gitus.net Open in urlscan Pro
78.135.87.2  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response gitus.net/watch/	110 KB 36 KB	736ms 396ms	Document text/html	78.135.87.2 MARKAHOST-TELEKOM...
General Check archive.org Show headers Download Go to Full URL https://gitus.net/watch/?=Link-Leaked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 78.135.87.2 , Turkey, ASN207279 (MARKAHOST-TELEKOMUNIKASYON-LIMITED-SIRKETI MARKAHOST, TR), Reverse DNS venus.markahost.com Software / Resource Hash 9a7de868327200c50a3903e8437cdfea7063c1dca3a132580d6696cc8e2b8094 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language he-IL,he;q=0.9 Response headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-type text/html; charset=UTF-8 date Wed, 13 Mar 2024 19:36:47 GMT link <https://gitus.net/wp-json/>; rel="https://api.w.org/" <https://gitus.net/wp-json/wp/v2/pages/34>; rel="alternate"; type="application/json" <https://gitus.net/?p=34>; rel=shortlink vary Accept-Encoding x-ua-compatible IE=edge
GET H2	200	style.min.css gitus.net/wp-includes/css/dist/block-library/	108 KB 13 KB	191ms 186ms	Stylesheet text/css	78.135.87.2 MARKAHOST-TELEKOM...
General Check archive.org Show headers Download Go to Full URL https://gitus.net/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3 Requested by Host: gitus.net URL: https://gitus.net/watch/?=Link-Leaked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 78.135.87.2 , Turkey, ASN207279 (MARKAHOST-TELEKOMUNIKASYON-LIMITED-SIRKETI MARKAHOST, TR), Reverse DNS venus.markahost.com Software / Resource Hash 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180 Request headers accept-language he-IL,he;q=0.9 Referer https://gitus.net/watch/?=Link-Leaked User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 13 Mar 2024 19:32:40 GMT content-encoding br last-modified Wed, 31 Jan 2024 13:24:56 GMT vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 13600 expires Wed, 20 Mar 2024 19:32:40 GMT
GET H2	200	main.min.css gitus.net/wp-content/themes/generatepress/assets/css/	19 KB 4 KB	191ms 189ms	Stylesheet text/css	78.135.87.2 MARKAHOST-TELEKOM...
General Check archive.org Show headers Download Go to Full URL https://gitus.net/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.4.0 Requested by Host: gitus.net URL: https://gitus.net/watch/?=Link-Leaked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 78.135.87.2 , Turkey, ASN207279 (MARKAHOST-TELEKOMUNIKASYON-LIMITED-SIRKETI MARKAHOST, TR), Reverse DNS venus.markahost.com Software / Resource Hash bc3b2c1e618a27e485095a3c0db20da5ba2fbfaf3b872ccd6ca35cb19eb37b5d Request headers accept-language he-IL,he;q=0.9 Referer https://gitus.net/watch/?=Link-Leaked User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 13 Mar 2024 19:32:40 GMT content-encoding br last-modified Tue, 06 Feb 2024 18:24:35 GMT vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 4416 expires Wed, 20 Mar 2024 19:32:40 GMT
GET H2	200	download.png gitus.net/	20 KB 20 KB	210ms 208ms	Image image/png	78.135.87.2 MARKAHOST-TELEKOM...
General Check archive.org Show headers Download Go to Show image Full URL https://gitus.net/download.png Requested by Host: gitus.net URL: https://gitus.net/watch/?=Link-Leaked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 78.135.87.2 , Turkey, ASN207279 (MARKAHOST-TELEKOMUNIKASYON-LIMITED-SIRKETI MARKAHOST, TR), Reverse DNS venus.markahost.com Software / Resource Hash afa9f5dfe64ad5cdb1b32643de4ff779b19702b4e8518257dd7b308a1bbabfe9 Request headers accept-language he-IL,he;q=0.9 Referer https://gitus.net/watch/?=Link-Leaked User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers content-type image/png date Wed, 13 Mar 2024 19:32:40 GMT cache-control public, max-age=604800 last-modified Fri, 10 Mar 2023 20:47:24 GMT accept-ranges bytes content-length 20500 expires Wed, 20 Mar 2024 19:32:40 GMT
GET H2	200	telegram-channel-300x96.webp gitus.net/wp-content/uploads/2023/05/	6 KB 6 KB	223ms 222ms	Image image/webp	78.135.87.2 MARKAHOST-TELEKOM...
