tomsguideax.pages.dev Open in urlscan Pro
172.66.44.84 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tomsguideax.pages.dev/posts/netflix-and-the-cw-just-canceled-three-shows-and-people-are-upset/
Submission Tags: @ecarlesi possiblethreat phishing netflix Search All
Submission: On January 05 via api (January 5th 2024, 11:55:36 pm UTC) from IT — Scanned from IT

Summary HTTP 38 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 14 domains to perform 38 HTTP transactions. The main IP is 172.66.44.84, located in United States and belongs to CLOUDFLARENET, US. The main domain is tomsguideax.pages.dev.
TLS certificate: Issued by GTS CA 1P5 on January 5th 2024. Valid for: 3 months.

This is the only time tomsguideax.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	172.66.44.84 172.66.44.84	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.243.61.225 192.243.61.225	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	172.64.173.31 172.64.173.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.124.14.40 3.124.14.40	16509 (AMAZON-02) (AMAZON-02)
3	173.233.137.52 173.233.137.52	7979 (SERVERS-COM) (SERVERS-COM)
4	18.173.187.29 18.173.187.29	16509 (AMAZON-02) (AMAZON-02)
1	104.20.80.99 104.20.80.99	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.86.121 104.21.86.121	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	192.243.59.13 192.243.59.13	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	54.39.156.32 54.39.156.32	16276 (OVH) (OVH)
1	104.26.7.19 104.26.7.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	172.64.205.8 172.64.205.8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.138 142.250.186.138	15169 (GOOGLE) (GOOGLE)
3	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
38	14

4 172.66.44.84 (United States)

ASN13335 (CLOUDFLARENET, US)

tomsguideax.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.243.61.225 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

clearancejoinjavelin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.173.31 (United States)

ASN13335 (CLOUDFLARENET, US)

friendshipmale.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.14.40 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-14-40.eu-central-1.compute.amazonaws.com

proftrafficcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.233.137.52 (United States)

ASN7979 (SERVERS-COM, US)

harmglitchorder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
unseenreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.173.187.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-29.muc50.r.cloudfront.net

mos.fie.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.80.99 (None, )

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.86.121 (None, )

ASN13335 (CLOUDFLARENET, US)

banquetunarmedgrater.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

indecentcurvelawsuit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.39.156.32 (Québec, Canada)

ASN16276 (OVH, FR)
PTR: ns562579.ip-54-39-156.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.7.19 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.yourwebbars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.64.205.8 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.creative-bars1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f195.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	indecentcurvelawsuit.com indecentcurvelawsuit.com	8 KB
6	creative-bars1.com cdn.creative-bars1.com — Cisco Umbrella Rank: 15617	22 KB
4	futurecdn.net mos.fie.futurecdn.net — Cisco Umbrella Rank: 39026	15 KB
4	pages.dev tomsguideax.pages.dev	54 KB
3	gstatic.com fonts.gstatic.com	47 KB
2	unseenreport.com unseenreport.com — Cisco Umbrella Rank: 12415	850 B
2	histats.com s10.histats.com — Cisco Umbrella Rank: 8421 s4.histats.com — Cisco Umbrella Rank: 7990	5 KB
2	proftrafficcounter.com proftrafficcounter.com — Cisco Umbrella Rank: 9491	607 B
2	clearancejoinjavelin.com clearancejoinjavelin.com	45 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	1 KB
1	yourwebbars.com cdn.yourwebbars.com — Cisco Umbrella Rank: 30141	2 KB
1	banquetunarmedgrater.com banquetunarmedgrater.com — Cisco Umbrella Rank: 18082	559 B
1	harmglitchorder.com harmglitchorder.com	469 B
1	friendshipmale.com friendshipmale.com — Cisco Umbrella Rank: 11388	27 KB
38	14

	Domain	Requested by
8	indecentcurvelawsuit.com	clearancejoinjavelin.com
6	cdn.creative-bars1.com	clearancejoinjavelin.com
4	mos.fie.futurecdn.net	tomsguideax.pages.dev
4	tomsguideax.pages.dev	tomsguideax.pages.dev
3	fonts.gstatic.com	fonts.googleapis.com
2	unseenreport.com
2	proftrafficcounter.com	clearancejoinjavelin.com
2	clearancejoinjavelin.com	tomsguideax.pages.dev
1	fonts.googleapis.com	clearancejoinjavelin.com
1	cdn.yourwebbars.com	clearancejoinjavelin.com
1	s4.histats.com	s10.histats.com
1	banquetunarmedgrater.com	clearancejoinjavelin.com
1	s10.histats.com	tomsguideax.pages.dev
1	harmglitchorder.com	tomsguideax.pages.dev
1	friendshipmale.com	clearancejoinjavelin.com
38	15

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.linkedin.com
reddit.com
facebook.com
api.whatsapp.com
telegram.me
harmglitchorder.com

