDwV%2FNpJRPeVbvxu5VRvDkCl6VowETq5P0Z9OFKHMiXNe%2BFVF57iXxaYG2MhvcgHDeWaIJuSJ3VTVdgBLNv4d85rrcRlfXfEXsiidj2DqaNJpkpYzg5bOYCaIjxAq5tyP8gRl%2Bf3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 76906641ecd36933-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 728x90
static.a-ads.com/a-ads-banners/393754/ Frame 3660 674 KB
676 KB 61ms
39ms Image
image/gif 148.251.233.147
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393754/728x90?region=eu-central-1
Requested by: Host: acceptable.a-ads.com
URL: https://acceptable.a-ads.com/2081947?size=Adaptive&background_color=f1f1f1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.233.147 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.147.233.251.148.clients.your-server.de
Software: nginx /
Resource Hash: 7a83dde0ee9f06593519e9556f86281d967a2b64a7c7903b56575b53935ce2a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acceptable.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:16 GMT
x-amz-version-id: Cv2H_W5cOvreEnPXeLYKrZR901XKye4u
last-modified: Tue, 31 May 2022 13:28:31 GMT
server: nginx
x-amz-request-id: FSV0FZHVCPHP4MBM
etag: "17ab32789bf26b9a63481f7a9a076d53"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 690666
x-amz-id-2: 7pLiMoSpAMWZBU4lRbQKZ3SOEPvEIzdn0JvppaXD17w9ekg6CmnpAFcDb+07usA1Tpnjh0ZchaE=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/70669177/ Frame A257
Redirect Chain

https://mc.yandex.ru/watch/70669177?wmode=7&page-url=https%3A%2F%2Fwebtrafic.ru%2F&page-ref=https%3A%2F%2Fgugl.ga%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A15m5t3makqb6yg1f8bcanw%3Afu...
https://mc.yandex.ru/watch/70669177/1?wmode=7&page-url=https%3A%2F%2Fwebtrafic.ru%2F&page-ref=https%3A%2F%2Fgugl.ga%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A15m5t3makqb6yg1f8bcanw%3A...

420 B
501 B

94ms
93ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/70669177/1?wmode=7&page-url=https%3A%2F%2Fwebtrafic.ru%2F&page-ref=https%3A%2F%2Fgugl.ga%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A15m5t3makqb6yg1f8bcanw%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A722615464841%3Ahid%3A973057815%3Az%3A0%3Ai%3A20221112154616%3Aet%3A1668267976%3Ac%3A1%3Arn%3A707834462%3Arqn%3A1%3Au%3A16682679761004679598%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C211%2C1%2C0%2C0%2C%2C397%2C0%2C%2C%2C%2C611%3Acpf%3A1%3Ans%3A1668267975184%3Arqnl%3A1%3Ast%3A1668267976%3At%3AWEBTRAFIC.RU%20%7C%20%D0%A1%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29

Requested by

Host: webtrafic.ru
URL: https://webtrafic.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

d308dd215dfb4c08bf06a3ee8149cdc732e598d41b873bda21994e47440e39e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 15:46:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 12-Nov-2022 15:46:16 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://webtrafic.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 420
x-xss-protection: 1; mode=block
expires: Sat, 12-Nov-2022 15:46:16 GMT

Redirect headers

pragma: no-cache
date: Sat, 12 Nov 2022 15:46:16 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 12-Nov-2022 15:46:16 GMT
location: /watch/70669177/1?wmode=7&page-url=https%3A%2F%2Fwebtrafic.ru%2F&page-ref=https%3A%2F%2Fgugl.ga%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A15m5t3makqb6yg1f8bcanw%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A722615464841%3Ahid%3A973057815%3Az%3A0%3Ai%3A20221112154616%3Aet%3A1668267976%3Ac%3A1%3Arn%3A707834462%3Arqn%3A1%3Au%3A16682679761004679598%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C211%2C1%2C0%2C0%2C%2C397%2C0%2C%2C%2C%2C611%3Acpf%3A1%3Ans%3A1668267975184%3Arqnl%3A1%3Ast%3A1668267976%3At%3AWEBTRAFIC.RU%20%7C%20%D0%A1%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29
access-control-allow-origin: https://webtrafic.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 12-Nov-2022 15:46:16 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ Frame A257 43 B
112 B 349ms
348ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: webtrafic.ru
URL: https://webtrafic.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:16 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
etag: "63575841-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 12 Nov 2022 16:46:16 GMT

GET
H/1.1

200
OK

/
payeer.com/en/ Frame C030
Redirect Chain

https://payeer.com/iproxy/j?TXMvj4j4wbLa1GWaS/iSoi8/c2Vzc2lvbj0yMTAzOTU0
https://payeer.com/?session=2103954
https://payeer.com/en/

0
0

89ms
89ms

Document
text/html

149.202.17.208
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payeer.com/en/

Requested by

Host: payeer.com
URL: https://payeer.com/?session=2103954

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

149.202.17.208 , France, ASN16276 (OVH, FR),

Reverse DNS

node-9.1-208.17.202.149.vistnet.net

Software

iCore Proxy Module /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://payeer.com/?session=2103954
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 12 Nov 2022 15:46:16 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: iCore Proxy Module
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sat, 12 Nov 2022 15:46:16 GMT
Location: /en/
Server: iCore Proxy Module
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
DATA 200
OK truncated Show response
/ Frame 2CA2 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f10fc73f171d7f29cf50a928c6e1752c21bbeae061df4b85867915740372d531

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ Frame A257 846 B
1 KB 120ms
38ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: webtrafic.ru
URL: https://webtrafic.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://webtrafic.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:22:11 GMT
x-content-type-options: nosniff
age: 1445
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 12 Nov 2023 15:22:11 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
905 B 116ms
39ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.Vc127tLVbBs.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqoYtoeI2Vx8ajgyv27S_f2gtExlQ/m=el_main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:22:11 GMT
x-content-type-options: nosniff
age: 1445
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 12 Nov 2023 15:22:11 GMT

