refpa31055.top Open in urlscan Pro
178.253.37.78  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request MB_Event_468x60_WhoWin.html Show response refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/	2 KB 1 KB	136ms 32ms	Document text/html	178.253.37.78 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/MB_Event_468x60_WhoWin.html? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.37.78 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL), Reverse DNS Software nginx / Resource Hash 0016a42c41ba0ff62c322a47bc8b5026e949d341f1475b29eb72ab23a8eed665 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes cache-control max-age=86400 content-encoding gzip content-length 942 content-type text/html; charset=utf-8 date Sun, 11 Sep 2022 08:50:21 GMT etag "191326853ba0d81:0" last-modified Mon, 25 Jul 2022 15:30:50 GMT server nginx strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding
GET H2	200	edge.6.0.0.min.js Show response refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/edge_includes/	102 KB 33 KB	73ms 73ms	Script application/javascript	178.253.37.78 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/edge_includes/edge.6.0.0.min.js Requested by Host: refpa31055.top URL: https://refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/MB_Event_468x60_WhoWin.html? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.37.78 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL), Reverse DNS Software nginx / Resource Hash fa1e6d5b976a4aaff8ee726d81538152b550a143a01c53f3ce9f4506f10ac617 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/MB_Event_468x60_WhoWin.html? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sun, 11 Sep 2022 08:50:22 GMT content-encoding gzip last-modified Mon, 25 Jul 2022 15:30:27 GMT server nginx etag "a62558773ba0d81:0" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=86400 strict-transport-security max-age=63072000; includeSubDomains; preload accept-ranges bytes content-length 33845
GET H2	200	MB_Event_468x60_WhoWin_edge.js refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/	17 KB 17 KB	34ms 34ms	Image application/javascript	178.253.37.78 SGHL1-AS
General Check archive.org Show headers Download Go to Show image Full URL https://refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/MB_Event_468x60_WhoWin_edge.js Requested by Host: refpa31055.top URL: https://refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/MB_Event_468x60_WhoWin.html? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.37.78 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/MB_Event_468x60_WhoWin.html? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sun, 11 Sep 2022 08:50:22 GMT content-encoding gzip last-modified Thu, 17 Jan 2019 13:28:13 GMT server nginx etag "80d4ee7e68aed41:0" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=86400 strict-transport-security max-age=63072000; includeSubDomains; preload accept-ranges bytes content-length 4169
GET H2	200	MB_Event_468x60_WhoWin_edge.js Show response refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/	17 KB 4 KB	31ms 30ms	Script application/javascript	178.253.37.78 SGHL1-AS
General Check archive.org Show headers Download Go to Full URL https://refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/MB_Event_468x60_WhoWin_edge.js Requested by Host: refpa31055.top URL: https://refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/edge_includes/edge.6.0.0.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.37.78 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL), Reverse DNS Software nginx / Resource Hash ff3031dc4fb15d9da6bdfa5be86d2e74f9946acd346ce4147c73d0b898810124 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/MB_Event_468x60_WhoWin.html? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sun, 11 Sep 2022 08:50:22 GMT content-encoding gzip last-modified Thu, 17 Jan 2019 13:28:13 GMT server nginx etag "80d4ee7e68aed41:0" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=86400 strict-transport-security max-age=63072000; includeSubDomains; preload accept-ranges bytes content-length 4169
GET H2	200	jquery.min.js cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/	82 KB 82 KB	33ms 15ms	Image application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://refpa31055.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sun, 11 Sep 2022 08:50:22 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 8774956 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 26646 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec4-1499c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2FpItOLtfaX%2Bk0eMNfrnAE8cN9k5G3ixlhyE1SDAbXYbxst62dUmuMwsWI5jD1Km14%2BnwMlofi4hqxrAMDoGzRDSCQWB8Y32%2Fxyf4omqPaGQJCF4HlVvyeG6UvP0ze7mNeFX4ATnS79wE%2BxqMcN46%2B5E"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 748f27c88a72903a-FRA expires Fri, 01 Sep 2023 08:50:22 GMT