Subject Issuer	Validity	Valid
tomsguideax.pages.dev GTS CA 1P5	`2024-01-05` - `2024-04-04`	3 months	crt.sh
clearancejoinjavelin.com R3	`2023-11-16` - `2024-02-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-18` - `2024-02-17`	a year	crt.sh
proftrafficcounter.com Amazon RSA 2048 M03	`2023-11-21` - `2024-12-19`	a year	crt.sh
harmglitchorder.com R3	`2023-12-20` - `2024-03-19`	3 months	crt.sh
mos.fie.futurecdn.net Amazon RSA 2048 M03	`2023-11-15` - `2024-12-13`	a year	crt.sh
banquetunarmedgrater.com GTS CA 1P5	`2023-11-09` - `2024-02-07`	3 months	crt.sh
indecentcurvelawsuit.com R3	`2024-01-05` - `2024-04-04`	3 months	crt.sh
histats.com R3	`2023-11-23` - `2024-02-21`	3 months	crt.sh
*.unseenreport.com R3	`2023-11-22` - `2024-02-20`	3 months	crt.sh
creative-bars1.com GTS CA 1P5	`2023-12-19` - `2024-03-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://tomsguideax.pages.dev/posts/netflix-and-the-cw-just-canceled-three-shows-and-people-are-upset/
Frame ID: 50E1310D3484473B17C484CF289E8EE4
Requests: 31 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Merriweather:wght@400;700&family=Roboto:wght@300;400;500;700;900&display=swap
Frame ID: 414CE887C9A1037F9542A23043E1D581
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Netflix And The Cw Just Canceled Three Shows And People Are Upset | tomsguide

Page Statistics

38
Requests

100 %
HTTPS

0 %
IPv6

14
Domains

15
Subdomains

14
IPs

4
Countries

229 kB
Transfer

572 kB
Size

21
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/intent/tweet/?text=Netflix%20And%20The%20Cw%20Just%20Canceled%20Three%20Shows%20And%20People%20Are%20Upset&url=https%3a%2f%2ftomsguideax.pages.dev%2fposts%2fnetflix-and-the-cw-just-canceled-three-shows-and-people-are-upset%2f&hashtags=

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3a%2f%2ftomsguideax.pages.dev%2fposts%2fnetflix-and-the-cw-just-canceled-three-shows-and-people-are-upset%2f&title=Netflix%20And%20The%20Cw%20Just%20Canceled%20Three%20Shows%20And%20People%20Are%20Upset&summary=Netflix%20And%20The%20Cw%20Just%20Canceled%20Three%20Shows%20And%20People%20Are%20Upset&source=https%3a%2f%2ftomsguideax.pages.dev%2fposts%2fnetflix-and-the-cw-just-canceled-three-shows-and-people-are-upset%2f

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?url=https%3a%2f%2ftomsguideax.pages.dev%2fposts%2fnetflix-and-the-cw-just-canceled-three-shows-and-people-are-upset%2f&title=Netflix%20And%20The%20Cw%20Just%20Canceled%20Three%20Shows%20And%20People%20Are%20Upset

Search URL Search Domain Scan URL

URL: https://facebook.com/sharer/sharer.php?u=https%3a%2f%2ftomsguideax.pages.dev%2fposts%2fnetflix-and-the-cw-just-canceled-three-shows-and-people-are-upset%2f

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Netflix%20And%20The%20Cw%20Just%20Canceled%20Three%20Shows%20And%20People%20Are%20Upset%20-%20https%3a%2f%2ftomsguideax.pages.dev%2fposts%2fnetflix-and-the-cw-just-canceled-three-shows-and-people-are-upset%2f

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?text=Netflix%20And%20The%20Cw%20Just%20Canceled%20Three%20Shows%20And%20People%20Are%20Upset&url=https%3a%2f%2ftomsguideax.pages.dev%2fposts%2fnetflix-and-the-cw-just-canceled-three-shows-and-people-are-upset%2f

Search URL Search Domain Scan URL

URL: http://harmglitchorder.com/hraxuwv4?auhhis=70&refer=https%3A%2F%2Ftomsguideax.pages.dev%2Fposts%2Fnetflix-and-the-cw-just-canceled-three-shows-and-people-are-upset%2F&kw=%5B%5D&key=e4762f9b24d98cd34d2eff6f8ae3dfa0&scrWidth=1600&scrHeight=1200&tz=1&v=23.12.v.10&ship=&psid=FEATURES-1671-layer_0&sub3=invoke_layer&res=14.31&dev=r&uuid=4d115ae5-c32c-4fa5-982b-6c15cdcabbc0%3A3%3A1

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
tomsguideax.pages.dev/posts/netflix-and-the-cw-just-canceled-three-shows-and-people-are-upset/ 40 KB
9 KB 581ms
129ms Document
text/html 172.66.44.84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tomsguideax.pages.dev/posts/netflix-and-the-cw-just-canceled-three-shows-and-people-are-upset/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.84 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e55a32bc5487a9569a73606fc933285ba410bae625891d42469d3f3fef740f6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 840fa7082aa4bb13-MXP
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 05 Jan 2024 23:55:30 GMT
etag: W/"afff08f9cd532306c4ba691c67273a67"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6GyUws2PPegcLamSgQ1%2FCCed1wvz3L8cd3cSJe5YWUcUjFN9WvMAvAxATRJDxPIKPJYnP1YexLmmDgIo%2BfAgQvsgEhD8E4yoB3kOVolr9%2Bz1q1NVEOP5CR3YThuhmAb4stKSc2%2B0%2BEw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H/1.1 200
OK e4762f9b24d98cd34d2eff6f8ae3dfa0.js Show response
clearancejoinjavelin.com/e4/76/2f/ 73 KB
29 KB 410ms
137ms Script
application/javascript 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://clearancejoinjavelin.com/e4/76/2f/e4762f9b24d98cd34d2eff6f8ae3dfa0.js

