urlscan.io logo urlscan.io
SecurityTrails logo

shawty.xzy.pw Open in urlscan Pro
151.101.65.195  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://4c.vc/7rkpD
Effective URL: https://shawty.xzy.pw/
Submission: On June 03 via api from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 2 countries across 13 domains to perform 54 HTTP transactions. The main IP is 151.101.65.195, located in United States and belongs to FASTLY, US. The main domain is shawty.xzy.pw.
TLS certificate: Issued by GTS CA 1D2 on April 21st 2021. Valid for: 3 months.
This is the only time shawty.xzy.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2606:4700:3035::6815:1d5 (United States)

ASN13335 (CLOUDFLARENET, US)
4c.vc
18    151.101.65.195 (United States)

ASN54113 (FASTLY, US)
shawty.xzy.pw
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2606:4700:3035::ac43:9858 (United States)

ASN13335 (CLOUDFLARENET, US)
api.4c.vc
1    2606:4700:3038::6815:e97c (United States)

ASN13335 (CLOUDFLARENET, US)
f.easyuploader.app
4    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
partner.googleadservices.com
3    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
www.googletagservices.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
18 shawty.xzy.pw shawty.xzy.pw
9 pagead2.googlesyndication.com shawty.xzy.pw
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
8 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 4c.vc 2 redirects
1 www.google.com tpc.googlesyndication.com
1 www.gstatic.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 f.easyuploader.app shawty.xzy.pw
1 api.4c.vc shawty.xzy.pw
1 www.googletagmanager.com shawty.xzy.pw
54 17

This site contains links to these domains. Also see Links.

Domain
documenter.getpostman.com
hcloud.ltd
uploader.xzy.pw
elecv.app
Subject Issuer Validity Valid
dentalsantiago.cl
GTS CA 1D2		 2021-04-21 -
2021-07-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-15 -
2021-08-15		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-10 -
2021-08-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://shawty.xzy.pw/
Frame ID: 8E153EB04C5EAF2985A47ECE6B211157
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210525/r20190131/zrt_lookup.html
Frame ID: CA37BB9AB94F94F5667CD98A847D9558
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6042959271745689&output=html&h=280&slotname=4357633241&adk=1968422212&adf=4230176469&pi=t.ma~as.4357633241&w=1200&fwrn=4&fwrnh=100&lmt=1589124936&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fshawty.xzy.pw%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622710716753&bpp=12&bdt=1006&idt=102&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=5404602748940&frm=20&pv=2&ga_vid=745116975.1622710716&ga_sid=1622710717&ga_hid=1412809682&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744332&oid=3&pvsid=237113991655160&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UJO4sHOpYb&p=https%3A//shawty.xzy.pw&dtd=182
Frame ID: 34100CC5316F83A79A1BD3F4FD36A525
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6042959271745689&output=html&adk=1812271804&adf=3025194257&lmt=1589124936&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fshawty.xzy.pw%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622710716778&bpp=2&bdt=1031&idt=175&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=5404602748940&frm=20&pv=1&ga_vid=745116975.1622710716&ga_sid=1622710717&ga_hid=1412809682&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744332&oid=3&pvsid=237113991655160&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=199
Frame ID: F80A921EA87822DAC8560D667EC862BB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6vmH6gRf2UqLiW2PAyrCu1HDtbEhJxjO0f7Ukk3E6CA.js
Frame ID: CFD39B06A06E24D14C80F5DCCBC5DC73
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: C1F73DCB67ED5B9A00D10CC6F7A3C724
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7AF274C7A3522EAECF5F6341245193BB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://4c.vc/7rkpD HTTP 302
    https://4c.vc/ HTTP 302
    https://shawty.xzy.pw/ Page URL

Page Statistics

54
Requests

100 %
HTTPS

88 %
IPv6

13
Domains

17
Subdomains

16
IPs

2
Countries

661 kB
Transfer

1937 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://4c.vc/7rkpD HTTP 302
    https://4c.vc/ HTTP 302
    https://shawty.xzy.pw/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
shawty.xzy.pw/
Redirect Chain
  • https://4c.vc/7rkpD
  • https://4c.vc/
  • https://shawty.xzy.pw/
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shawty.xzy.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ea1ad458bcbfdcdaedb700100aabcf37a1027dffbd12ad6049d2eea2b6dc39ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:method
GET
:authority
shawty.xzy.pw
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
etag
"3630e63247f0da70f775687d3905b1c19618f89a3992587f511ffa124644ad3f"
last-modified
Sun, 10 May 2020 15:35:36 GMT
strict-transport-security
max-age=31556926
accept-ranges
bytes
date
Thu, 03 Jun 2021 08:58:35 GMT
x-served-by
cache-cdg20754-CDG
x-cache
MISS
x-cache-hits
0
x-timer
S1622710716.519397,VS0,VE217
vary
x-fh-requested-host, accept-encoding
content-length
1401