General Check archive.org Show headers Download Go to Show image Full URL https://gitus.net/wp-content/uploads/2023/05/telegram-channel-300x96.webp Requested by Host: gitus.net URL: https://gitus.net/watch/?=Link-Leaked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 78.135.87.2 , Turkey, ASN207279 (MARKAHOST-TELEKOMUNIKASYON-LIMITED-SIRKETI MARKAHOST, TR), Reverse DNS venus.markahost.com Software / Resource Hash 246018f0503266eae1b1dfe2a1a3ab030c78a5d52d954eea666ac5dc3546b311 Request headers accept-language he-IL,he;q=0.9 Referer https://gitus.net/watch/?=Link-Leaked User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers content-type image/webp date Wed, 13 Mar 2024 19:32:40 GMT cache-control public, max-age=604800 last-modified Sun, 28 May 2023 09:41:28 GMT accept-ranges bytes content-length 5792 expires Wed, 20 Mar 2024 19:32:40 GMT
GET H2	200	watch.png gitus.net/	8 KB 8 KB	232ms 231ms	Image image/png	78.135.87.2 MARKAHOST-TELEKOM...
General Check archive.org Show headers Download Go to Show image Full URL https://gitus.net/watch.png Requested by Host: gitus.net URL: https://gitus.net/watch/?=Link-Leaked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 78.135.87.2 , Turkey, ASN207279 (MARKAHOST-TELEKOMUNIKASYON-LIMITED-SIRKETI MARKAHOST, TR), Reverse DNS venus.markahost.com Software / Resource Hash c1d8dc2251b0aa54f76a35bea77de389198d272f7938e92d10d9755ee70b6ca5 Request headers accept-language he-IL,he;q=0.9 Referer https://gitus.net/watch/?=Link-Leaked User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers content-type image/png date Wed, 13 Mar 2024 19:32:40 GMT cache-control public, max-age=604800 last-modified Tue, 28 Mar 2023 07:31:20 GMT accept-ranges bytes content-length 8094 expires Wed, 20 Mar 2024 19:32:40 GMT
GET H2	200	menu.min.js Show response gitus.net/wp-content/themes/generatepress/assets/js/	7 KB 2 KB	233ms 233ms	Script application/javascript	78.135.87.2 MARKAHOST-TELEKOM...
General Check archive.org Show headers Download Go to Full URL https://gitus.net/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.4.0 Requested by Host: gitus.net URL: https://gitus.net/watch/?=Link-Leaked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 78.135.87.2 , Turkey, ASN207279 (MARKAHOST-TELEKOMUNIKASYON-LIMITED-SIRKETI MARKAHOST, TR), Reverse DNS venus.markahost.com Software / Resource Hash 395121e5b9981325951ef88bec68d065d23087b16a70d4459109e1dd84a10936 Request headers accept-language he-IL,he;q=0.9 Referer https://gitus.net/watch/?=Link-Leaked User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 13 Mar 2024 19:32:40 GMT content-encoding br last-modified Tue, 06 Feb 2024 18:24:35 GMT vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 1546 expires Wed, 20 Mar 2024 19:32:40 GMT
GET BLOB	200 OK	5cbd37be-2841-4789-84cf-4f18c4565d17 https://gitus.net/	1 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://gitus.net/5cbd37be-2841-4789-84cf-4f18c4565d17 Requested by Host: gitus.net URL: https://gitus.net/watch/?=Link-Leaked Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22 Request headers accept-language he-IL,he;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Content-Length 1245 Content-Type text/javascript
GET H/1.1	403 Forbidden	invoke.js continentalfinishdislike.com/0628c4627ca50d7aec78b63c9d6947bc/	0 0	602ms 200ms	Script application/javascript	172.240.253.132 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://continentalfinishdislike.com/0628c4627ca50d7aec78b63c9d6947bc/invoke.js Requested by Host: gitus.net URL: https://gitus.net/watch/?=Link-Leaked Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 172.240.253.132 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx/1.21.6 / Resource Hash Request headers Referer https://gitus.net/ accept-language he-IL,he;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Wed, 13 Mar 2024 19:36:48 GMT Server nginx/1.21.6 Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Content-Type application/javascript Connection keep-alive Content-Length 0