Requested by

Host: tomsguideax.pages.dev
URL: https://tomsguideax.pages.dev/posts/netflix-and-the-cw-just-canceled-three-shows-and-people-are-upset/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

043fea53a2ede7d35f0c094657f0917cce7efb1222f31190a8f74a3088bbac3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tomsguideax.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 23:55:30 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
X-Request-ID: ded93f580a561e7e9c43e94e28109007
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 stylesheet.bc1149f4a72aa4858d3a9f71462f75e5884ffe8073ea9d6d5761d5663d651e20.css
tomsguideax.pages.dev/assets/css/ 15 KB
5 KB 103ms
102ms Stylesheet
text/css 172.66.44.84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tomsguideax.pages.dev/assets/css/stylesheet.bc1149f4a72aa4858d3a9f71462f75e5884ffe8073ea9d6d5761d5663d651e20.css

Requested by

Host: tomsguideax.pages.dev
URL: https://tomsguideax.pages.dev/posts/netflix-and-the-cw-just-canceled-three-shows-and-people-are-upset/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.84 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc1149f4a72aa4858d3a9f71462f75e5884ffe8073ea9d6d5761d5663d651e20

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tomsguideax.pages.dev/posts/netflix-and-the-cw-just-canceled-three-shows-and-people-are-upset/
Origin: https://tomsguideax.pages.dev
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 23:55:30 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"f108b214fb6120365bec7dd12fdc643d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Asper9w4AK4KJdl%2FK6YYAAXSaO5tlCk1RqGFVblKNbVhgOp%2BUzD5XkechmFDQypHc7c5fqW%2FkTpIl9FsxEANH%2B%2Fy9FOmwlg9iateulfB0QQqRVkDyHlpVTIo6QBSjyHroMH1IMJ4AQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 840fa708fb77bb13-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 highlight.f413e19d0714851f6474e7ee9632408e58ac146fbdbe62747134bea2fa3415e0.js Show response
tomsguideax.pages.dev/assets/js/ 99 KB
34 KB 105ms
105ms Script
application/javascript 172.66.44.84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tomsguideax.pages.dev/assets/js/highlight.f413e19d0714851f6474e7ee9632408e58ac146fbdbe62747134bea2fa3415e0.js

Requested by

Host: tomsguideax.pages.dev
URL: https://tomsguideax.pages.dev/posts/netflix-and-the-cw-just-canceled-three-shows-and-people-are-upset/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.84 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f413e19d0714851f6474e7ee9632408e58ac146fbdbe62747134bea2fa3415e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tomsguideax.pages.dev/posts/netflix-and-the-cw-just-canceled-three-shows-and-people-are-upset/
Origin: https://tomsguideax.pages.dev
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 23:55:30 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"dda7edef669c7759f6319eb141ff1406"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wnpwpb%2BH0vnfbus2UTpBv78c6%2BdAWvNFZrWqXWWfnCGR3fngaw%2Fvu%2BoY4pEvu2QJymZ1jwcK0NF3dCjURr%2FUaCZiZYaMN5yxjpqYyGisEK724%2BQ3sNEjURsC167ULg%2FX%2FTbXmazEdsk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 840fa70c2e8fbb13-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 404 apple-touch-icon.png
tomsguideax.pages.dev/ 7 KB
7 KB 105ms
105ms Image
text/html 172.66.44.84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tomsguideax.pages.dev/apple-touch-icon.png

Requested by

Host: tomsguideax.pages.dev
URL: https://tomsguideax.pages.dev/posts/netflix-and-the-cw-just-canceled-three-shows-and-people-are-upset/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.84 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33c2e731596c08ea0f1caffc07ec173da7eda1da6c08066e3dd4649ba9c3508e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tomsguideax.pages.dev/posts/netflix-and-the-cw-just-canceled-three-shows-and-people-are-upset/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 23:55:30 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cM2Zvxya%2BVsG3MzdftzdAmpLDA6ka6XriZERE1Z2U%2FuIvZQe6Rnpxri4RLRlC5Pjthjn9V%2BVGiluSXZUp4n5GOpput9JYL5cQcAIDu5wKMOiAep14kkF86PX2PiMfLaa4w5eg8Gzwkw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cf-ray: 840fa7091b9ebb13-MXP
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK 6e2dfcd302096687d74df82cf0da4496.js Show response
clearancejoinjavelin.com/6e/2d/fc/ 42 KB
16 KB 458ms
168ms Script
application/javascript 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://clearancejoinjavelin.com/6e/2d/fc/6e2dfcd302096687d74df82cf0da4496.js