Redirect headers

date
Thu, 03 Jun 2021 08:58:35 GMT
content-type
text/html; charset=utf-8
location
https://shawty.xzy.pw
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
cf-request-id
0a72b19a580000dfbb9ead5000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9SOgjcdhqMvw73Q%2FymFTmath%2FBAog7L8Gb1eFDsGFWVRFfap0e2d%2B9x70hL5wbnU4%2BBKDG5Iu37QvKKxUbpleuX65T2NdGrsScaLWP3ihPZag7e4gEa0AHmXFTZ7oTU%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597b87089c6dfbb-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
app.55b816e7.css
shawty.xzy.pw/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shawty.xzy.pw/css/app.55b816e7.css
Requested by
Host: shawty.xzy.pw
URL: https://shawty.xzy.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f1725a39aef202c0e6e7b601d7c294821ee5329d4a34120a012a7bc29a475828
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:path
/css/app.55b816e7.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
shawty.xzy.pw
referer
https://shawty.xzy.pw/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
gzip
last-modified
Sun, 10 May 2020 15:35:36 GMT
x-timer
S1622710716.758616,VS0,VE228
etag
"ad4585f69832e9ab28a1bcf57cee7da8356595b6371995f2acb22f9dfe16e2a9"
x-served-by
cache-cdg20754-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/css; charset=utf-8
cache-control
max-age=2592000
date
Thu, 03 Jun 2021 08:58:35 GMT
accept-ranges
bytes
content-length
1114
x-cache-hits
0
chunk-vendors.0b93bb05.css
shawty.xzy.pw/css/ 		345 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shawty.xzy.pw/css/chunk-vendors.0b93bb05.css
Requested by
Host: shawty.xzy.pw
URL: https://shawty.xzy.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
93ef018f7c42a74e6a4a685290592ea2f1af6a8ef4d535128d3eb560534396d5
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:path
/css/chunk-vendors.0b93bb05.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
shawty.xzy.pw
referer
https://shawty.xzy.pw/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
gzip
last-modified
Sun, 10 May 2020 15:35:36 GMT
x-timer
S1622710716.758601,VS0,VE307
etag
"8bfd2d7b7e63455cf785cc77a674e041f7a29ff4f8d15646356f1ce96cf0b005"
x-served-by
cache-cdg20754-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/css; charset=utf-8
cache-control
max-age=2592000
date
Thu, 03 Jun 2021 08:58:36 GMT
accept-ranges
bytes
content-length
43154
x-cache-hits
0
app.8b65045d.js
shawty.xzy.pw/js/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shawty.xzy.pw/js/app.8b65045d.js
Requested by
Host: shawty.xzy.pw
URL: https://shawty.xzy.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
65401c015dcaade8073ca6e4636f2589fab5a2a24403c9efce7ffbcc58fc5356
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:path
/js/app.8b65045d.js
pragma
no-cache
origin
https://shawty.xzy.pw
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shawty.xzy.pw
referer
https://shawty.xzy.pw/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://shawty.xzy.pw
Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
gzip
last-modified
Sun, 10 May 2020 15:35:36 GMT
x-timer
S1622710716.758687,VS0,VE246
etag
"75a605d5045f31ae8ac86985c3c931308b39e278740e70c3ffd3e48d41d92cb3"
x-served-by
cache-cdg20754-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=2592000
date
Thu, 03 Jun 2021 08:58:36 GMT
accept-ranges
bytes
content-length
7644
x-cache-hits
0
chunk-vendors.081e47a5.js
shawty.xzy.pw/js/ 		575 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shawty.xzy.pw/js/chunk-vendors.081e47a5.js
Requested by
Host: shawty.xzy.pw
URL: https://shawty.xzy.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
43ebafa2e7496b872bb88a560f7842c09d99bb3bc9ecb9f72a2d9351d0684bca
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:path
/js/chunk-vendors.081e47a5.js
pragma
no-cache
origin
https://shawty.xzy.pw
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shawty.xzy.pw
referer
https://shawty.xzy.pw/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://shawty.xzy.pw
Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
gzip
last-modified
Sun, 10 May 2020 15:35:36 GMT
x-timer
S1622710716.758978,VS0,VE473
etag
"e11162556c3b07993bc529db62bb437f930f74d532ac68f288ee5ba18f9fdfc4"
x-served-by
cache-cdg20754-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=2592000
date
Thu, 03 Jun 2021 08:58:36 GMT
accept-ranges
bytes
content-length
172778
x-cache-hits
0
chunk-5cf4f343.ce478cb6.css
shawty.xzy.pw/css/ 		0
958 B 		Other
General
Check archive.org
Download Go to
Full URL
https://shawty.xzy.pw/css/chunk-5cf4f343.ce478cb6.css
Requested by
Host: shawty.xzy.pw
URL: https://shawty.xzy.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:path
/css/chunk-5cf4f343.ce478cb6.css
pragma
no-cache
purpose
prefetch
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
empty
:authority
shawty.xzy.pw
referer
https://shawty.xzy.pw/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
gzip
last-modified
Sun, 10 May 2020 15:35:36 GMT
x-timer
S1622710716.763750,VS0,VE180
etag
"dbcc3f9c012adaff13269d6fff7321119715ec82fa23145ef83eba2f6489d0f0"
x-served-by
cache-cdg20754-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/css; charset=utf-8
cache-control
max-age=2592000
date
Thu, 03 Jun 2021 08:58:35 GMT
accept-ranges
bytes
content-length
818
x-cache-hits
0
chunk-a7ba0a58.22bd9aae.css
shawty.xzy.pw/css/ 		0
373 B 		Other
General
Check archive.org
Download Go to
Full URL
https://shawty.xzy.pw/css/chunk-a7ba0a58.22bd9aae.css
Requested by
Host: shawty.xzy.pw
URL: https://shawty.xzy.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:path
/css/chunk-a7ba0a58.22bd9aae.css
pragma
no-cache
purpose
prefetch
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
empty
:authority
shawty.xzy.pw
referer
https://shawty.xzy.pw/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
gzip
last-modified
Sun, 10 May 2020 15:35:36 GMT
x-timer
S1622710716.763797,VS0,VE198
etag
"5c3523aa0b87b575175e6dd79441cc5f37227243425c2b22c3a44dee16a9a8d2"
x-served-by
cache-cdg20754-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/css; charset=utf-8
cache-control
max-age=2592000
date
Thu, 03 Jun 2021 08:58:35 GMT
accept-ranges
bytes
content-length
262
x-cache-hits
0
chunk-069c85a1.f28c4499.js
shawty.xzy.pw/js/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://shawty.xzy.pw/js/chunk-069c85a1.f28c4499.js
Requested by
Host: shawty.xzy.pw
URL: https://shawty.xzy.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:path
/js/chunk-069c85a1.f28c4499.js
pragma
no-cache
purpose
prefetch
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
empty
:authority
shawty.xzy.pw
referer
https://shawty.xzy.pw/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
gzip
last-modified
Sun, 10 May 2020 15:35:36 GMT
x-timer
S1622710716.960357,VS0,VE291
etag
"200461f261c5b3aaa7eb98af96e76d731cb1291f029e34d0e6533eb1ce4f3b91"
x-served-by
cache-cdg20754-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=2592000
date
Thu, 03 Jun 2021 08:58:36 GMT
accept-ranges
bytes
content-length
1819
x-cache-hits
0
chunk-34df3f2f.d3cf2aae.js
shawty.xzy.pw/js/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://shawty.xzy.pw/js/chunk-34df3f2f.d3cf2aae.js
Requested by
Host: shawty.xzy.pw
URL: https://shawty.xzy.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:path
/js/chunk-34df3f2f.d3cf2aae.js
pragma
no-cache
purpose
prefetch
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
empty
:authority
shawty.xzy.pw
referer
https://shawty.xzy.pw/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
gzip
last-modified
Sun, 10 May 2020 15:35:36 GMT
x-timer
S1622710716.977967,VS0,VE222
etag
"a44b52e6d8fd7ad2811626f0cd9f535a0b6349af4fe1c7881203a0dfbde42467"