GET
DATA 200
OK truncated Show response
/ Frame C350 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f10fc73f171d7f29cf50a928c6e1752c21bbeae061df4b85867915740372d531

Request headers

Referer: https://gugl.ga/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
1023 B 115ms
41ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: gugl.ga
URL: https://gugl.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 20:09:01 GMT
x-content-type-options: nosniff
age: 70635
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 910
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 11 Nov 2023 20:09:01 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 104ms
40ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: gugl.ga
URL: https://gugl.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:33:35 GMT
x-content-type-options: nosniff
age: 761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 12 Nov 2023 15:33:35 GMT

POST
H3 200 7690663d3dda6943 Show response
www.netvisiteurs.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 8776 2 B
659 B 78ms
78ms XHR
text/plain 2606:4700:20::681a:a2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netvisiteurs.com/cdn-cgi/challenge-platform/h/b/cv/result/7690663d3dda6943
Requested by: Host: www.netvisiteurs.com
URL: https://www.netvisiteurs.com/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=7690663d3dda6943
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:a2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 12 Nov 2022 15:46:16 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PH%2B5amG9PINF4z%2BQUTfEnBTxwg0xUOy49aBfxV83cbRTHjiZxMaawWzgwL%2BOykgjqMyEeZhxjuoGEunphV91ZSfYjQrcdJpuRYs6Nu6UsHHxKvjRVDTDSuuS0IO947t3oHaZV58BakZQegc2BmqkvcZU"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 769066441b036933-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 7690663d3dda6943 Show response
www.netvisiteurs.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 8776 2 B
662 B 70ms
70ms XHR
text/plain 2606:4700:20::681a:a2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netvisiteurs.com/cdn-cgi/challenge-platform/h/b/cv/result/7690663d3dda6943
Requested by: Host: www.netvisiteurs.com
URL: https://www.netvisiteurs.com/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=7690663d3dda6943
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:a2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 12 Nov 2022 15:46:16 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1Ch9xfsqPKC%2FhehDOISqMf1m3zn5SAoCImZYrZpgzmWB5nndstwXPXYnC51bpEqBklPutHdMl68fZ86wg%2BC8ocRwTaAChJQKusp67IPu8opkj%2BR1an4MZjnZZPZcT5VETglmrvuKuMX%2BgK2iwIikV%2FS"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 76906644ccc16933-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9820.wqmPjcI440ayydCP3WJzK3ZU8itZRH84Lm4AF3SHzsw7f9bvkipi-JzMpees-fVW.ZXjwjhR9EZe2MqIJUKnR5MubeE0%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9820.k6ACWNMoJkrvRIGRQMocDW_WptflV0LtTTKilf5SjxJ032c9nuOSUcdJ0u0_0QGem6bWbKRfWd3njoRn8dmrhiXSX8Druiu-OUzVC_YZtB8%2C.Rsq-YQ1PYYUEf17mhF4He897eR4%2C

43 B
584 B

98ms
98ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9820.k6ACWNMoJkrvRIGRQMocDW_WptflV0LtTTKilf5SjxJ032c9nuOSUcdJ0u0_0QGem6bWbKRfWd3njoRn8dmrhiXSX8Druiu-OUzVC_YZtB8%2C.Rsq-YQ1PYYUEf17mhF4He897eR4%2C

Requested by

Host: gugl.ga
URL: https://gugl.ga/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:16 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9820.k6ACWNMoJkrvRIGRQMocDW_WptflV0LtTTKilf5SjxJ032c9nuOSUcdJ0u0_0QGem6bWbKRfWd3njoRn8dmrhiXSX8Druiu-OUzVC_YZtB8%2C.Rsq-YQ1PYYUEf17mhF4He897eR4%2C
date: Sat, 12 Nov 2022 15:46:16 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
72 B 168ms
91ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: gugl.ga
URL: https://gugl.ga/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:16 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
etag: "63575841-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 12 Nov 2022 16:46:16 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/54518020/ Frame B7F8
Redirect Chain

https://mc.yandex.com/watch/54518020?wmode=7&page-url=https%3A%2F%2Fregionads.ru%2Fjs%2Fbanner.php%3Fid%3D840%26f%3D728x90&page-ref=https%3A%2F%2Fgugl.ga%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr...
https://mc.yandex.com/watch/54518020/1?wmode=7&page-url=https%3A%2F%2Fregionads.ru%2Fjs%2Fbanner.php%3Fid%3D840%26f%3D728x90&page-ref=https%3A%2F%2Fgugl.ga%2F&charset=utf-8&browser-info=pv%3A1%3Agd...

439 B
487 B

98ms
98ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/54518020/1?wmode=7&page-url=https%3A%2F%2Fregionads.ru%2Fjs%2Fbanner.php%3Fid%3D840%26f%3D728x90&page-ref=https%3A%2F%2Fgugl.ga%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfm45xylrqz94o3kspt6k%3Afp%3A208%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1333921749911%3Ahid%3A836288115%3Az%3A0%3Ai%3A20221112154616%3Aet%3A1668267976%3Ac%3A1%3Arn%3A436531466%3Arqn%3A1%3Au%3A166826797646863856%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C117%2C1%2C1%2C0%2C%2C12%2C0%2C%2C%2C%2C132%3Acpf%3A1%3Ans%3A1668267975793%3Arqnl%3A1%3Ast%3A1668267976%3At%3ARegionAds.ru&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29

Requested by

Host: gugl.ga
URL: https://gugl.ga/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

a17af1d4adc32fb872ce773beb3915899b5f0851513250fe5396fe4555b5ed3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://regionads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 15:46:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 12-Nov-2022 15:46:16 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://regionads.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 439
x-xss-protection: 1; mode=block
expires: Sat, 12-Nov-2022 15:46:16 GMT