Requested by

Host: tomsguideax.pages.dev
URL: https://tomsguideax.pages.dev/posts/netflix-and-the-cw-just-canceled-three-shows-and-people-are-upset/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

d66a3e47e439f12d6bed2bba5c75d8b47dd8b48ff380ad66829e07a191549586

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tomsguideax.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 23:55:30 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
X-Request-ID: c59478d1ca7ac44ef23b0151417f4011
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 sfp.js Show response
friendshipmale.com/ 83 KB
27 KB 573ms
161ms Script
application/javascript 172.64.173.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://friendshipmale.com/sfp.js

Requested by

Host: clearancejoinjavelin.com
URL: https://clearancejoinjavelin.com/e4/76/2f/e4762f9b24d98cd34d2eff6f8ae3dfa0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.173.31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tomsguideax.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 23:55:31 GMT
strict-transport-security: max-age=0; includeSubdomains
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
x-request-id: 454b1a3bd3c4d5a9fbfeeb7c285338f7
last-modified: Fri, 05 Jan 2024 23:55:30 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JnkOM765NDvjUhxFKilqZMJ7dHJRwkVyr356iTvVvBmie8MTka%2BLYFXY54SrdL7cXSqU7Gx2ac7q02V5AOI3%2BZARbbfTDIQ5wfNMVr6zb88w5V4xvriZi%2BcGmrVr2Hj%2BkHwmJDE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 840fa70ecdf630c0-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 stats Show response
proftrafficcounter.com/ 40 B
304 B 188ms
35ms XHR
text/html 3.124.14.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proftrafficcounter.com/stats
Requested by: Host: clearancejoinjavelin.com
URL: https://clearancejoinjavelin.com/e4/76/2f/e4762f9b24d98cd34d2eff6f8ae3dfa0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.14.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-14-40.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: 40dc15cbb8195154ea9ae021544975902b1679e5cd00b9a252e83c8d0a38bba1

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tomsguideax.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: https://tomsguideax.pages.dev
date: Fri, 05 Jan 2024 23:55:30 GMT
access-control-allow-credentials: true
server: fasthttp
content-length: 40
vary: Origin
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK purst
harmglitchorder.com/pixel/ 0
469 B 430ms
127ms Image
text/plain 173.233.137.52
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://harmglitchorder.com/pixel/purst?dl=0&th=0&sc=0&rs=1091.0999999046326&rd=1091.0999999046326&fd=506.69999980926514&bv=23.12.v.10&tmpl=70
Requested by: Host: tomsguideax.pages.dev
URL: https://tomsguideax.pages.dev/posts/netflix-and-the-cw-just-canceled-three-shows-and-people-are-upset/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.233.137.52 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tomsguideax.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 23:55:30 GMT
Server: nginx/1.21.6
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 wxcm7ehqpbyqgslp-16147956194019-100-80.jpg
mos.fie.futurecdn.net/logos/merchants/ 2 KB
2 KB 194ms
53ms Image
image/jpeg 18.173.187.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mos.fie.futurecdn.net/logos/merchants/wxcm7ehqpbyqgslp-16147956194019-100-80.jpg

Requested by

Host: tomsguideax.pages.dev
URL: https://tomsguideax.pages.dev/posts/netflix-and-the-cw-just-canceled-three-shows-and-people-are-upset/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-29.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

7333163f8d44aacc9d622a45276fc2cbb50233fcd645bb141c7fc68ead051555

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tomsguideax.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 19:39:23 GMT
via: 1.1 6da146f012af036eaa9002470b7d7c54.cloudfront.net (CloudFront)
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: MUC50-P4
age: 879365
x-cache: Hit from cloudfront
x-ftr-dc: uk-lon2
x-ftr-realm: pip
x-ftr-backend: s3-futureplc-engineering-accessors, mos
alt-svc: h3=":443"; ma=86400
content-length: 1569
x-ftr-balancer: cleversafe-proxy-2, bulkproxyprodred
x-ftr-request-id: 00000000:804F_00000000:0050_65639EE5_BAEB08C:33ED, 00000000:AC78_00000000:0050_65639EE4_C1AF41:0908
last-modified: Wed, 03 Mar 2021 18:20:19 GMT
server: nginx
etag: "0d24c83b0d066a633b70343c7c495667"
vary: Accept-Encoding
content-type: image/jpeg
x-ftr-backend-server: cs-acc-s3-futureplc-engineering-1.corp, mos03
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: CZxdSYk9_WCp6qys9Ujk6Q1uwo5ap5QLcueZgljjIKuVURUZ4EraRw==
access-control-allow-method: GET,OPTIONS
expires: Thu, 25 Jan 2024 19:39:23 GMT

GET
H2 200 4jux2ksyaejjbfha-15470429625709-100-80.png
mos.fie.futurecdn.net/logos/networks/ 2 KB
3 KB 203ms
61ms Image
image/png 18.173.187.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mos.fie.futurecdn.net/logos/networks/4jux2ksyaejjbfha-15470429625709-100-80.png

Requested by

Host: tomsguideax.pages.dev
URL: https://tomsguideax.pages.dev/posts/netflix-and-the-cw-just-canceled-three-shows-and-people-are-upset/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-29.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