x-served-by
cache-cdg20754-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=2592000
date
Thu, 03 Jun 2021 08:58:36 GMT
accept-ranges
bytes
content-length
1828
x-cache-hits
0
chunk-554da37a.6a1e72b0.js
shawty.xzy.pw/js/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://shawty.xzy.pw/js/chunk-554da37a.6a1e72b0.js
Requested by
Host: shawty.xzy.pw
URL: https://shawty.xzy.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:path
/js/chunk-554da37a.6a1e72b0.js
pragma
no-cache
purpose
prefetch
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
empty
:authority
shawty.xzy.pw
referer
https://shawty.xzy.pw/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
gzip
last-modified
Sun, 10 May 2020 15:35:36 GMT
x-timer
S1622710716.002919,VS0,VE194
etag
"6118bce47e0f2cee6ca7c3c184ec006fb5e08818325a896e167a71174648b300"
x-served-by
cache-cdg20754-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=2592000
date
Thu, 03 Jun 2021 08:58:36 GMT
accept-ranges
bytes
content-length
1328
x-cache-hits
0
chunk-5cf4f343.f3ec19f2.js
shawty.xzy.pw/js/ 		0
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://shawty.xzy.pw/js/chunk-5cf4f343.f3ec19f2.js
Requested by
Host: shawty.xzy.pw
URL: https://shawty.xzy.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:path
/js/chunk-5cf4f343.f3ec19f2.js
pragma
no-cache
purpose
prefetch
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
empty
:authority
shawty.xzy.pw
referer
https://shawty.xzy.pw/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
gzip
last-modified
Sun, 10 May 2020 15:35:36 GMT
x-timer
S1622710716.029020,VS0,VE233
etag
"cde8e41519267eedcd0ed6e332e3ffcc6f6775123bf8b5a9e30f032b9fc68fde"
x-served-by
cache-cdg20754-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=2592000
date
Thu, 03 Jun 2021 08:58:36 GMT
accept-ranges
bytes
content-length
8159
x-cache-hits
0
chunk-631931d6.957da521.js
shawty.xzy.pw/js/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://shawty.xzy.pw/js/chunk-631931d6.957da521.js
Requested by
Host: shawty.xzy.pw
URL: https://shawty.xzy.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:path
/js/chunk-631931d6.957da521.js
pragma
no-cache
purpose
prefetch
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
empty
:authority
shawty.xzy.pw
referer
https://shawty.xzy.pw/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
gzip
last-modified
Sun, 10 May 2020 15:35:36 GMT
x-timer
S1622710716.091816,VS0,VE248
etag
"55769cfca24c4579c12773642f9acfd2e383cf768705b78c2a8e3aa39620143d"
x-served-by
cache-cdg20754-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=2592000
date
Thu, 03 Jun 2021 08:58:36 GMT
accept-ranges
bytes
content-length
1635
x-cache-hits
0
chunk-6d30dbd6.0d175b7a.js
shawty.xzy.pw/js/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://shawty.xzy.pw/js/chunk-6d30dbd6.0d175b7a.js
Requested by
Host: shawty.xzy.pw
URL: https://shawty.xzy.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:path
/js/chunk-6d30dbd6.0d175b7a.js
pragma
no-cache
purpose
prefetch
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
empty
:authority
shawty.xzy.pw
referer
https://shawty.xzy.pw/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
gzip
last-modified
Sun, 10 May 2020 15:35:36 GMT
x-timer
S1622710716.212497,VS0,VE253
etag
"5afbe436f46c5425a5cc1580517fdbae023eedda7f29bcda97cc3240a70eab5b"
x-served-by
cache-cdg20754-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=2592000
date
Thu, 03 Jun 2021 08:58:36 GMT
accept-ranges
bytes
content-length
1366
x-cache-hits
0
chunk-a7ba0a58.6cdf5623.js
shawty.xzy.pw/js/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://shawty.xzy.pw/js/chunk-a7ba0a58.6cdf5623.js
Requested by
Host: shawty.xzy.pw
URL: https://shawty.xzy.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:path
/js/chunk-a7ba0a58.6cdf5623.js
pragma
no-cache
purpose
prefetch
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
empty
:authority
shawty.xzy.pw
referer
https://shawty.xzy.pw/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
gzip
last-modified
Sun, 10 May 2020 15:35:36 GMT
x-timer
S1622710716.216199,VS0,VE224
etag
"21c9b85b6e4cdbe4b41827f71236e95da35c69bfe3edc29ef152709a7eb8e974"
x-served-by
cache-cdg20754-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=2592000
date
Thu, 03 Jun 2021 08:58:36 GMT
accept-ranges
bytes
content-length
1979
x-cache-hits
1
chunk-b91415ec.7d5bc365.js
shawty.xzy.pw/js/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://shawty.xzy.pw/js/chunk-b91415ec.7d5bc365.js
Requested by
Host: shawty.xzy.pw
URL: https://shawty.xzy.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:path
/js/chunk-b91415ec.7d5bc365.js
pragma
no-cache
purpose
prefetch
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
empty
:authority
shawty.xzy.pw
referer
https://shawty.xzy.pw/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
gzip
last-modified
Sun, 10 May 2020 15:35:36 GMT
x-timer
S1622710716.270023,VS0,VE271
etag
"31a2ed9da6676eea1af082e18cbd5b08c1ca85c2c31a0ee300852ebf7f09a6d2"
x-served-by
cache-cdg20754-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=2592000
date
Thu, 03 Jun 2021 08:58:36 GMT
accept-ranges
bytes
content-length
1343
x-cache-hits
0
chunk-edb20a64.47c51a0b.js
shawty.xzy.pw/js/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://shawty.xzy.pw/js/chunk-edb20a64.47c51a0b.js
Requested by
Host: shawty.xzy.pw
URL: https://shawty.xzy.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:path
/js/chunk-edb20a64.47c51a0b.js
pragma
no-cache
purpose
prefetch
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
application/signed-exchange;v=b3;q=0.9,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
empty
:authority
shawty.xzy.pw
referer
https://shawty.xzy.pw/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
gzip
last-modified
Sun, 10 May 2020 15:35:36 GMT
x-timer
S1622710716.270217,VS0,VE314
etag
"e2b4bfc1b377236e8737bf062d61bc41b9bcf6eb434d30efdaae9bbe6a232506"
x-served-by
cache-cdg20754-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
max-age=2592000
date
Thu, 03 Jun 2021 08:58:36 GMT
accept-ranges
bytes
content-length
1984
x-cache-hits
0
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-164642984-1
Requested by
Host: shawty.xzy.pw
URL: https://shawty.xzy.pw/js/chunk-vendors.081e47a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0c047563123ca85c0ef76d6e47353b07a07e1b0cae8c8727e7e9f356a599e862
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 08:58:36 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35938
x-xss-protection
0
last-modified
Thu, 03 Jun 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 03 Jun 2021 08:58:36 GMT
chunk-a7ba0a58.22bd9aae.css
shawty.xzy.pw/css/ 		460 B
395 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shawty.xzy.pw/css/chunk-a7ba0a58.22bd9aae.css
Requested by
Host: shawty.xzy.pw
URL: https://shawty.xzy.pw/js/app.8b65045d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7c3048ee540330c5d49fadbdd4d5a466f26083b4ceeab7eea08f76fb00860592
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:path
/css/chunk-a7ba0a58.22bd9aae.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
shawty.xzy.pw
referer
https://shawty.xzy.pw/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
gzip
last-modified
Sun, 10 May 2020 15:35:36 GMT
x-timer
S1622710716.333151,VS0,VE0
etag
"5c3523aa0b87b575175e6dd79441cc5f37227243425c2b22c3a44dee16a9a8d2"
x-served-by
cache-cdg20754-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/css; charset=utf-8
cache-control
max-age=2592000
date
Thu, 03 Jun 2021 08:58:36 GMT
accept-ranges
bytes
content-length
262
x-cache-hits
1
chunk-a7ba0a58.6cdf5623.js