Redirect headers

pragma: no-cache
date: Sat, 12 Nov 2022 15:46:16 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 12-Nov-2022 15:46:16 GMT
location: /watch/54518020/1?wmode=7&page-url=https%3A%2F%2Fregionads.ru%2Fjs%2Fbanner.php%3Fid%3D840%26f%3D728x90&page-ref=https%3A%2F%2Fgugl.ga%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfm45xylrqz94o3kspt6k%3Afp%3A208%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A1333921749911%3Ahid%3A836288115%3Az%3A0%3Ai%3A20221112154616%3Aet%3A1668267976%3Ac%3A1%3Arn%3A436531466%3Arqn%3A1%3Au%3A166826797646863856%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C117%2C1%2C1%2C0%2C%2C12%2C0%2C%2C%2C%2C132%3Acpf%3A1%3Ans%3A1668267975793%3Arqnl%3A1%3Ast%3A1668267976%3At%3ARegionAds.ru&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29
access-control-allow-origin: https://regionads.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 12-Nov-2022 15:46:16 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/54517903/ Frame B7F8
Redirect Chain

https://mc.yandex.com/watch/54517903?wmode=7&page-url=https%3A%2F%2Fregionads.ru%2Fjs%2Fbanner.php%3Fid%3D840%26f%3D728x90&page-ref=https%3A%2F%2Fgugl.ga%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr...
https://mc.yandex.com/watch/54517903/1?wmode=7&page-url=https%3A%2F%2Fregionads.ru%2Fjs%2Fbanner.php%3Fid%3D840%26f%3D728x90&page-ref=https%3A%2F%2Fgugl.ga%2F&charset=utf-8&browser-info=pv%3A1%3Agd...

439 B
530 B

94ms
93ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/54517903/1?wmode=7&page-url=https%3A%2F%2Fregionads.ru%2Fjs%2Fbanner.php%3Fid%3D840%26f%3D728x90&page-ref=https%3A%2F%2Fgugl.ga%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfm45xylrqz94o3kspt6k%3Afp%3A208%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A1128563284859%3Ahid%3A836288115%3Az%3A0%3Ai%3A20221112154616%3Aet%3A1668267976%3Ac%3A1%3Arn%3A95566174%3Arqn%3A1%3Au%3A166826797646863856%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C117%2C1%2C1%2C0%2C%2C12%2C0%2C%2C%2C%2C132%3Acpf%3A1%3Ans%3A1668267975793%3Arqnl%3A1%3Ast%3A1668267976%3At%3ARegionAds.ru&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29

Requested by

Host: regionads.ru
URL: https://regionads.ru/js/banner.php?id=840&f=728x90

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

84417a63d58d94d3d677e951305e5361a3cf1a6c332861c5fb1a2052883762fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://regionads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 15:46:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 12-Nov-2022 15:46:16 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://regionads.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 439
x-xss-protection: 1; mode=block
expires: Sat, 12-Nov-2022 15:46:16 GMT

Redirect headers

pragma: no-cache
date: Sat, 12 Nov 2022 15:46:16 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 12-Nov-2022 15:46:16 GMT
location: /watch/54517903/1?wmode=7&page-url=https%3A%2F%2Fregionads.ru%2Fjs%2Fbanner.php%3Fid%3D840%26f%3D728x90&page-ref=https%3A%2F%2Fgugl.ga%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfm45xylrqz94o3kspt6k%3Afp%3A208%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A0%3Als%3A1128563284859%3Ahid%3A836288115%3Az%3A0%3Ai%3A20221112154616%3Aet%3A1668267976%3Ac%3A1%3Arn%3A95566174%3Arqn%3A1%3Au%3A166826797646863856%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C117%2C1%2C1%2C0%2C%2C12%2C0%2C%2C%2C%2C132%3Acpf%3A1%3Ans%3A1668267975793%3Arqnl%3A1%3Ast%3A1668267976%3At%3ARegionAds.ru&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29
access-control-allow-origin: https://regionads.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 12-Nov-2022 15:46:16 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame B7F8 43 B
161 B 144ms
90ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://regionads.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:16 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
etag: "63575841-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 12 Nov 2022 16:46:16 GMT

GET
H2 200 87213356 Show response
mc.yandex.com/watch/ 462 B
725 B 99ms
98ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/87213356?wmode=7&page-url=https%3A%2F%2Fgugl.ga%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfm45xylrqz94o3kspt6k%3Afp%3A720%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A953425592162%3Ahid%3A211644022%3Az%3A0%3Ai%3A20221112154616%3Aet%3A1668267976%3Ac%3A1%3Arn%3A600522519%3Arqn%3A1%3Au%3A1668267976272013055%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A71%2C162%2C157%2C1%2C%2C0%2C%2C1227%2C10%2C%2C%2C%2C1619%3Acpf%3A1%3Ans%3A1668267974189%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1668267977%3At%3AGugl.Ga%20-%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%B0%20%26%20%D0%91%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%B0%D1%8F%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%B0&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

afca94f16485395ca4cc1031ae64618fd9599e031ede27fd74f26817f4c21dbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gugl.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 15:46:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 12-Nov-2022 15:46:16 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gugl.ga
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 462
x-xss-protection: 1; mode=block
expires: Sat, 12-Nov-2022 15:46:16 GMT

POST
H2 200 87213356 Show response
mc.yandex.com/webvisor/ 43 B
73 B 1173ms
99ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/87213356?wmode=0&wv-part=1&wv-hit=211644022&page-url=https%3A%2F%2Fgugl.ga%2F&rn=274756179&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1668267978%3Aw%3A1600x1200%3Av%3A921%3Az%3A0%3Ai%3A20221112154617%3Au%3A1668267976272013055%3Avf%3Ahfm45xylrqz94o3kspt6k%3Awe%3A1%3Ast%3A1668267978&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gugl.ga/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 15:46:18 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 12-Nov-2022 15:46:18 GMT
content-type: image/gif
access-control-allow-origin: https://gugl.ga
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 12-Nov-2022 15:46:18 GMT