GET H/1.1	403 Forbidden	invoke.js continentalfinishdislike.com/b11545e588bb39ae3149b6e82aed3eb2/	0 0	200ms 199ms	Script application/javascript	172.240.253.132 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://continentalfinishdislike.com/b11545e588bb39ae3149b6e82aed3eb2/invoke.js Requested by Host: gitus.net URL: https://gitus.net/watch/?=Link-Leaked Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 172.240.253.132 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx/1.21.6 / Resource Hash Request headers Referer https://gitus.net/ accept-language he-IL,he;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Wed, 13 Mar 2024 19:36:48 GMT Server nginx/1.21.6 Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Content-Type application/javascript Connection keep-alive Content-Length 0
GET H/1.1	403 Forbidden	invoke.js continentalfinishdislike.com/871902a25f4f75ff642515ce6baf163b/	0 0	197ms 196ms	Script application/javascript	172.240.253.132 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://continentalfinishdislike.com/871902a25f4f75ff642515ce6baf163b/invoke.js Requested by Host: gitus.net URL: https://gitus.net/watch/?=Link-Leaked Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 172.240.253.132 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx/1.21.6 / Resource Hash Request headers Referer https://gitus.net/ accept-language he-IL,he;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Wed, 13 Mar 2024 19:36:48 GMT Server nginx/1.21.6 Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Content-Type application/javascript Connection keep-alive Content-Length 0
GET H2	200	tag.min.js Show response arvigorothan.com/	77 KB 27 KB	390ms 135ms	Script text/javascript	104.21.30.34 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://arvigorothan.com/tag.min.js Requested by Host: gitus.net URL: https://gitus.net/watch/?=Link-Leaked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.30.34 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 17bb7c3d674f2306420fc23f2f68773fb5f04e7fd976fac7f41bcb2390adc3fa Request headers accept-language he-IL,he;q=0.9 Referer https://gitus.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 13 Mar 2024 19:36:48 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 80013 alt-svc h3=":443"; ma=86400 x-trace-id 45f1611fc1cd24c9b713a4d0ad788d81 pragma no-cache last-modified Tue, 12 Mar 2024 17:51:09 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 server cloudflare access-control-max-age 86400 access-control-allow-methods GET, POST, OPTIONS content-type text/javascript; charset=utf-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XQ7FQVJPLb9SegSzmIFnZr%2Fg212Jr2ZpOW6cBG1oWlH1o5T%2BLvoM5UrH3eHyj8KHGmyS%2Bp22C7f6QcVBfKt00RW6WVmj9lucc1XTUSLuQbdvFG%2BRwf4NptZr%2FVWwfdh%2B2q0o"}],"group":"cf-nel","max_age":604800} cache-control max-age=86400 access-control-allow-credentials true vary Accept-Encoding timing-allow-origin * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace cf-ray 863e799948a14bed-MXP expires Wed, 13 Mar 2024 21:23:10 GMT
GET H2	200	js15_as.js Show response s10.histats.com/	11 KB 5 KB	433ms 156ms	Script text/javascript	104.20.67.115 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/js15_as.js Requested by Host: gitus.net URL: https://gitus.net/watch/?=Link-Leaked Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.67.115 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Request headers accept-language he-IL,he;q=0.9 Referer https://gitus.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 13 Mar 2024 19:36:48 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 16 Apr 2020 10:44:16 GMT server cloudflare age 84174 etag "-375139978" vary Accept-Encoding content-type text/javascript cache-control max-age=28800 accept-ranges bytes cf-ray 863e79997dc7bac1-MXP content-length 4547
GET H3	200	wp-emoji-release.min.js Show response gitus.net/wp-includes/js/	18 KB 5 KB	157ms 156ms	Script application/javascript	78.135.87.2 MARKAHOST-TELEKOM...