shawty.xzy.pw/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shawty.xzy.pw/js/chunk-a7ba0a58.6cdf5623.js
Requested by
Host: shawty.xzy.pw
URL: https://shawty.xzy.pw/js/app.8b65045d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a2a45262a6f9a5211954ac007001122559b8f02366f048c458b277a6d0313a3f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:path
/js/chunk-a7ba0a58.6cdf5623.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
shawty.xzy.pw
referer
https://shawty.xzy.pw/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
gzip
last-modified
Sun, 10 May 2020 15:35:36 GMT
x-timer
S1622710716.350911,VS0,VE89
etag
"21c9b85b6e4cdbe4b41827f71236e95da35c69bfe3edc29ef152709a7eb8e974"
x-served-by
cache-cdg20754-CDG
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=2592000
date
Thu, 03 Jun 2021 08:58:36 GMT
accept-ranges
bytes
content-length
1979
x-cache-hits
1
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-164642984-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
6433
date
Thu, 03 Jun 2021 07:11:23 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Thu, 03 Jun 2021 09:11:23 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1412809682&t=pageview&_s=1&dl=https%3A%2F%2Fshawty.xzy.pw%2F&ul=en-us&de=UTF-8&dt=shawty%20-%20%E7%9F%AD%E7%B8%AEURL%E3%82%B5%E3%83%BC%E3%83%93%E3%82%B9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1635334225&gjid=1483973338&cid=745116975.1622710716&tid=UA-164642984-1&_gid=298775280.1622710716&_r=1&gtm=2ou5q1&z=2120832486
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 08:58:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shawty.xzy.pw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		134 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: shawty.xzy.pw
URL: https://shawty.xzy.pw/js/chunk-vendors.081e47a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd233c705ebb6129045b560c19e9bf225d7463f4c96236e2adbc162d4e53fec1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 08:58:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48423
x-xss-protection
0
server
cafe
etag
14961557847784475286
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 08:58:36 GMT
count
api.4c.vc/ 		4 B
733 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.4c.vc/count
Requested by
Host: shawty.xzy.pw
URL: https://shawty.xzy.pw/js/chunk-vendors.081e47a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9858 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e84909d7fba7798e68cbb865e5a577137b5d979e7527eb80ebf4aae1707496eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 08:58:37 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
4
x-xss-protection
1; mode=block
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lrpHffeknV6NlROB8sNJzUgMwEScpDQPzFWR6zF%2FEbPzpQG5DwrKscAD6ZWPiPnwYvz7vk362Xlb6q4GYsr53%2FRSdVyvMh86ciEMlYN9Eq3JhGvkFcEyo5viGQ%2BNpcBnTRBr"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://shawty.xzy.pw
access-control-expose-headers
Content-Length
access-control-allow-credentials
true
cf-request-id
0a72b1a0710000145a0d181000000001
cf-ray
6597b87a481a145a-FRA
20200427185651_6754395a4c316747436d.png
f.easyuploader.app/eu-prd/upload/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.easyuploader.app/eu-prd/upload/20200427185651_6754395a4c316747436d.png
Requested by
Host: shawty.xzy.pw
URL: https://shawty.xzy.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e97c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc22083dbba2aa9aa8fc98c0f0056ca675cc1a549da3382da08a53ca75f3c599
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 08:58:37 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
357949
cf-ray
6597b87ad867176a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
21071
x-xss-protection
1; mode=block
last-modified
Mon, 27 Apr 2020 09:56:51 GMT
server
cloudflare
etag
"00000000000000000000000000000000-1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KzZvSB96EzHezwlT%2FIo1jkOxA7IWeU4N9Nh5V0DBX4thLpVd3JcOqqYWV%2FGMrrqK9CUIqIvu3eky8QU6Cb2OW3ACnQaNDiR67vGAOsVXTfNgW5J8%2BkkNAyiKGyALqYSD8qMIwPe41S5sQR4g"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
1683C14282652353
cache-control
max-age=31536000
content-security-policy
block-all-mixed-content
cf-request-id
0a72b1a0cc0000176a5f326000000001
accept-ranges
bytes
content-type
image/png
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/ 		233 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6042959271745689&plah=shawty.xzy.pw&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53c1737bf97ae4d686956bf2c7caff015329c9aa554ed0ebfc24893dfbe2fddf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 08:58:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87751
x-xss-protection
0
server
cafe
etag
1549945764410104263
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 08:58:36 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210525/r20190131/ Frame CA37 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210525/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210525/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shawty.xzy.pw/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shawty.xzy.pw/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 03 Jun 2021 01:21:09 GMT
expires
Thu, 17 Jun 2021 01:21:09 GMT
content-type
text/html; charset=UTF-8
etag
15349191498103243965
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4506
x-xss-protection
0
age
27447
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		196 B
638 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=shawty.xzy.pw&callback=_gfp_s_&client=ca-pub-6042959271745689
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6042959271745689&plah=shawty.xzy.pw&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
5e0499e2b7430d8dd62db485cff4634b648935bdde262c0c5eb05c9353c221eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 08:58:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
188
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
318 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=shawty.xzy.pw
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6042959271745689&plah=shawty.xzy.pw&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 08:58:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
318 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=shawty.xzy.pw
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6042959271745689&plah=shawty.xzy.pw&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 08:58:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3410 		70 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6042959271745689&output=html&h=280&slotname=4357633241&adk=1968422212&adf=4230176469&pi=t.ma~as.4357633241&w=1200&fwrn=4&fwrnh=100&lmt=1589124936&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fshawty.xzy.pw%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622710716753&bpp=12&bdt=1006&idt=102&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=5404602748940&frm=20&pv=2&ga_vid=745116975.1622710716&ga_sid=1622710717&ga_hid=1412809682&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744332&oid=3&pvsid=237113991655160&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UJO4sHOpYb&p=https%3A//shawty.xzy.pw&dtd=182
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6042959271745689&plah=shawty.xzy.pw&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38a6bb4740417ae8eaf76710ca3606004cc1d0020754fa0f12fcc34c54fc211a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6042959271745689&output=html&h=280&slotname=4357633241&adk=1968422212&adf=4230176469&pi=t.ma~as.4357633241&w=1200&fwrn=4&fwrnh=100&lmt=1589124936&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fshawty.xzy.pw%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622710716753&bpp=12&bdt=1006&idt=102&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=5404602748940&frm=20&pv=2&ga_vid=745116975.1622710716&ga_sid=1622710717&ga_hid=1412809682&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744332&oid=3&pvsid=237113991655160&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UJO4sHOpYb&p=https%3A//shawty.xzy.pw&dtd=182