POST
H2 200 87213356 Show response
mc.yandex.com/webvisor/ 43 B
145 B 1163ms
92ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/87213356?wmode=0&wv-part=2&wv-hit=211644022&page-url=https%3A%2F%2Fgugl.ga%2F&rn=785865379&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1668267978%3Aw%3A1600x1200%3Av%3A921%3Az%3A0%3Ai%3A20221112154617%3Au%3A1668267976272013055%3Avf%3Ahfm45xylrqz94o3kspt6k%3Awe%3A1%3Ast%3A1668267978&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gugl.ga/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 15:46:18 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 12-Nov-2022 15:46:18 GMT
content-type: image/gif
access-control-allow-origin: https://gugl.ga
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 12-Nov-2022 15:46:18 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211090101/ Frame F5B7 355 KB
117 KB 161ms
83ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2242642741687493&plah=crypto-fire.website&bust=31070852

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc04fd4465fb5c457213d1d159c8066ed348485dd2f8e1682e5cad5db7bdc91e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crypto-fire.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119544
x-xss-protection: 0
server: cafe
etag: 13604051164214263320
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 12 Nov 2022 15:46:18 GMT

GET
H3 200 fon.png
crypto-fire.website/img/ Frame F5B7 719 KB
720 KB 47ms
47ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto-fire.website/img/fon.png
Requested by: Host: crypto-fire.website
URL: https://crypto-fire.website/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bc529fcb19b19a70d19cb4f3180ca15f96c05c099fee22ea4ce15b886c8078a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crypto-fire.website/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77320
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 736337
last-modified: Fri, 22 Oct 2021 11:25:12 GMT
server: cloudflare
etag: "61729f98-b3c51"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ze7bXTLzb2Uawi%2F6CMcKCkGkc5Mkt%2BNSxCsnSSuQ8cFgTMWqiEmh%2BRLSOYDyni1RqJX%2B56uF2vflXdTArqNro63U2JP29akjtdaZQT7pZYYh1EGMzQXWnQggOcF%2B25kJNFshNI6ZjwmadRC6Q49vuuON"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 769066519f8a90af-FRA
expires: Fri, 18 Nov 2022 18:17:38 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221109/r20190131/ Frame 7EA2 10 KB
5 KB 119ms
36ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221109/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://crypto-fire.website/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 16760
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Nov 2022 11:06:58 GMT
etag: 10353107486223812946
expires: Sat, 26 Nov 2022 11:06:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 177695486dadef214c87b333f6b66049.jpeg
linkslot.ru/uploads/ Frame F5B7 40 KB
40 KB 106ms
65ms Image
image/jpeg 2606:4700:3034::6815:4e27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkslot.ru/uploads/177695486dadef214c87b333f6b66049.jpeg
Requested by: Host: crypto-fire.website
URL: https://crypto-fire.website/mine/partner/dexeeck
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4e27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8266979dd013e8719481737abe5d5eccb5b9cb507f9406f866012de27e35141

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crypto-fire.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:18 GMT
cf-cache-status: HIT
last-modified: Sat, 12 Nov 2022 12:35:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4249
etag: "636f92fd-9fb9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2Blenxl2Hib6FAopY87E0ABDd1MUWa%2FbkWKZxW3Sx1V8b1C130jplh%2FhiPB9zCOtCewEA1sKgHBUSGnMrVHk9WdNECtNEZDDkGhSN4gkRYEQNL6VesobCdSuglm0k42bn13gOXA%2F%2FM2A6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 769066522d34bb9d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40889

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame F5B7 107 B
792 B 140ms
48ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=crypto-fire.website

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2242642741687493&plah=crypto-fire.website&bust=31070852

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crypto-fire.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame F5B7 107 B
549 B 140ms
52ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=crypto-fire.website

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crypto-fire.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4782 603 B
68 B 139ms
62ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2242642741687493&output=html&adk=1812271804&adf=3279755396&plat=1%3A147968%2C2%3A147968%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fgugl.ga%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668267978478&bpp=2&bdt=2933&idt=265&shv=r20221109&mjsv=m202211090101&ptt=9&saldr=aa&nras=1&correlator=4562689546154&frm=24&ife=1&pv=2&ga_vid=93552599.1668267979&ga_sid=1668267979&ga_hid=988924646&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2233692847&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070852%2C44770881%2C44774292%2C44773747&oid=2&pvsid=3041029479357777&tmod=770958068&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.ro8wk4wh6zih&fsb=1&dtd=276

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://crypto-fire.website/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 12 Nov 2022 15:46:18 GMT
expires: Sat, 12 Nov 2022 15:46:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F5B7 14 KB
11 KB 85ms
85ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66cbd092730b5c189873f4f62af162587a69fb7fcfe14d01f75d08a96a985f2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crypto-fire.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11029
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F5B7 17 KB
7 KB 144ms
60ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crypto-fire.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 12 Nov 2022 15:46:19 GMT

POST
H2 200 54518020 Show response
mc.yandex.com/webvisor/ Frame B7F8 43 B
145 B 98ms
98ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/54518020?wmode=0&wv-part=1&wv-hit=836288115&page-url=https%3A%2F%2Fregionads.ru%2Fjs%2Fbanner.php%3Fid%3D840%26f%3D728x90&rn=233305679&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1668267979%3Aw%3A728x90%3Av%3A921%3Az%3A0%3Ai%3A20221112154619%3Au%3A166826797646863856%3Avf%3Ahfm45xylrqz94o3kspt6k%3Awe%3A1%3Ast%3A1668267979&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://regionads.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 15:46:19 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 12-Nov-2022 15:46:19 GMT
content-type: image/gif
access-control-allow-origin: https://regionads.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 12-Nov-2022 15:46:19 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 55AC 13 KB
5 KB 114ms
37ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://crypto-fire.website/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2161
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 12 Nov 2022 15:10:18 GMT
expires: Sun, 12 Nov 2023 15:10:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CEB5 783 B
1 KB 128ms
46ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