General Check archive.org Show headers Download Go to Full URL https://gitus.net/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3 Requested by Host: gitus.net URL: https://gitus.net/watch/?=Link-Leaked Protocol H3 Security QUIC, , AES_128_GCM Server 78.135.87.2 , Turkey, ASN207279 (MARKAHOST-TELEKOMUNIKASYON-LIMITED-SIRKETI MARKAHOST, TR), Reverse DNS venus.markahost.com Software / Resource Hash 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230 Request headers accept-language he-IL,he;q=0.9 Referer https://gitus.net/watch/?=Link-Leaked User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 13 Mar 2024 19:36:48 GMT content-encoding br last-modified Thu, 30 Mar 2023 01:53:49 GMT vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 4651 expires Wed, 20 Mar 2024 19:36:48 GMT
GET H/1.1	200 OK	0.php Show response s4.histats.com/stats/	52 B 186 B	627ms 205ms	Script text/html	149.56.240.131 OVH
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/0.php?4740775&@f16&@g1&@h1&@i1&@j1710358608958&@k0&@l1&@mClick%20to%20Access%20the%20Link&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-137815094&@b3:1710358609&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fgitus.net%2Fwatch%2F%3F%3DLink-Leaked&@w Requested by Host: s10.histats.com URL: https://s10.histats.com/js15_as.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 149.56.240.131 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns534299.ip-149-56-240.net Software / Resource Hash cfe10f0a80094b2f1f1cee2d211c2dd175b855c962dc9b7cc06ec91e34ecd0d9 Request headers accept-language he-IL,he;q=0.9 Referer https://gitus.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Wed, 13 Mar 2024 19:36:49 GMT Connection close Content-Length 52 Content-Type text/html;charset=UTF-8
GET H2	200	/ Show response ungothoritator.com/5/5732868/	148 B 1 KB	382ms 123ms	XHR application/json	139.45.197.244 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ungothoritator.com/5/5732868/?oo=1&js_build=iclick-v1.726.1-auto&is_mobile=false Requested by Host: arvigorothan.com URL: https://arvigorothan.com/tag.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 9d266b36355bce7797fb68f7b42719270be99efeabd451fd5124459ec4cd57da Request headers accept-language he-IL,he;q=0.9 Referer https://gitus.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 13 Mar 2024 19:36:49 GMT content-length 148 x-trace-id 413cfc858a4c5e2e4886ddbbbc0ff5ae pragma no-cache, no-cache server nginx accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 access-control-max-age 86400 access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://gitus.net cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * link <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch" access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace expires Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	gid.js Show response my.rtmark.net/	65 B 539 B	395ms 136ms	XHR application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js Requested by Host: arvigorothan.com URL: https://arvigorothan.com/tag.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash b9717952b0f392c6e467671c5fe06d447499aef96a3a755c127e0f987a9f9b7b Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language he-IL,he;q=0.9 Referer https://gitus.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 13 Mar 2024 19:36:49 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://gitus.net access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H2	200	/ Show response ungothoritator.com/5/5732868/	3 KB 2 KB	124ms 124ms	XHR application/json	139.45.197.244 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ungothoritator.com/5/5732868/?abt_opts=1&oo=1&js_build=iclick-v1.726.1-auto&is_mobile=false&userId=5a7f4006a0074149aebe2ab6aafeb9d2&is_mobile=false Requested by Host: arvigorothan.com URL: https://arvigorothan.com/tag.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 654ff5fc545f5a91087c5317823912af7159eda18ff080399d50ced632d6be53 Request headers accept-language he-IL,he;q=0.9 Referer https://gitus.