7cae8bac9f678b64c4c3d4955e729cc6e7fb75ca5b9cc1b4796e46913792a593

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tomsguideax.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 08:30:54 GMT
via: 1.1 6da146f012af036eaa9002470b7d7c54.cloudfront.net (CloudFront)
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: MUC50-P4
age: 746677
x-cache: Hit from cloudfront
x-ftr-dc: uk-lon1
x-ftr-realm: pip
x-ftr-backend: s3-futureplc-engineering-accessors, mos
alt-svc: h3=":443"; ma=86400
content-length: 1996
x-ftr-balancer: cleversafe-proxy-1, bulk-proxy-1
x-ftr-request-id: 00000000:DDE4_00000000:0050_6565A51A_1309B9FA:12C9C, 00000000:89C2_00000000:0050_6565A51A_DE1FB3:1992A
last-modified: Wed, 09 Jan 2019 14:09:23 GMT
server: nginx
etag: W/"38db8fad9d3107955bbcac98e2e88f5e"
vary: Accept-Encoding
content-type: image/png
x-ftr-backend-server: cs-acc-s3-futureplc-engineering-3.corp, mos05
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: wEBf7fhmH6wt7h8ruWEczCSPPWm3cyoCcMyGFuGxup5TNqgl2RknVA==
access-control-allow-method: GET,OPTIONS
expires: Sat, 27 Jan 2024 08:30:54 GMT

GET
H2 200 x4mavtpdopla3hjg-15735685231975-100-80.png
mos.fie.futurecdn.net/logos/networks/ 6 KB
6 KB 188ms
52ms Image
image/png 18.173.187.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mos.fie.futurecdn.net/logos/networks/x4mavtpdopla3hjg-15735685231975-100-80.png

Requested by

Host: tomsguideax.pages.dev
URL: https://tomsguideax.pages.dev/posts/netflix-and-the-cw-just-canceled-three-shows-and-people-are-upset/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-29.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

db7b9448a2c535230aa677bd472eeac811b4ded4fd51b978dc19fa4ef2c5c2c6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tomsguideax.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 17:12:29 GMT
via: 1.1 6da146f012af036eaa9002470b7d7c54.cloudfront.net (CloudFront)
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: MUC50-P4
age: 1579378
x-cache: Hit from cloudfront
x-ftr-dc: uk-lon1
x-ftr-realm: pip
x-ftr-backend: s3-futureplc-engineering-accessors, mos
alt-svc: h3=":443"; ma=86400
content-length: 5750
x-ftr-balancer: cleversafe-proxy-1, bulk-proxy-1
x-ftr-request-id: 00000000:96F0_00000000:0050_65807D7F_32D72D0:78BB, 00000000:5060_00000000:0050_65807D7F_20E14DD:11529
last-modified: Tue, 12 Nov 2019 14:22:04 GMT
server: nginx
etag: "8fe0b7fcafa3b3c7c6f4e216677925e4"
content-type: image/png
x-ftr-backend-server: cs-acc-s3-futureplc-engineering-2.corp, mos03
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: rlQnIJO9yk093hIvv4Or8Gwm01XWiTjNSHyj3PYzuYlI9gS5alnnGA==
access-control-allow-method: GET,OPTIONS
expires: Wed, 17 Jan 2024 17:12:29 GMT

GET
H2 200 i2sugv8sipbctrqt-15470432987395-100-80.png
mos.fie.futurecdn.net/logos/networks/ 2 KB
3 KB 200ms
64ms Image
image/png 18.173.187.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mos.fie.futurecdn.net/logos/networks/i2sugv8sipbctrqt-15470432987395-100-80.png

Requested by

Host: tomsguideax.pages.dev
URL: https://tomsguideax.pages.dev/posts/netflix-and-the-cw-just-canceled-three-shows-and-people-are-upset/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-29.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

04a8e9e7155d989eb4bdaaa902fc5f984b39c75f5b4ab6e4a3e76cb0823cb8e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tomsguideax.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 03:48:17 GMT
via: 1.1 6da146f012af036eaa9002470b7d7c54.cloudfront.net (CloudFront)
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: MUC50-P4
age: 1454829
x-cache: Hit from cloudfront
x-ftr-dc: uk-lon2
x-ftr-realm: pip
x-ftr-backend: s3-futureplc-engineering-accessors, mos
alt-svc: h3=":443"; ma=86400
content-length: 2403
x-ftr-balancer: cleversafe-proxy-2, bulkproxyprodred
x-ftr-request-id: 00000000:AA65_00000000:0050_65826405_36B1512:17F50, 00000000:7A82_00000000:0050_65826405_2ED81C:53A5
last-modified: Wed, 09 Jan 2019 14:14:59 GMT
server: nginx
etag: "d29da5c09f5efb68cd6d3f9320b8270b"
content-type: image/png
x-ftr-backend-server: cs-acc-s3-futureplc-engineering-5.corp, mos03
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: nqYk7sd9logci2HBoC5pPcdQXqDV_YT4DKgJ4hz8Mq3sP6oN_QsXxQ==
access-control-allow-method: GET,OPTIONS
expires: Fri, 19 Jan 2024 03:48:17 GMT