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shawty.xzy.pw/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shawty.xzy.pw/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 03 Jun 2021 08:58:37 GMT
server
cafe
content-length
24241
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 03-Jun-2021 09:13:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 03 Jun 2021 08:58:37 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6042959271745689&plah=shawty.xzy.pw&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 08:58:37 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1622656037121142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28114
x-xss-protection
0
expires
Thu, 03 Jun 2021 08:58:37 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fshawty.xzy.pw%2F&tn=FOOTER&cls=footer%20footer-desktop&ign=false
Requested by
Host: shawty.xzy.pw
URL: https://shawty.xzy.pw/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 08:58:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fshawty.xzy.pw%2F&tn=NAV&cls=navbar%20is-fixed-top&ign=false
Requested by
Host: shawty.xzy.pw
URL: https://shawty.xzy.pw/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 08:58:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame F80A 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6042959271745689&output=html&adk=1812271804&adf=3025194257&lmt=1589124936&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fshawty.xzy.pw%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622710716778&bpp=2&bdt=1031&idt=175&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=5404602748940&frm=20&pv=1&ga_vid=745116975.1622710716&ga_sid=1622710717&ga_hid=1412809682&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744332&oid=3&pvsid=237113991655160&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=199
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6042959271745689&plah=shawty.xzy.pw&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6042959271745689&output=html&adk=1812271804&adf=3025194257&lmt=1589124936&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fshawty.xzy.pw%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622710716778&bpp=2&bdt=1031&idt=175&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=5404602748940&frm=20&pv=1&ga_vid=745116975.1622710716&ga_sid=1622710717&ga_hid=1412809682&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744332&oid=3&pvsid=237113991655160&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=199
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shawty.xzy.pw/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shawty.xzy.pw/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 03 Jun 2021 08:58:37 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 03-Jun-2021 09:13:36 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 03 Jun 2021 08:58:37 GMT
cache-control
private
css
fonts.googleapis.com/ Frame 3410 		6 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6042959271745689&output=html&h=280&slotname=4357633241&adk=1968422212&adf=4230176469&pi=t.ma~as.4357633241&w=1200&fwrn=4&fwrnh=100&lmt=1589124936&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fshawty.xzy.pw%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622710716753&bpp=12&bdt=1006&idt=102&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=5404602748940&frm=20&pv=2&ga_vid=745116975.1622710716&ga_sid=1622710717&ga_hid=1412809682&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744332&oid=3&pvsid=237113991655160&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UJO4sHOpYb&p=https%3A//shawty.xzy.pw&dtd=182
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Jun 2021 08:57:40 GMT
server
ESF
date
Thu, 03 Jun 2021 08:58:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Jun 2021 08:58:37 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame 3410 		1 KB
992 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6042959271745689&output=html&h=280&slotname=4357633241&adk=1968422212&adf=4230176469&pi=t.ma~as.4357633241&w=1200&fwrn=4&fwrnh=100&lmt=1589124936&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fshawty.xzy.pw%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622710716753&bpp=12&bdt=1006&idt=102&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=5404602748940&frm=20&pv=2&ga_vid=745116975.1622710716&ga_sid=1622710717&ga_hid=1412809682&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744332&oid=3&pvsid=237113991655160&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UJO4sHOpYb&p=https%3A//shawty.xzy.pw&dtd=182
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 08:45:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
761
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Jun 2021 08:45:56 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/ Frame 3410 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6042959271745689&output=html&h=280&slotname=4357633241&adk=1968422212&adf=4230176469&pi=t.ma~as.4357633241&w=1200&fwrn=4&fwrnh=100&lmt=1589124936&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fshawty.xzy.pw%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622710716753&bpp=12&bdt=1006&idt=102&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=5404602748940&frm=20&pv=2&ga_vid=745116975.1622710716&ga_sid=1622710717&ga_hid=1412809682&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744332&oid=3&pvsid=237113991655160&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UJO4sHOpYb&p=https%3A//shawty.xzy.pw&dtd=182
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57a32821aa342bff22571bea1158676b4665fc8de5cb468a043be716e40edee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 08:51:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
427
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7025
x-xss-protection
0
server
cafe
etag
13581262519725736155
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Jun 2021 08:51:30 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/5978631994133213947/ Frame 3410 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5978631994133213947/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6042959271745689&output=html&h=280&slotname=4357633241&adk=1968422212&adf=4230176469&pi=t.ma~as.4357633241&w=1200&fwrn=4&fwrnh=100&lmt=1589124936&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fshawty.xzy.pw%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622710716753&bpp=12&bdt=1006&idt=102&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=5404602748940&frm=20&pv=2&ga_vid=745116975.1622710716&ga_sid=1622710717&ga_hid=1412809682&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744332&oid=3&pvsid=237113991655160&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UJO4sHOpYb&p=https%3A//shawty.xzy.pw&dtd=182
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ec11a72141109e2ef795f7bb42632cf3e0c7d8e24d28be2f68f50db9b375be5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 06:35:33 GMT
x-content-type-options
nosniff
age
181384
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15452
x-xss-protection
0
last-modified