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 13 Mar 2024 19:36:49 GMT content-encoding gzip x-trace-id 8bc53c9a8d705ddc6fb9dd445d74e21d pragma no-cache, no-cache server nginx accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 access-control-max-age 86400 access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://gitus.net cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * link <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch" access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace expires Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	/ Show response ungothoritator.com/	3 KB 3 KB	129ms 129ms	Fetch application/json	139.45.197.244 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ungothoritator.com/?rb=gh_9zaPGP4hC4Y4F_SLAkoA64kgLHfn0Ylm6LFQkR2GEqfUaUor7HymSf5BKjxTP2uaARxwi0zubSybyOiDfh4HHeFofGbVPUUdYzkwBWoesUnz3nhDwGXL3YU6ZUcHW8FS_bbtbS41vTQH-sFu1wphpCix2wJdAV07LYTDdxrFSnAqGu0qR2SMJx90Z37kyOfpWmTzm1e0AHXV5DFzMpt7rGbZ2M85jVX0zKWRQWYZkv35BTmcYSLGBTZzG-VTM3vfT5aOUCU2Caad2UMfmqEpRcwPv9L2NnqHAv0jEiB3D4otjwgffO2ScIiGa_uHc&request_ab2=400701&zoneid=5732868&js_build=iclick-v1.726.1-auto&jsp=1&fs=0&cf=0&sw=1600&sh=1200&wih=1200&wiw=1600&ww=1600&wh=1200&sah=1200&wx=0&wy=0&cw=1600&wfc=0&pl=https%3A%2F%2Fgitus.net%2Fwatch%2F%3F%3DLink-Leaked&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=Asia%2FJerusalem&bto=-120&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.726.1-auto&navlng=en-US&pnt=0&pnrc=0&bs=09e7c813-4a7d-4b34-9dc0-38eec88e7017&userId=5a7f4006a0074149aebe2ab6aafeb9d2&is_mobile=false&m=link Requested by Host: arvigorothan.com URL: https://arvigorothan.com/tag.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 6739faa66a72bd24ca571832bba780011f2e66f722f68dc2c3228b4fa523790c Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language he-IL,he;q=0.9 Referer https://gitus.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 13 Mar 2024 19:36:50 GMT strict-transport-security max-age=1 x-content-type-options nosniff content-encoding gzip x-trace-id 83bbdfc690cd04e7bb05db4ba80657c8 pragma no-cache server nginx accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64 access-control-max-age 86400 access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://gitus.net cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace expires Tue, 11 Jan 1994 10:00:00 GMT

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings object| atOptions object| _Hasync object| generatepressMenu function| b2a function| a2b boolean| ai_cookie_js string| ai_block_class_def boolean| ai_insertion_js object| Arrive object| ai_rotation_triggers boolean| ai_lists object| host_regexp function| z function| B function| D function| X function| fa function| ha function| Q function| Y function| Z function| ea function| ma function| m function| da function| ia function| b64e function| b64d object| ai_front undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element function| MobileDetect function| ai_process_lists boolean| ai_js_code object| twemoji object| wp function| chfh function| chfh2 string| _HST_cntval object| Histats object| zfgstorage object| qrxma8nvnh object| zfgformats function| onClickTrigger boolean| zfgloadedpopup object| syncCallbacks object| _HistatsCounterGraphics_0_setValues boolean| zfgonclickfirst function| arrive function| unbindArrive function| leave function| unbindLeave

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			gitus.net/	1970-01-21 03:51:34	Name: HstCfa4740775 Value: 1710358608958
			gitus.net/	1970-01-21 03:51:34	Name: HstCla4740775 Value: 1710358608958
			gitus.net/	1970-01-21 03:51:34	Name: HstCmu4740775 Value: 1710358608958
			gitus.net/	1970-01-21 03:51:34	Name: HstPn4740775 Value: 1
			gitus.net/	1970-01-21 03:51:34	Name: HstPt4740775 Value: 1
			gitus.net/	1970-01-21 03:51:34	Name: HstCnv4740775 Value: 1
			gitus.net/	1970-01-21 03:51:34	Name: HstCns4740775 Value: 1
			my.rtmark.net/	1970-01-21 03:51:34	Name: ID Value: 5a7f4006a0074149aebe2ab6aafeb9d2
			ungothoritator.com/	1970-01-21 03:51:34	Name: OAID Value: 5a7f4006a0074149aebe2ab6aafeb9d2
			ungothoritator.com/	1970-01-20 19:16:03	Name: syncedCookie Value: true
			gitus.net/	1970-01-20 19:05:58	Name: prefetchAd_5732868 Value: true