GET
H2 200 stats Show response
proftrafficcounter.com/ 40 B
303 B 144ms
36ms XHR
text/html 3.124.14.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proftrafficcounter.com/stats
Requested by: Host: clearancejoinjavelin.com
URL: https://clearancejoinjavelin.com/6e/2d/fc/6e2dfcd302096687d74df82cf0da4496.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.14.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-14-40.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: 43e69e1c16c8efc172697db5d94b681a66c113b0e197888b175bf2ff1e98270a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tomsguideax.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: https://tomsguideax.pages.dev
date: Fri, 05 Jan 2024 23:55:30 GMT
access-control-allow-credentials: true
server: fasthttp
content-length: 40
vary: Origin
content-type: text/html; charset=UTF-8

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 494ms
61ms Script
text/javascript 104.20.80.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: tomsguideax.pages.dev
URL: https://tomsguideax.pages.dev/posts/netflix-and-the-cw-just-canceled-three-shows-and-people-are-upset/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tomsguideax.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 23:55:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 59317
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 840fa70f29060e8d-MXP
content-length: 4547

GET
H2 200 advertisers.js Show response
banquetunarmedgrater.com/ 0
559 B 603ms
172ms Script
application/javascript 104.21.86.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://banquetunarmedgrater.com/advertisers.js

Requested by

Host: clearancejoinjavelin.com
URL: https://clearancejoinjavelin.com/e4/76/2f/e4762f9b24d98cd34d2eff6f8ae3dfa0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.86.121 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tomsguideax.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 23:55:31 GMT
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
x-request-id: 2eed477fdaf47aebbe49bdc0fb6e5a05
last-modified: Fri, 05 Jan 2024 23:55:31 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jf8qDaTSLdQ9naA%2Fm4uhNaJMSvb5LpUk3ZWRc2FF9o536RARyJtAVtNXZ%2Bb0tZE%2B814H%2BXDKDeJqa8HQuwdGUnzc9t6xdXyLJMHJSYAIYJn1cdgUiZY%2FAkDvT7nkF%2B6WzxvymWrryD7Tdak%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800
accept-ranges: bytes
cf-ray: 840fa7113dc50d55-MXP
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK sbar.json Show response
indecentcurvelawsuit.com/ 6 KB
5 KB 505ms
208ms XHR
text/plain 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://indecentcurvelawsuit.com/sbar.json?key=6e2dfcd302096687d74df82cf0da4496&uuid=32b6ad62-7402-4540-b67f-af0804181ee5%3A1%3A1

Requested by

Host: clearancejoinjavelin.com
URL: https://clearancejoinjavelin.com/6e/2d/fc/6e2dfcd302096687d74df82cf0da4496.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

03dfe6b7da1ae5521d9cfa41c96b35f2620c3f7c41cba2acfa7314813b3c1d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tomsguideax.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 23:55:31 GMT
Custom-Referer: https://tomsguideax.pages.dev
Content-Encoding: gzip
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://tomsguideax.pages.dev
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Request-ID: 4a200f0aa94645b7df167e059b00a549
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 51 B
185 B 435ms
130ms Script
text/html 54.39.156.32
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4595848&@f16&@g1&@h1&@i1&@j1704498931126&@k0&@l1&@mNetflix%20And%20The%20Cw%20Just%20Canceled%20Three%20Shows%20And%20People%20Are%20Upset%20%7C%20tomsguide&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:197557188&@b3:1704498931&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Ftomsguideax.pages.dev%2Fposts%2Fnetflix-and-the-cw-just-canceled-three-shows-and-people-are-upset%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.156.32 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns562579.ip-54-39-156.net
Software: /
Resource Hash: d5eb4c04b2dd5e2f150a27b23853dcf93c117899ec93805fe764bfb90bb5d4aa

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tomsguideax.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 23:55:31 GMT
Connection: close
Content-Length: 51
Content-Type: text/html;charset=UTF-8

GET
H2 200 index.html Show response
cdn.yourwebbars.com/sb/notifications/addon/addon/extension/wind/1/ 4 KB
2 KB 1192ms
587ms XHR
text/html 104.26.7.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yourwebbars.com/sb/notifications/addon/addon/extension/wind/1/index.html
Requested by: Host: clearancejoinjavelin.com
URL: https://clearancejoinjavelin.com/6e/2d/fc/6e2dfcd302096687d74df82cf0da4496.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb8cbac53f0c50a78bd75c22d4ae46bd687c312f8d1d138b9cf5f1cdb4337018