Fri, 21 Aug 2020 10:30:02 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jun 2022 06:35:33 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/12739471435488419854/ Frame 3410 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12739471435488419854/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6042959271745689&output=html&h=280&slotname=4357633241&adk=1968422212&adf=4230176469&pi=t.ma~as.4357633241&w=1200&fwrn=4&fwrnh=100&lmt=1589124936&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fshawty.xzy.pw%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622710716753&bpp=12&bdt=1006&idt=102&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=5404602748940&frm=20&pv=2&ga_vid=745116975.1622710716&ga_sid=1622710717&ga_hid=1412809682&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744332&oid=3&pvsid=237113991655160&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UJO4sHOpYb&p=https%3A//shawty.xzy.pw&dtd=182
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f2db3abf5ec48d300f29193815d39a98404944bb91420a69f29bed52645a0e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 23:08:57 GMT
x-content-type-options
nosniff
age
208180
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4382
x-xss-protection
0
last-modified
Mon, 24 Aug 2020 10:15:02 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 May 2022 23:08:57 GMT
truncated
/ Frame 3410 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame 3410 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6042959271745689&output=html&h=280&slotname=4357633241&adk=1968422212&adf=4230176469&pi=t.ma~as.4357633241&w=1200&fwrn=4&fwrnh=100&lmt=1589124936&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fshawty.xzy.pw%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622710716753&bpp=12&bdt=1006&idt=102&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=5404602748940&frm=20&pv=2&ga_vid=745116975.1622710716&ga_sid=1622710717&ga_hid=1412809682&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744332&oid=3&pvsid=237113991655160&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UJO4sHOpYb&p=https%3A//shawty.xzy.pw&dtd=182
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 08:57:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Jun 2021 08:57:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3410 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6042959271745689&output=html&h=280&slotname=4357633241&adk=1968422212&adf=4230176469&pi=t.ma~as.4357633241&w=1200&fwrn=4&fwrnh=100&lmt=1589124936&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fshawty.xzy.pw%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622710716753&bpp=12&bdt=1006&idt=102&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=5404602748940&frm=20&pv=2&ga_vid=745116975.1622710716&ga_sid=1622710717&ga_hid=1412809682&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744332&oid=3&pvsid=237113991655160&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UJO4sHOpYb&p=https%3A//shawty.xzy.pw&dtd=182
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 08:58:37 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1622656031336809"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37735
x-xss-protection
0
expires
Thu, 03 Jun 2021 08:58:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame 3410 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6042959271745689&output=html&h=280&slotname=4357633241&adk=1968422212&adf=4230176469&pi=t.ma~as.4357633241&w=1200&fwrn=4&fwrnh=100&lmt=1589124936&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fshawty.xzy.pw%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622710716753&bpp=12&bdt=1006&idt=102&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=5404602748940&frm=20&pv=2&ga_vid=745116975.1622710716&ga_sid=1622710717&ga_hid=1412809682&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744332&oid=3&pvsid=237113991655160&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UJO4sHOpYb&p=https%3A//shawty.xzy.pw&dtd=182
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 08:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1319581658596578636
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Jun 2021 08:58:22 GMT
3b821d177d35ff0343c5a517c12ac1c9.js
www.gstatic.com/mysidia/ Frame 3410 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3b821d177d35ff0343c5a517c12ac1c9.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6042959271745689&output=html&h=280&slotname=4357633241&adk=1968422212&adf=4230176469&pi=t.ma~as.4357633241&w=1200&fwrn=4&fwrnh=100&lmt=1589124936&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fshawty.xzy.pw%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622710716753&bpp=12&bdt=1006&idt=102&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=5404602748940&frm=20&pv=2&ga_vid=745116975.1622710716&ga_sid=1622710717&ga_hid=1412809682&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744332&oid=3&pvsid=237113991655160&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UJO4sHOpYb&p=https%3A//shawty.xzy.pw&dtd=182
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d7bc2e5c2959435469986ff3eb98d158edf428ed8eeccb0e8ffe31d3336c9ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 21:40:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
213474
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10549
x-xss-protection
0
last-modified
Thu, 27 May 2021 01:51:11 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 29 Aug 2021 21:40:43 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 3410 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CH0JevZm4YJICvcnV8A_I-rDoDP3jo8JfgcaIge0LjIuFngsQASDL1YMbYJUCoAHM5eL0A8gBCakCiZpwXY96tD6oAwHIA8sEqgSwAU_QTZDIqCudagfRKpIX1SubLfjqS98nVl5xSAp-EjrHUfF8-71HXdTuObCGYnA7ruwETaso8KwIuGxlh5Vrn65_3NslMeiCMIIyfM5Fok8g-ZV0mgJ9MfKG_iUxP2z4BUCfCDUPm6xwLuaGTGIlgRqGzF2RzsQUUCRGWXRxPo0E6XM9Q_xKDnKPHcUFVBhk4JP0h8q304XCe7YFRHJ4NZebIZK3EX8jB-yXmqdTh-umwASo2vyn2QGSBQQIBBgBkgUECAUYBKAGLoAHnJqdC6gHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCB-gLSCAkIgOGAEBABGB-ACgHICwHYEw2IFAbQFQGAFwGyFxoKGAgAEhRwdWItNjA0Mjk1OTI3MTc0NTY4OQ&sigh=zfbVyZ0CSSM&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6042959271745689&output=html&h=280&slotname=4357633241&adk=1968422212&adf=4230176469&pi=t.ma~as.4357633241&w=1200&fwrn=4&fwrnh=100&lmt=1589124936&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fshawty.xzy.pw%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622710716753&bpp=12&bdt=1006&idt=102&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=5404602748940&frm=20&pv=2&ga_vid=745116975.1622710716&ga_sid=1622710717&ga_hid=1412809682&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744332&oid=3&pvsid=237113991655160&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UJO4sHOpYb&p=https%3A//shawty.xzy.pw&dtd=182
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6042959271745689&output=html&h=280&slotname=4357633241&adk=1968422212&adf=4230176469&pi=t.ma~as.4357633241&w=1200&fwrn=4&fwrnh=100&lmt=1589124936&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fshawty.xzy.pw%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622710716753&bpp=12&bdt=1006&idt=102&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=5404602748940&frm=20&pv=2&ga_vid=745116975.1622710716&ga_sid=1622710717&ga_hid=1412809682&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744332&oid=3&pvsid=237113991655160&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UJO4sHOpYb&p=https%3A//shawty.xzy.pw&dtd=182
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 03 Jun 2021 08:58:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 03 Jun 2021 08:58:37 GMT
truncated
/ Frame 3410 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b68e26f7521ef0c29a32793544d88ec103086987d47d9b3c058f3625e90e4dfe