			ungothoritator.com/	1970-01-21 03:51:34	Name: oaidts Value: 1710358610

23 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://gitus.net/watch/?=Link-Leaked(Line 101) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://continentalfinishdislike.com/0628c4627ca50d7aec78b63c9d6947bc/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://gitus.net/watch/?=Link-Leaked(Line 101) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://continentalfinishdislike.com/0628c4627ca50d7aec78b63c9d6947bc/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://continentalfinishdislike.com/0628c4627ca50d7aec78b63c9d6947bc/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://gitus.net/watch/?=Link-Leaked(Line 120) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://continentalfinishdislike.com/b11545e588bb39ae3149b6e82aed3eb2/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://gitus.net/watch/?=Link-Leaked(Line 120) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://continentalfinishdislike.com/b11545e588bb39ae3149b6e82aed3eb2/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://continentalfinishdislike.com/b11545e588bb39ae3149b6e82aed3eb2/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://gitus.net/watch/?=Link-Leaked(Line 137) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://continentalfinishdislike.com/871902a25f4f75ff642515ce6baf163b/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://gitus.net/watch/?=Link-Leaked(Line 137) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://continentalfinishdislike.com/871902a25f4f75ff642515ce6baf163b/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://continentalfinishdislike.com/871902a25f4f75ff642515ce6baf163b/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	warning	URL: https://gitus.net/watch/?=Link-Leaked Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gitus.net/watch/?=Link-Leaked Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gitus.net/watch/?=Link-Leaked Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gitus.net/watch/?=Link-Leaked Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gitus.net/watch/?=Link-Leaked Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gitus.net/watch/?=Link-Leaked Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gitus.net/watch/?=Link-Leaked Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gitus.net/watch/?=Link-Leaked Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gitus.net/watch/?=Link-Leaked Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gitus.net/watch/?=Link-Leaked Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gitus.net/watch/?=Link-Leaked Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gitus.net/watch/?=Link-Leaked Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gitus.net/watch/?=Link-Leaked Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gitus.net/watch/?=Link-Leaked Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

arvigorothan.com
continentalfinishdislike.com
gitus.net
my.rtmark.net
s10.histats.com
s4.histats.com
ungothoritator.com
104.20.67.115
104.21.30.34
139.45.195.8
139.45.197.244
149.56.240.131
172.240.253.132
78.135.87.2
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
17bb7c3d674f2306420fc23f2f68773fb5f04e7fd976fac7f41bcb2390adc3fa
246018f0503266eae1b1dfe2a1a3ab030c78a5d52d954eea666ac5dc3546b311
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
395121e5b9981325951ef88bec68d065d23087b16a70d4459109e1dd84a10936
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
654ff5fc545f5a91087c5317823912af7159eda18ff080399d50ced632d6be53
6739faa66a72bd24ca571832bba780011f2e66f722f68dc2c3228b4fa523790c
9a7de868327200c50a3903e8437cdfea7063c1dca3a132580d6696cc8e2b8094
9d266b36355bce7797fb68f7b42719270be99efeabd451fd5124459ec4cd57da
afa9f5dfe64ad5cdb1b32643de4ff779b19702b4e8518257dd7b308a1bbabfe9
b9717952b0f392c6e467671c5fe06d447499aef96a3a755c127e0f987a9f9b7b
bc3b2c1e618a27e485095a3c0db20da5ba2fbfaf3b872ccd6ca35cb19eb37b5d
c1d8dc2251b0aa54f76a35bea77de389198d272f7938e92d10d9755ee70b6ca5
cfe10f0a80094b2f1f1cee2d211c2dd175b855c962dc9b7cc06ec91e34ecd0d9