788aebd0334838df69a8599416667dee7e4fbd00cb2b8d14974d19e68a0d93ee

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IQaznNHowE3Kk1o4Ft4eTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://crypto-fire.website/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-IQaznNHowE3Kk1o4Ft4eTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 12 Nov 2022 15:46:19 GMT
expires: Sat, 12 Nov 2022 15:46:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 87213356 Show response
mc.yandex.com/webvisor/ 43 B
73 B 91ms
91ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/87213356?wmode=0&wv-part=1&wv-hit=211644022&page-url=https%3A%2F%2Fgugl.ga%2F&rn=381338185&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1668267979%3Aw%3A1600x1200%3Av%3A921%3Az%3A0%3Ai%3A20221112154619%3Au%3A1668267976272013055%3Avf%3Ahfm45xylrqz94o3kspt6k%3Awe%3A1%3Ast%3A1668267979&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gugl.ga/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 15:46:19 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 12-Nov-2022 15:46:19 GMT
content-type: image/gif
access-control-allow-origin: https://gugl.ga
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 12-Nov-2022 15:46:19 GMT

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame 55AC 36 KB
16 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 17:49:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Nov 2023 17:49:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CEB5 0
0 70ms
70ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221109&jk=3041029479357777&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

POST
H2 200 87213356 Show response
mc.yandex.com/webvisor/ 43 B
73 B 97ms
97ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/87213356?wmode=0&wv-part=3&wv-hit=211644022&page-url=https%3A%2F%2Fgugl.ga%2F&rn=254100347&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1668267979%3Aw%3A1600x1200%3Av%3A921%3Az%3A0%3Ai%3A20221112154619%3Au%3A1668267976272013055%3Avf%3Ahfm45xylrqz94o3kspt6k%3Awe%3A1%3Ast%3A1668267979&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gugl.ga/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 15:46:19 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 12-Nov-2022 15:46:19 GMT
content-type: image/gif
access-control-allow-origin: https://gugl.ga
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 12-Nov-2022 15:46:19 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 55AC 0
10 B 37ms
36ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?i9hYiA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 15:46:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 200 54518020 Show response
mc.yandex.com/webvisor/ Frame B7F8 43 B
73 B 92ms
92ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/54518020?wmode=0&wv-part=1&wv-hit=836288115&page-url=https%3A%2F%2Fregionads.ru%2Fjs%2Fbanner.php%3Fid%3D840%26f%3D728x90&rn=21887189&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1668267979%3Aw%3A728x90%3Av%3A921%3Az%3A0%3Ai%3A20221112154619%3Au%3A166826797646863856%3Avf%3Ahfm45xylrqz94o3kspt6k%3Awe%3A1%3Ast%3A1668267979&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://regionads.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 12 Nov 2022 15:46:19 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 12-Nov-2022 15:46:19 GMT
content-type: image/gif
access-control-allow-origin: https://regionads.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 12-Nov-2022 15:46:19 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F5B7 0
0 75ms
74ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221109&jk=3041029479357777&bg=!mZqlmt7NAAbvMpMzzzI7ACkAdvg8Wli5uYbKYcXmBIHA3ShoHpaCigP_YMHvDulzJ4rF3nwhqqKrigIAAABUUgAAAARoAQcKADnTDJ_GnwVqROij8KjZ4wSlR6NHm6a1Sb3-cWjfxfTJZb7kkLrchVTgkCPZk-8CRVtWWi_iY17Uj-OZAsAU7aNOI3o2q6XCQbB0fC3yTbvnfF6yZgXE36MLAnHOT0Xi2NLldSKltuoSDQNO4nn2pAPAMBTywKS5DMG60fOJVi3gwXEIXur-_XQe_ALL55NN5WhwMIhUsplwcG5HY-713hLYGV2JJCOcKc_V6wMdyVG9HL04FnUuq7EDbPUIBUrbbm_r4boIRLH8UhD3c3V0EJ3I2UgHA2Mp1OadRSMMWMQbnO2_FchrCxePHDrpt6R76Rw9HjzHu2tIhqVqze-vOD8qW4QjdP0owhDPOMD8B6v2geoHZlwnyypGNt-XKrLtxFKe97ANyRyywqHxIipEVEFJmbpzIVmvJakdVGjcYS1LFLQWvtWHXczOju_G8tRTvIoVEGRfj5n_t2eo5GuoBI4hceJnYeKZrSOpWECB4fujZn7d-bwT-KjcN67bkrZICqUqjgTtk8KiLS4ggBx_JHGndb5G8QxjYZhSPqgi-ji4INLUTzjIzwdU8dDQ10z97TT4WoTw8Ug8HiRPBQo7yW8tXRGkXgH6RlSPhNdOCUw408-DuPctjndIfoU0BrAUFlUGsr9TqIffQXUWRrGxu_UEVctg_9hFYRxIpC33izlEgjMuK4M0Q0THNIMlbjFgZdx3pQecu8b27Rj6_UxDy9Tn6sg4VZHwRrFq6NA-0gJIPsd1NfGR_43jXTGH-x2hVQCNUFZhbhaPTkq178AZAfc0oXGVnBu2onNiPs7S-5hQzO4X40W82_T3NPUfvKb28pzPkaTdfWQhkT_5ntS1UOZnWBLkxT5ftd38mjLLKpnqmErQdf8gh71IFNw-Rha7mymxYXULmrylMYmoOR-4KR4MFmA0OqvGaLWjrUQ_iXxO_ADDENc9kNdsbL9vIe8b9Wh1pmTpmQ_sgKIa8_SfWGS_Yp2shLic8o8S0WaoIirfu_YnOLJL1h_3PJhE5A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://crypto-fire.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: in-surf.ru
URL: https://in-surf.ru/adv/css.css