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 3410 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 04:57:07 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
187290
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
expires
Wed, 01 Jun 2022 04:57:07 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 3410 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 22:49:47 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
122930
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Wed, 01 Jun 2022 22:49:47 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210525&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6042959271745689&plah=shawty.xzy.pw&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f2b096771e76c64ba9c0a2ff2193b308be71844a0d576f0c7f70e56d40fdcae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 08:58:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7619
x-xss-protection
0
6vmH6gRf2UqLiW2PAyrCu1HDtbEhJxjO0f7Ukk3E6CA.js
pagead2.googlesyndication.com/bg/ Frame CFD3 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6vmH6gRf2UqLiW2PAyrCu1HDtbEhJxjO0f7Ukk3E6CA.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6042959271745689&output=html&h=280&slotname=4357633241&adk=1968422212&adf=4230176469&pi=t.ma~as.4357633241&w=1200&fwrn=4&fwrnh=100&lmt=1589124936&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fshawty.xzy.pw%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622710716753&bpp=12&bdt=1006&idt=102&shv=r20210525&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=5404602748940&frm=20&pv=2&ga_vid=745116975.1622710716&ga_sid=1622710717&ga_hid=1412809682&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=899&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44744332&oid=3&pvsid=237113991655160&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=UJO4sHOpYb&p=https%3A//shawty.xzy.pw&dtd=182
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eaf987ea045fd94a8b896d8f032ac2bb51c3b5b1212718ced1fed4924dc4e820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 07:13:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
6314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5787
x-xss-protection
0
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Jun 2022 07:13:23 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210525/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6042959271745689&plah=shawty.xzy.pw&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 08:58:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 03 Jun 2021 08:58:38 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame C1F7 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shawty.xzy.pw/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shawty.xzy.pw/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 03 Jun 2021 07:16:34 GMT
expires
Fri, 03 Jun 2022 07:16:34 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
6124
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 7AF2 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bd3bc98d655f4208cb7a8650cefdad70ba8212496a2e85d7587cc912dc161612
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-u7rwiF65jPQjk2mtx5fldA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://shawty.xzy.pw/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shawty.xzy.pw/