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/	82 KB 27 KB	31ms 14ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js Requested by Host: refpa31055.top URL: https://refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/edge_includes/edge.6.0.0.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://refpa31055.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sun, 11 Sep 2022 08:50:22 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 8774956 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 26646 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec4-1499c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Ei8uhPdBSokpOHilnVBg2RxPfIGgJ2QZCvRT142Xb7KtmJwIXLKVl4Dqi1Pb1cQKwphWao3NGW1jUWFIaf0PTT%2BWYzP3iOIRT7xLBE3GKBscW%2BR1WqKfo3B8TCCiTqnm5nQkTtXFuvoyuylShToof04"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 748f27c88a74903a-FRA expires Fri, 01 Sep 2023 08:50:22 GMT
GET H2	200	ru_new.json Show response autofeed.bannersvideo.com/json/	4 KB 2 KB	50ms 23ms	XHR application/json	2606:4700:3031::ac43:d78c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://autofeed.bannersvideo.com/json/ru_new.json?mode=1 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:d78c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 94d5b4870874ccb42f8a691d1d3b762e8a244b88b9f6127f71ef829724aa55d6 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://refpa31055.top/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sun, 11 Sep 2022 08:50:22 GMT content-encoding br cf-cache-status DYNAMIC last-modified Sun, 11 Sep 2022 08:50:00 GMT server cloudflare etag W/"631da138-11c0" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDAiau3wrL5M2PfkXUPuaCHzGgQk4Oo1r3p2EsErDpXPwhoppSKOOEFMc3K5d0r31cpqBNI6WJ%2FX5tgU0aB%2F%2BH2xLMxhAV3Jbg2WMFu0h4qQVbjOplGTJH6KtDWkwydIK1hvRKoAMLrvUUZ60ziOqqvVJP331GCR"}],"group":"cf-nel","max_age":604800} access-control-expose-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range cf-ray 748f27c90eb79054-FRA access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	f.png refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/images/	36 KB 36 KB	37ms 35ms	Image image/png	178.253.37.78 SGHL1-AS
General Check archive.org Show headers Download Go to Show image Full URL https://refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/images/f.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.37.78 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL), Reverse DNS Software nginx / Resource Hash e7032eff77b39d5f025824e4cf49d0518cfd11dba31d33ff244649d7dde3457e Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/MB_Event_468x60_WhoWin.html? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sun, 11 Sep 2022 08:50:22 GMT last-modified Mon, 25 Jul 2022 15:30:09 GMT server nginx etag "7b2c26d3ba0d81:0" strict-transport-security max-age=63072000; includeSubDomains; preload content-type image/png cache-control max-age=86400 accept-ranges bytes content-length 36643
GET H2	200	gr.png refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/images/	5 KB 5 KB	34ms 33ms	Image image/png	178.253.37.78 SGHL1-AS
General Check archive.org Show headers Download Go to Show image Full URL https://refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/images/gr.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.37.78 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL), Reverse DNS Software nginx / Resource Hash 3c5db8cc666d29b8d06c83268da9ea2fc26bd22bd92c0a4db67b51a82affe7ed Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/MB_Event_468x60_WhoWin.html? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sun, 11 Sep 2022 08:50:22 GMT last-modified Mon, 25 Jul 2022 15:30:49 GMT server nginx etag "a96159843ba0d81:0" strict-transport-security max-age=63072000; includeSubDomains; preload content-type image/png cache-control max-age=86400 accept-ranges bytes content-length 4759
GET H2	200	Venezuela2.png refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/images/	6 KB 6 KB	66ms 64ms	Image image/png	178.253.37.78 SGHL1-AS