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gugl.ga/	1969-12-31 23:59:59	Name: PHPSESSID Value: 53a1dd875bbe59d1d0394a87b9d1bb12
.webtrafic.ru/	1970-01-20 16:10:03	Name: _ym_uid Value: 16682679761004679598
.webtrafic.ru/	1970-01-20 16:10:03	Name: _ym_d Value: 1668267976
.yandex.ru/	1970-01-20 16:10:03	Name: yandexuid Value: 1169660391668267976
.yandex.ru/	1970-01-20 16:10:03	Name: yuidss Value: 1169660391668267976
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1885058251668267976
.yandex.ru/	1970-01-20 17:00:27	Name: i Value: QJgImEXKGp1xygH0sQm1la7qaP51ijSStmF5s0hjzVfRDuvX1kmfUqiehu2ydnfRuUpLrRxBveyo8Birm1mOlOHcXog=
.yandex.ru/	1970-01-20 16:10:03	Name: ymex Value: 1699803976.yrts.1668267976#1699803976.yrtsi.1668267976
.webtrafic.ru/	1970-01-20 07:25:39	Name: _ym_isad Value: 2
.gugl.ga/	1970-01-20 16:10:03	Name: _ym_uid Value: 1668267976272013055
.gugl.ga/	1970-01-20 16:10:03	Name: _ym_d Value: 1668267976
.regionads.ru/	1970-01-20 16:10:03	Name: _ym_uid Value: 166826797646863856
.regionads.ru/	1970-01-20 16:10:03	Name: _ym_d Value: 1668267976
.netvisiteurs.com/	1970-01-20 07:24:29	Name: __cf_bm Value: tWg95grtsGANLe9dzJ21fblSuaDbRCdAhMxNU6REcoo-1668267976-0-ATngy0bPJ6FtHBPRJQAzF3eZmLX2hSZzvT2PM1L7TNCfHmfbVSTcwlSYAV1qaZcu9WoEGsKiXCRzuyxCl+ozf9+EFlIr71yUR7yvDtcg7mPtQqYxwNmDeZ/wIRdwU/uIOw==
payeer.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: ljuqo5m2l7ofgdi4g56qe9colkbusbbj5riqffq5r0d6laroon4dlqqjlfuate2jsdl58k9b6dbghfbbu9a6lu3acrqid0n0e9p50d2
.regionads.ru/	1970-01-20 07:25:39	Name: _ym_isad Value: 2
.gugl.ga/	1970-01-20 07:25:39	Name: _ym_isad Value: 2
.mc.yandex.com/	1970-01-20 07:24:28	Name: sync_cookie_csrf Value: 2359483461fake
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2292018671668267976
.mc.yandex.ru/	1970-01-20 07:24:28	Name: sync_cookie_csrf Value: 4029241377fake
.regionads.ru/	1970-01-20 07:24:29	Name: _ym_visorc Value: w
.yandex.com/	1970-01-20 17:00:27	Name: yandexuid Value: 1169660391668267976
.yandex.com/	1970-01-20 17:00:27	Name: yuidss Value: 1169660391668267976
.yandex.com/	1970-01-20 17:00:27	Name: yp Value: 1668354376.yu.3133029551668267976
.yandex.com/	1970-01-20 16:10:03	Name: ymex Value: 1670859976.oyu.3133029551668267976#1699803976.yrts.1668267976#1699803976.yrtsi.1668267976
.mc.yandex.com/	1970-01-20 07:25:54	Name: sync_cookie_ok Value: synced
.yandex.com/	1970-01-20 17:00:27	Name: i Value: J1GmHUeznWIb7ypjwsJpwhJl1DLdmRgH5SBxVwrMOV/tjVjh8MvP9Xd2X4USPU5UkN+LwNZzG2zygb4Aghv1OY4D1n0=
.gugl.ga/	1970-01-20 07:24:29	Name: _ym_visorc Value: w
.doubleclick.net/	1970-01-20 07:24:28	Name: test_cookie Value: CheckForPermission

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://gugl.ga/css/icons/js/all.css Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://gugl.ga/(Line 214) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://in-surf.ru/adv/js.php?i=535&b=3&w=728px&u=https%3A%2F%2Fgugl.ga%2F&r=484383, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://gugl.ga/(Line 214) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://in-surf.ru/adv/js.php?i=535&b=3&w=728px&u=https%3A%2F%2Fgugl.ga%2F&r=484383, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://in-surf.ru/adv/js.php?i=535&b=3&w=728px&u=https%3A%2F%2Fgugl.ga%2F&r=484383 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://in-surf.ru/iframe/iframe.php, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://in-surf.ru/adv/js.php?i=535&b=3&w=728px&u=https%3A%2F%2Fgugl.ga%2F&r=484383 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://in-surf.ru/iframe/iframe.php, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	error	URL: https://gugl.ga/ Message: Access to XMLHttpRequest at 'https://in-surf.ru/adv/css.css' from origin 'https://gugl.ga' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://in-surf.ru/adv/css.css Message: Failed to load resource: net::ERR_FAILED
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://payeer.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