Response headers

expires
Thu, 03 Jun 2021 08:58:38 GMT
date
Thu, 03 Jun 2021 08:58:38 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-u7rwiF65jPQjk2mtx5fldA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
6vmH6gRf2UqLiW2PAyrCu1HDtbEhJxjO0f7Ukk3E6CA.js
pagead2.googlesyndication.com/bg/ Frame C1F7 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6vmH6gRf2UqLiW2PAyrCu1HDtbEhJxjO0f7Ukk3E6CA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eaf987ea045fd94a8b896d8f032ac2bb51c3b5b1212718ced1fed4924dc4e820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 07:13:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
6315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5787
x-xss-protection
0
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Jun 2022 07:13:23 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210525&jk=237113991655160&bg=!xMelx4PNAAaMan2LjGo7ACkAdvg8WkCQSf_ktaozpxZMpOp0yWVXec1MYnSoUOeXEKePtAmJ6oFEiAIAAAEiUgAAABZoAQcKAGm_MwVn17LGXBPfKzMHwodJKyX1VsAAeSRSWEh9M7nBRRryMhoZ6dVyEu72mgvRcTRuBB-uKxqG4ws57FyqQ_O1Yhj6suOJqlbkBYEJVSp_sYv2Vbjo8WKPXVQKeQbbAmxm35YPFHQCVSSZAjRjB8jgDrZKxCJOfTC0j65gFWYdnST08RsD_xh8X-kvky1pt7wV3-MNFUzS9BQstSkTfo2D0pBi646kAehhtmdt-tI2GMNyDFB3OriaJymKNdtQX76o1DwNtnDAdA0ddipmbCHI1aEwZVCdW1YHINOh1S890gI3Mh-ikLUeNVh2Ss6MgvBjhmXBuopTYGcPx71tskR4duqXn30bMLzECvJvW8dGmZJhc-KyquzCkXYmmws7n0ynCFRuFhyB4cd6NAuMmC_vRqGAb-F0d09M6ZoyIeEu77eC4yKBMZO7KT9t0vCzImMPxtp_7FstObP-3jNSW5JL4-I7eeefRma67kpFDCzUAH6OunLXdH_ZD9cZCSAgeP6xzinpYUJ7eqlirEsV-J2cVzZIJAGDCsAN9rNag6ebnMVEJV0QKhViyigABdHqyGEcZNqwWnA2ESpC5bcX6XuhtNoAVFBJ88et0WDwNv9QAlbSWlaVNBPAiR1t-0j-Pzh38wMV27UPqxWoYqi6jP085cApxpm4L3qoFfpD2_PCrk6T8EzTsdFB_n207StKHLDtK_HVZi6iutVCXpfKv3FOy94_zfr9HE18DzWUyy0uvYmMcRL7t86UD2_LdbOriu7fzHs7c9e9qaoGQond6Fyf6b3LW-n4vENUC0_aNlmR_-I35VR4aJcmTa_TRMNp8R4FgUjolWhm8uJxORbwR2-p7XH9o8PPtrYsitwRUstc5tVzIkfmcVoTmYXOpcl4V8c
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shawty.xzy.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 08:58:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3410 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsty3Vo885HyDif8QZ46G_i85DYMj1gQYo5xQylLtlP_2490tUtjcYUVRx56p6NemLceNgzsDWzkPHCd2D3nZ2SXIH78H-X7LtjdEvxC6I_IbNO4Rvf9A8ue9tgntg&sai=AMfl-YTN7VS3LFZ5mDasQRgYwKkkToxtjoJxPzXX-YE84MnVov8WZIL8BIKFYZXlQgGfFHcdD7Q2s2HvTwxS&sig=Cg0ArKJSzBYxnJ7MLYQjEAE&id=lidar2&mcvt=1000&p=899,200,1179,1400&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210602&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1968422212&rs=2&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622710716947&dlt=604&rpt=144&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 08:58:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| webpackJsonp object| FontAwesomeConfig object| ___FONT_AWESOME___ object| dataLayer function| gtag object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_persistent_state_async string| google_user_agent_client_hint function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| google_image_requests function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
console-api error URL: https://shawty.xzy.pw/js/chunk-vendors.081e47a5.js(Line 7)
Message:
TypeError: Cannot read property 'https://shawty.xzy.pw/roles' of undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4c.vc
adservice.google.com
adservice.google.de
api.4c.vc
f.easyuploader.app
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
shawty.xzy.pw
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.185.130
151.101.65.195
2606:4700:3035::6815:1d5
2606:4700:3035::ac43:9858
2606:4700:3038::6815:e97c
2a00:1450:4001:809::2001
2a00:1450:4001:809::2003
2a00:1450:4001:809::2004
2a00:1450:4001:810::2002
2a00:1450:4001:810::2008
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
0c047563123ca85c0ef76d6e47353b07a07e1b0cae8c8727e7e9f356a599e862
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
38a6bb4740417ae8eaf76710ca3606004cc1d0020754fa0f12fcc34c54fc211a
3f2db3abf5ec48d300f29193815d39a98404944bb91420a69f29bed52645a0e4
43ebafa2e7496b872bb88a560f7842c09d99bb3bc9ecb9f72a2d9351d0684bca
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4d7bc2e5c2959435469986ff3eb98d158edf428ed8eeccb0e8ffe31d3336c9ac
4ec11a72141109e2ef795f7bb42632cf3e0c7d8e24d28be2f68f50db9b375be5
53c1737bf97ae4d686956bf2c7caff015329c9aa554ed0ebfc24893dfbe2fddf
57a32821aa342bff22571bea1158676b4665fc8de5cb468a043be716e40edee6
5e0499e2b7430d8dd62db485cff4634b648935bdde262c0c5eb05c9353c221eb
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
65401c015dcaade8073ca6e4636f2589fab5a2a24403c9efce7ffbcc58fc5356
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7c3048ee540330c5d49fadbdd4d5a466f26083b4ceeab7eea08f76fb00860592
7f2b096771e76c64ba9c0a2ff2193b308be71844a0d576f0c7f70e56d40fdcae
85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965
93ef018f7c42a74e6a4a685290592ea2f1af6a8ef4d535128d3eb560534396d5
a2a45262a6f9a5211954ac007001122559b8f02366f048c458b277a6d0313a3f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b68e26f7521ef0c29a32793544d88ec103086987d47d9b3c058f3625e90e4dfe
bd3bc98d655f4208cb7a8650cefdad70ba8212496a2e85d7587cc912dc161612
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
cc22083dbba2aa9aa8fc98c0f0056ca675cc1a549da3382da08a53ca75f3c599
dd233c705ebb6129045b560c19e9bf225d7463f4c96236e2adbc162d4e53fec1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e84909d7fba7798e68cbb865e5a577137b5d979e7527eb80ebf4aae1707496eb
ea1ad458bcbfdcdaedb700100aabcf37a1027dffbd12ad6049d2eea2b6dc39ed
eaf987ea045fd94a8b896d8f032ac2bb51c3b5b1212718ced1fed4924dc4e820
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1725a39aef202c0e6e7b601d7c294821ee5329d4a34120a012a7bc29a475828
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549