General Check archive.org Show headers Download Go to Show image Full URL https://refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/images/Venezuela2.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.37.78 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL), Reverse DNS Software nginx / Resource Hash a566417a6c0f62ffe255500118be34216be8160e46603513490e4bbf4fe6fb67 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/MB_Event_468x60_WhoWin.html? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sun, 11 Sep 2022 08:50:22 GMT last-modified Mon, 25 Jul 2022 15:30:27 GMT server nginx etag "36ed56773ba0d81:0" strict-transport-security max-age=63072000; includeSubDomains; preload content-type image/png cache-control max-age=86400 accept-ranges bytes content-length 6211
GET H2	200	b1.png refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/images/	26 KB 26 KB	68ms 66ms	Image image/png	178.253.37.78 SGHL1-AS
General Check archive.org Show headers Download Go to Show image Full URL https://refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/images/b1.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.37.78 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL), Reverse DNS Software nginx / Resource Hash 2f1e483a6e1afedaffba9ea0fdacbfe71774638bdc096e44c7f042a4386cc5b3 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/MB_Event_468x60_WhoWin.html? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sun, 11 Sep 2022 08:50:22 GMT last-modified Mon, 25 Jul 2022 15:30:27 GMT server nginx etag "2f6b53773ba0d81:0" strict-transport-security max-age=63072000; includeSubDomains; preload content-type image/png cache-control max-age=86400 accept-ranges bytes content-length 26380
GET H2	200	b2.png refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/images/	18 KB 18 KB	68ms 67ms	Image image/png	178.253.37.78 SGHL1-AS
General Check archive.org Show headers Download Go to Show image Full URL https://refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/images/b2.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.37.78 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL), Reverse DNS Software nginx / Resource Hash a6ce8ffe76f8d741f0e76235c3a05ade6c14765b126d5f2af510120f778a5269 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/MB_Event_468x60_WhoWin.html? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sun, 11 Sep 2022 08:50:22 GMT last-modified Fri, 12 Oct 2018 09:17:36 GMT server nginx etag "0f81c6ac62d41:0" strict-transport-security max-age=63072000; includeSubDomains; preload content-type image/png cache-control max-age=86400 accept-ranges bytes content-length 18588
GET H2	200	WIN.svg refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/images/	2 KB 1 KB	67ms 65ms	Image image/svg+xml	178.253.37.78 SGHL1-AS
General Check archive.org Show headers Download Go to Show image Full URL https://refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/images/WIN.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.37.78 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL), Reverse DNS Software nginx / Resource Hash dccccfca7e1583884bd49201b82e1af5d40c33d50abdfef0682117094e528d01 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/MB_Event_468x60_WhoWin.html? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sun, 11 Sep 2022 08:50:22 GMT content-encoding br last-modified Fri, 12 Oct 2018 09:17:36 GMT server nginx etag W/"0f81c6ac62d41:0" vary Accept-Encoding content-type image/svg+xml cache-control max-age=86400 strict-transport-security max-age=63072000; includeSubDomains; preload
GET H2	200	Asset%201.svg refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/images/	581 B 800 B	35ms 34ms	Image image/svg+xml	178.253.37.78 SGHL1-AS
General Check archive.org Show headers Download Go to Show image Full URL https://refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/images/Asset%201.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.37.78 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL), Reverse DNS Software nginx / Resource Hash a803ac71d84c14a910b89ed4673dd8f2b245a1fc2905721406d40ea0a9eff080 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/MB_Event_468x60_WhoWin.html? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sun, 11 Sep 2022 08:50:22 GMT last-modified Fri, 12 Oct 2018 09:17:36 GMT server nginx etag "0f81c6ac62d41:0" strict-transport-security max-age=63072000; includeSubDomains; preload content-type image/svg+xml cache-control max-age=86400 accept-ranges bytes content-length 581
GET H2	200	NewWhite.svg refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/images/	2 KB 1 KB	66ms 65ms	Image image/svg+xml	178.253.37.78 SGHL1-AS