468.surf
acceptable.a-ads.com
adservice.google.com
adservice.google.de
cdn.jsdelivr.net
code.jquery.com
crypto-fire.website
googleads.g.doubleclick.net
gugl.ga
images.weserv.nl
imdbux.com
in-surf.ru
linkslot.ru
mc.yandex.com
mc.yandex.ru
metrika-informer.com
pagead2.googlesyndication.com
payeer.com
redsurf.ru
regionads.ru
static.a-ads.com
static.cloudflareinsights.com
tpc.googlesyndication.com
translate.google.com
translate.googleapis.com
unitraffic.net
webtrafic.ru
www.google.com
www.googletagmanager.com
www.gstatic.com
www.netvisiteurs.com
in-surf.ru
148.251.233.147
149.202.17.208
188.120.236.88
2001:4de0:ac18::1:a:1b
2606:4700:20::681a:a2f
2606:4700:20::ac43:4453
2606:4700:3031::6815:17b9
2606:4700:3034::6815:4e27
2606:4700:3034::6815:5922
2606:4700::6810:3965
2606:4700::6810:5614
2a00:1450:4001:801::2008
2a00:1450:4001:802::2002
2a00:1450:4001:810::2004
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::200e
2a02:6b8::1:119
2a06:98c1:3120::3
31.31.198.105
37.1.216.156
5.187.6.123
78.110.50.124
80.239.201.105
85.208.187.144
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01892468d17dd0e7d8e1f4725608488b8f11b25ae4c63640c3efc74dea845e29
06323e048f41aef56c7753ecbb5a7a3c91113ea1a2514905c30e049cfcf06be3
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a0add16f90f3cbadc33a8374badbe5a35ef574e86404c6e177f6f179a5fe7b8
0d9027289ffa5d9f6c8b4e0782bb31bbff2cef5ee3708ccbcb7a22df9128bb21
0e84faefaf7324312620feaecb1cc52fdad0b870ed79e0e1fca8179c18555330
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
128e3065a4f39914c4110615426f8783b0f76f06514f9d5d9869e137dab06dad
13d0a1834bdfe11c9b86dfdd65c16d8134ae8b3bdb0cedc2ae4207b521f03fd6
154fda8f4a115fbd1d424d1e777d6866504f59d24212573742ab647f671f9627
1566247e66b46645c1bf31aa31efb5d2d5c12395a9ac5d48466bb66db8ebf67e
188eb686cb3f43df6923ef93027c80f42d03026af33dfe9512461b2997f7876d
195f1be8beee0dd767c26cd69f138e294b163b7c1f7dc3127f7c3a9c590618b4
1a02638af64044a18e7e8489e13fd4ce0cc537e09a97ea71c416b6cd4a0f458b
1a634416a45d5b46ca42d0f727f9f488aac58ac040ce1d800748f7c9a06ab141
1d4d9d85b55d8468bf31debe61aad6da808ef389ec72b1e677bf68c46c867b8f
1f2ad3667151fc31d5de0670357709153ec32b29eb9fa3be061a398dd2cf01ba
222d75918bb518d46a4d283da7de243b4409d597a8c6856070a07e96b600e6d7
22afd4aaee14dea5dd0e34ac845e57585b18db3ef1d3390170ec8b7428ab99cc
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
270665a3d97e7d35e67813df4aef7c8dd7a31ba1795c72568a74e796337aa193
2a486c18a0db283dcc983c3c02abda0d240dba879879968ecb50dc8e46d4a15b
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
301646e034a84ff26a060ec867ebbf7c6eb8e799598804d7a6cb47869307176a
329f79c0441a8516e75e17ea8a736903a739d32f97b35af8b5f6ed72a76173d4
39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b
40ab0146feecfcf7cebdc86be12afdc113910bf15977d232916dd9fccc85b517
4631f730fd5e1de10c2c0d9ca47a904bba3ea49992a1660c5de8227a3d7e12e6
47431e117b5c259ee743306a45022ab6a55700dd5d53387d88ebf8647c6dbc76
47d93873a4cc0d80509412a8b875f3c5249c8c5ed84105e0f8275fe7a7dfca0a
4c84f17307acf7437f33cae9bea29c631186f4506513d7a916462c093e8b9b8e
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4fdf6d2b825d6869430ec46c51bad520f1770f6e57fa1e39a69356bbfeaa4ad4
51c13c97400af32f974e0b5c938ccb7e2af6a7a59205c61b3ac34baa66f20258
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
576da03605f43ae5ba24bee120e6be0cefc33a807fff45b1c94664ab5d0688d3
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5b585ea7c894c20dfe06b0482d86ead523f772a38318c1607886b21e972d5a61
5bc529fcb19b19a70d19cb4f3180ca15f96c05c099fee22ea4ce15b886c8078a
5c0ec901a63dcdf295fe43a8d2cfb39a52694971e94a76a1a230e9125ab0cef2
5ec986873120c2a9b681c1c8d94d0ec03cbb49f11a70e6e1835572ed8959392f
5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
64031c1784f63faf317e1557524eee06cb4f7e31edb284164f02a73242c90df6
66cbd092730b5c189873f4f62af162587a69fb7fcfe14d01f75d08a96a985f2b
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
73ba093d2e134bee9f470147aad2521ef9ee5d6a48e32dc6377553546a7ce628
7546f4a0d26eb4f5b653ce957356380849d80382a4cdb7521cd9923f05b87286
7595a51e52566e3ce271a09f54e96a0ef70601ce49f01c6a039000d235f4ec7a
788aebd0334838df69a8599416667dee7e4fbd00cb2b8d14974d19e68a0d93ee
79814e54c41a07e536c4b65ec983e50f3cf98d93a5ecc8255b9cb5437d19fe5b
7a475470de2974eac0e88b4374a94de32952dae8eeb1553b14091a045667a3de
7a83dde0ee9f06593519e9556f86281d967a2b64a7c7903b56575b53935ce2a6
7af9c4bd00f0301fea6c5f55e330d8c01fe2e65bbf30e9c27c2c8f6872730c48
7e77deba5346846ca4752d17d4e4a8da3406562af2b78602ab77e453435b21fb
7f9aecc97ef6427f89867b031e002c608781afb858bc9507f559e1a8b53e0b80
812d0f07f26b14bc12ebf74d699099e3fa049ec09c2aaaacec25cf5ce8547f2d
81323484fb01528c9ac56bc226165b30a712823a85d9a7b7ac59e77ce1b6810f