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tomsguideax.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 23:55:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 03 Nov 2023 13:09:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IHRL0eFx7EcqpjYD2O%2B8zDRmg2QIkh2Y%2FkUMurnC1Fr5mawNZZef%2Bvf3OGewjYCWZMGQ41tuhPHbiDRCvkJT2jqBhRHRzuxVZVIE8P9cV1a75AlFi0xlk%2FfJJVY%2BhMMda9fYEYY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public, max-age=315360000
cf-ray: 840fa7169afd374e-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ren.gif
indecentcurvelawsuit.com/ 7 B
641 B 132ms
132ms Image
image/gif 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://indecentcurvelawsuit.com/ren.gif?sid=H4sIAAAAAAAC%2F1xSzYscxRuu3oRfIPwQ9KDkIPTBQwLZ2e6enp4ZooZ8mLgm0ZCs7Lmqq3q23Oqupqp6erOnYFByHC8xx95nkix%2BBPTgTVFmPSgLHsZDWIX9GwTPgszuwIAvFO%2F7Pk9V8T5P1ac71SEJUdEDd0tvS6XoSqcV%2BGfXZcF1bf331%2FwwaAUX%2FHVZJPEFfyuJz%2FmXylKJdcFuSLfSaXdb7cQ%2Fe%2BPdtVs3z%2FtKbgr%2Fukg39Tn%2FyobRuVgJo6AVtJKg32%2BFUd%2B%2FSzNq5PwcZPk87HVaYb%2FXSqJWFGLL%2FAewlQdLPfDhIXkFkk%2F%2F%2F6v%2FC2Q6QZF%2Fc1XYTafL8%2B%2FklaJOGwz57ofFZqHrAvmizIyHrNid74a2U0IeL0EXu3Od0MMnM51gckq8f94GK54djw82HIdRAKYgHRh%2FDfVwAqEmkHSCVD%2BA5Aopx%2BoaivzpqqPq3jFFZ9SU%2FO%2Fz7yHrKTn1yWMU%2BfPrSjOq%2FDu6csJgK2sgtyaQgwnKag9u24Os95C6jyH5byRQF2a33pKKFpD84I12xBLKk2i5GwfRctyJg2WWdLNlmgW9IA57oRCdI3OknEBmEygxArUeqtmSHqpsCVW5hJwf%2BCLhPZrxkPW6KWM8DKMsTMMsEWm%2FTVkYoEpnGkZw5QipGiE191Ga%2B9iUI5jqJ9iNBpZ7sI5gyBvUgqC2BDUlqCVB7QjqYfOUKxvZ5hlXtmLhPEfz3G7G2g126FPtBqIgoGa0Ux6Sl2fmea%2BuvIlNceAnIuJZyttBFPSTpNfl3ZhnvSjNAk7juJ%2FAygbSLh1J3ZZTcmb1JEo5JUuP7oLRPVi1h1SeAK1eB63H3SgA3RjHvQDbxXdOl06W0raY0gNbatdKdQ6uG5TuJNw9b0cdkjNHr%2FmejiDSfTIPpKZBaRp8JH8mGKiH4zu6Jk%2Fu6NqSbz8onczlNnVSF3cddcL78oa4V2vDV6%2Fa0ReX0hkxK79eE9bdpAWXxcCSry5LzoW5pk0qyA%2Brdl2w25XduFyZoipv3r5ybTUvjbBW6mICKqeEHP6JVE7JS4NTR%2F%2F3XPEHpJnAVA3yajGr1HtIy%2Fuw5QKzmsCoRc9KD3XVjE3EFqCSBEosesoaWLF%2F8cXpt8rxi9NgYv%2FHv465HfsQA%2BOBugco8gZD02CoGlA1gq1OjF1p9i%2F%2B3j4KMOWNmTLeE6aM%2BuzYXCsP%2FIzyLI5op9MVrBvwqBtGUcyoSHjSCYJ%2BF85OxeNHf%2F8LAAD%2F%2FwEAAP%2F%2F9bo2Eb0EAAA%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tomsguideax.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 23:55:31 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 7
X-Request-ID: 4e6919f5c25f3d025ab2996dc49352cd
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK pxf.gif
unseenreport.com/ 1 B
425 B 624ms
127ms Image
image/gif 173.233.137.52
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unseenreport.com/pxf.gif?uuid=32b6ad62-7402-4540-b67f-af0804181ee5&eb=33f93ff28a290334f62b93270ee6d095&te=713b63649efa506845fb3bc23d2c8693&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.129%20Safari%2F537.36&dev=r&res=14.31&b_frame=0&pk=e4762f9b24d98cd34d2eff6f8ae3dfa0&bl=en-US&sr=1200x1600&sz=1200x1600&hjs=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

173.233.137.52 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tomsguideax.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 23:55:32 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.21.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1
X-Request-ID: 7aefbc1f5a75dbf1d57c04c445360270
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK pxf.gif
unseenreport.com/ 1 B
425 B 631ms
134ms Image
image/gif 173.233.137.52
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unseenreport.com/pxf.gif?uuid=32b6ad62-7402-4540-b67f-af0804181ee5&eb=33f93ff28a290334f62b93270ee6d095&te=713b63649efa506845fb3bc23d2c8693&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.129%20Safari%2F537.36&dev=r&res=14.31&b_frame=0&pk=6e2dfcd302096687d74df82cf0da4496&bl=en-US&sr=1200x1600&sz=1200x1600&hjs=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