General Check archive.org Show headers Download Go to Show image Full URL https://refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/images/NewWhite.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.253.37.78 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL), Reverse DNS Software nginx / Resource Hash 3281b8b9e5300ba427340635ad56db0abc3c3d2f7ea18b4b13d2dade5165c6b6 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://refpa31055.top/img/AdAgent_4/9538a488-8b7e-4dec-9f6a-6714b3314523/MB_Event_468x60_WhoWin.html? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sun, 11 Sep 2022 08:50:22 GMT content-encoding br last-modified Mon, 25 Jul 2022 15:30:27 GMT server nginx etag W/"e88052773ba0d81:0" vary Accept-Encoding content-type image/svg+xml cache-control max-age=86400 strict-transport-security max-age=63072000; includeSubDomains; preload
GET H2	200	image_58.png bannersvideo.com/upload/avatar/	17 KB 18 KB	44ms 15ms	Image image/png	2606:4700:3036::6815:10bc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bannersvideo.com/upload/avatar/image_58.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:10bc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b0a3734af68a87b95e348fc5f2f670440b5d298991d03b097bef81a142d8c8dd Request headers accept-language de-DE,de;q=0.9 Referer https://refpa31055.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sun, 11 Sep 2022 08:50:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 221749 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 17571 last-modified Thu, 11 Dec 2014 11:11:47 GMT server cloudflare etag "54897bf3-44a3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2FLbYHLVvIq6oa2Q5vCJzkQCaRcDVFElHqsmXZBdCdDn5hCjfH%2Fvlc2mn9CnIb%2BCfeqVmp0DiAv8SJky50%2FKBSjlp9fCaaQeKioULGcQ2RCUZ7gpa2gqfKUaaFG11SOn1b7VmlfUfw%2Bp%2FspCUXGX"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2678400 accept-ranges bytes cf-ray 748f27d619ed92ba-FRA expires Thu, 15 Sep 2022 19:14:35 GMT
GET H2	200	image_32.png bannersvideo.com/upload/avatar/	17 KB 17 KB	44ms 16ms	Image image/png	2606:4700:3036::6815:10bc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bannersvideo.com/upload/avatar/image_32.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:10bc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd9444e6ad31085e91a619035fdf948cfda1147cb05cba624fb8f26f85792e85 Request headers accept-language de-DE,de;q=0.9 Referer https://refpa31055.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Sun, 11 Sep 2022 08:50:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 221749 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 17540 last-modified Thu, 11 Dec 2014 10:28:56 GMT server cloudflare etag "548971e8-4484" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jI7S%2BIZq7dmnPh9AW%2FRpeumyLpNyJAqNcaB2rviBXYVG3Its3kB3iqU8%2Bp0PYJjeMAR8k8B1jAj5D579R10sO7TksMjN3Fi3OKdyA0pN6hX7GvFgG1fKe6FTUm1f7oLlkN%2BmR2IWwqY3G7BzStNS"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2678400 accept-ranges bytes cf-ray 748f27d619ef92ba-FRA expires Thu, 15 Sep 2022 19:14:35 GMT

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| aBootcompsLoaded function| yepnope object| AdobeEdge string| feed function| getUrlVars object| layer function| listen function| $ function| jQuery number| maxImage number| currentImage

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

autofeed.bannersvideo.com
bannersvideo.com
cdnjs.cloudflare.com
refpa31055.top
178.253.37.78
2606:4700:3031::ac43:d78c
2606:4700:3036::6815:10bc
2606:4700::6811:180e
0016a42c41ba0ff62c322a47bc8b5026e949d341f1475b29eb72ab23a8eed665
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
2f1e483a6e1afedaffba9ea0fdacbfe71774638bdc096e44c7f042a4386cc5b3
3281b8b9e5300ba427340635ad56db0abc3c3d2f7ea18b4b13d2dade5165c6b6
3c5db8cc666d29b8d06c83268da9ea2fc26bd22bd92c0a4db67b51a82affe7ed
94d5b4870874ccb42f8a691d1d3b762e8a244b88b9f6127f71ef829724aa55d6
a566417a6c0f62ffe255500118be34216be8160e46603513490e4bbf4fe6fb67
a6ce8ffe76f8d741f0e76235c3a05ade6c14765b126d5f2af510120f778a5269
a803ac71d84c14a910b89ed4673dd8f2b245a1fc2905721406d40ea0a9eff080
b0a3734af68a87b95e348fc5f2f670440b5d298991d03b097bef81a142d8c8dd
bd9444e6ad31085e91a619035fdf948cfda1147cb05cba624fb8f26f85792e85
dccccfca7e1583884bd49201b82e1af5d40c33d50abdfef0682117094e528d01
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7032eff77b39d5f025824e4cf49d0518cfd11dba31d33ff244649d7dde3457e
fa1e6d5b976a4aaff8ee726d81538152b550a143a01c53f3ce9f4506f10ac617
ff3031dc4fb15d9da6bdfa5be86d2e74f9946acd346ce4147c73d0b898810124