83fabdd1f5a6314701f3d045b425a8375408896a1c32cf09c3624e511604d496
84417a63d58d94d3d677e951305e5361a3cf1a6c332861c5fb1a2052883762fb
8559c828ef9ff57ce9858747f4cee96bbef1b556d1bed76663f91211d69be09c
856d85d82118cc840d764cb322eac34e6d577d72bbdfb3348ad11cd7dfebbb28
860af4136ed57882e2e9b37091969ae268046ba040d7054fe105571cea99ce3d
87d1b840ecfcb4410e64b8b12fc64ad943b7ce0ffb8e651764c91e1844b6bab6
89fc57e04ea47a3bb39c66fd38da7d5da9c5953e711d7ba301de06cdc08c1b82
8c9960fa2ab2600dad21e8bc1ad0062120067252c7920e8492df81808c2b0af4
8e07c6c1175efe1e4930d6004b3cc18cd75abbcd055e6c74dbf21d473647f7c1
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
90f2a454e9086b194f8303e82031e0aea6a221626384e18177af2000ca461ea8
9131aa7163d473e8bb424b2ede1e75f6d6d7d8b863dbdd4381d599782a649a6c
924845387eba579eca9654fc44463904ae1b1d8e41b26586734f2b87a8ae664d
92f29f19d64f54be88a80791fb7ae162f2d68505435632606a806c22a3874ebd
94bf0ccb8d73cf9803956c9e069a89e8b470b3671e903591f4259008afec7ed6
9a21a45666b6f49e755d4531a26979916ae3860583b42a56c97b4ccd85fc0419
9b207b0bbcb38b750fcc55ddfa727b2b8fa6a2265aa7e9195392505ee4e72122
9bcb18dc726fae16367b930f8754fce02b2545e68fb8f956bedff90acc23cc69
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9dd3a3ef12f78cc39d68e37dd141135f1499dd167078cd81ce6cc85cbc7d2896
9f2aa593046e7ccafdb3f6b20df74c3aec1db190ac849308ddd738b3bb7d8ddc
a0e08e64ac34d8a6b70a3947a0c231dbc7e6413ab4ef8e62903be8c399ce00de
a17af1d4adc32fb872ce773beb3915899b5f0851513250fe5396fe4555b5ed3e
a1dd2ba9bd158eea8052adb66f89d9ca4fc251c16ae615c4a35db82bd5dbdd2c
a3836dbed7ddf5209c3d461ac9247a80ebc5a5a38e9d1b2a8987943475471ed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7e3e1289103a8df5fe67d381fec0db46a27576a535c6981e19afb3d9de527fc
a7fa9350e6f29f203ebe4e13a85388fb725dbdcad59c37331a0376512d9fa320
ab3c4246aa42f5d76d523162099fd39b28a648c50a865c3d71a68ea315df3616
add2b51573f21ced2f52bc8c0fdcfabc12b1dc44dfe3af0337d6f21b6ef90b45
afca94f16485395ca4cc1031ae64618fd9599e031ede27fd74f26817f4c21dbb
b2b75bf36dbe5c5831874eefc44dfd61f204b664e9146e43e13bda7997fe8fa0
b636caa73945fb1e0091ac1d7358b6bc1c437f10727ae2a32b00c599dd9c82e8
bef36d1149db269dcae3850c398c7c21e801d1e68b6c7af5fde2170354163b4d
c2e4ec5af902fd16d7f68ce095f53bcf489ee83ea9569f9fb3ab905afdb500f7
c5d9c49183cdd250b5282ddf8e8e9272b26fb15348ac8aea037ec45dfbdc53aa
c8266979dd013e8719481737abe5d5eccb5b9cb507f9406f866012de27e35141
ca38ee51f6c49c0f0e89e6969aacfd7da147d9e26046e1405edb13cf39383a25
cc04fd4465fb5c457213d1d159c8066ed348485dd2f8e1682e5cad5db7bdc91e
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd69ff752df3dd6dd75cb0f3a297aaa20a1bc062fd04b02824783310b3697b13
cef9ae613e310483b7a82169bdabb06d68af52447bdf6b586b234cf97f7bfcb7
d308dd215dfb4c08bf06a3ee8149cdc732e598d41b873bda21994e47440e39e2
d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166
daaede23b88adfdab069eb1633cda9abb7326ecaff2207a8b5649f046fe86a76
df7be0d12117230256dd66d99ad9ca5febb7b3587e2ce5930a68de39399b2d47
e22581bb16889cbe9784dab793764875d07145e5aa53c8bc9466e646427354ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4352a0d79f1614b5b6cd1ecf8a90b0e1463fab675f19877bd79f934144df9ab
e74d72b279797f0486c4659a646354c787a55f7c3f062f7ca91d6fc35e097f95
e7e7035d933d7c570cf42224487bae8688355c6ece628239bf5743b388f5a31c
e8402e3d22b1f149ffa6d6a975688c7c90a105b6e94b2d0fd21f61388e48c047
e877f06bde4d9291b2b4d57898866401f82bb096f3c4eca6dc6a21783be9f73f
ea51d9d940a35bff2403d155b95cdbc3bfd3672885d49bedf7b3333f09876d92
ebe500e8da630b873b03057441fdf2185dbbcdeadf52a8720937ba1e67f21d83
ecabf96cee00f9551f40aaad2179b2b6e506c91403112ae776fadd19460fba43
efa9831bf50f3196bb99e0b2bd832e7f9cd770683e149c02d07543d167b48552
f10fc73f171d7f29cf50a928c6e1752c21bbeae061df4b85867915740372d531
f4cb710135307100f2c6fb1314fbf33d24ed6076fc39c8009ed70b3e561bab38
f5e95e60f535db661aca0ed20f92e13caa9212e2909d39cd9724aa749352d218
f8d59b5e5b5a65e098c00a1c63d72ff470567e784fd2303a4eb73daff749dbe6
fb027c263fc656814dc3b559851da7e9ef7efd90b5266a893a2ea7025941fb29
fda2cb647bc3d027876f95095e33dfb8a53ce9065774e27dd7a8e9c33088979b
ff340ae0c91f3035c09234cccbe13f68abe1fd755ceee4ffda70f0ff5999ad3c

gugl.ga Open in urlscan Pro 31.31.198.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

152 Requests

95 %HTTPS

69 %IPv6

27 Domains

31 Subdomains

31 IPs

6 Countries

7162 kBTransfer

10181 kBSize

29 Cookies

14 Outgoing links

Redirected requests

152 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gugl.ga Open in urlscan Pro
31.31.198.105 Public Scan

Screenshot
Live screenshot

Full Image

152
Requests

95 %
HTTPS

69 %
IPv6

27
Domains

31
Subdomains

31
IPs

6
Countries

7162 kB
Transfer

10181 kB
Size

29
Cookies

152 HTTP transactions
1 data transactions