173.233.137.52 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tomsguideax.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 23:55:32 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.21.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1
X-Request-ID: 791c0bbc64459343f4acd160ed401e21
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 animate.css Show response
cdn.creative-bars1.com/sb/notifications/addon/addon/extension/wind/1/css/ 77 KB
5 KB 715ms
294ms XHR
text/css 172.64.205.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.creative-bars1.com/sb/notifications/addon/addon/extension/wind/1/css/animate.css
Requested by: Host: clearancejoinjavelin.com
URL: https://clearancejoinjavelin.com/6e/2d/fc/6e2dfcd302096687d74df82cf0da4496.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.205.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3028c87fc798ac3741f02079034e6c23462afc0c5e6c8d321188ce3716c8472a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tomsguideax.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 23:55:33 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 Nov 2023 13:09:26 GMT
server: cloudflare
etag: W/"6544f106-13591"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xbjZ11hMORa5a9P6nFGIx6uggGwOqDWdd%2FD6bSMMlerBx2394NIkEZtQNAwzIqRdSUBuS2HJIVN4kqXnDRU2x9eRxXpJxa%2F58C%2FK5WRBqhuTN3e%2BMJOtHxaumRmla29jl9Svt6ixF%2B67"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public, max-age=315360000
cf-ray: 840fa71d1c9e3ca1-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.css Show response
cdn.creative-bars1.com/sb/notifications/addon/addon/extension/wind/1/css/ 3 KB
1 KB 709ms
287ms XHR
text/css 172.64.205.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.creative-bars1.com/sb/notifications/addon/addon/extension/wind/1/css/main.css
Requested by: Host: clearancejoinjavelin.com
URL: https://clearancejoinjavelin.com/6e/2d/fc/6e2dfcd302096687d74df82cf0da4496.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.205.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81680cd9f10c99a909b5b71b8afaa76195a4129f084e8156ece665c13c6b5421

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tomsguideax.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 23:55:33 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 Nov 2023 13:09:26 GMT
server: cloudflare
etag: W/"6544f106-b83"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bkrVanCqRew4UeCOCLKkvOW2gnVgKo%2F1tTEUEfr5B11ylekqJQ0%2F43Gwrl4kYvkOtIE7ZWGTfpiVdGy12raaaoVVtmRouZB%2FLXsls2Mu6r4VwJohIc2pPEJfOz7BzosldQy7J3M1N9ql"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public, max-age=315360000
cf-ray: 840fa71d1ca03ca1-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 script.js Show response
cdn.creative-bars1.com/sb/notifications/addon/addon/extension/wind/1/js/ 23 KB
9 KB 815ms
395ms XHR
application/javascript 172.64.205.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.creative-bars1.com/sb/notifications/addon/addon/extension/wind/1/js/script.js
Requested by: Host: clearancejoinjavelin.com
URL: https://clearancejoinjavelin.com/6e/2d/fc/6e2dfcd302096687d74df82cf0da4496.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.205.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a391b8a3ddf3fc1f0f9e7cff59e37313c84f4e8156d101a091ab131f4cc6633

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tomsguideax.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 23:55:33 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 14 Dec 2023 12:02:52 GMT
server: cloudflare
etag: W/"657aeeec-5a98"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90QGCg8uCRJm5vXwdLT7iMIEXMrZmNs2kDlYqd1tKn0WweiG2DM3ZvrL75dGZ%2Bj0sdjYrhJC11EmRupRGRaa0rfkuxEs7wP1rsB4Q2i82hIMMaZFoojOagk8CmYWvuwZL%2FLqeBHhtkLh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public, max-age=315360000
cf-ray: 840fa71d1c9d3ca1-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK sbls
indecentcurvelawsuit.com/pixel/ 0
469 B 148ms
148ms Image
text/plain 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indecentcurvelawsuit.com/pixel/sbls?bv=23.51.2179&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Faddon%2Faddon%2Fextension%2Fwind%2F1%2Findex.html&l=4370&fd=1193.3000001907349
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tomsguideax.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 23:55:32 GMT
Server: nginx/1.19.5
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 414C 15 KB
1 KB 469ms
47ms Stylesheet
text/css 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather:wght@400;700&family=Roboto:wght@300;400;500;700;900&display=swap

Requested by

Host: clearancejoinjavelin.com
URL: https://clearancejoinjavelin.com/6e/2d/fc/6e2dfcd302096687d74df82cf0da4496.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

ESF /

Resource Hash

2b0e499fab2cb58721f9b00dd921736ad8173df46f3297d92465cab70f29743d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 Jan 2024 23:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 23:14:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Jan 2024 23:55:33 GMT

GET
H2 200 close.svg
cdn.creative-bars1.com/sb/notifications/addon/addon/extension/wind/1/img/ Frame 414C 1 KB
868 B 555ms
107ms Image
image/svg+xml 172.64.205.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.creative-bars1.com/sb/notifications/addon/addon/extension/wind/1/img/close.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.205.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9630c142a8c074cc1809ebf4109538cf29cc0baeb6c27726191f1cf5376e2e21

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 23:55:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 361583
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 Nov 2023 13:09:28 GMT
server: cloudflare
etag: W/"6544f108-4ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HgRvaFgvpdXQfJyKBNCAF5ZlBgnXnrgVY0ZGxiMhGL%2FUVDSdZXWkTOKp20WUuhy75Prcp4tq335kVKgJJJ0fNoRfiS3Cn6gPJIVe0WjxHFFMmMD6XW6%2FPQAheyyveEUjHw1GvuXjd1ry"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public, max-age=315360000
cf-ray: 840fa71dfb406d71-MUC
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-before.svg
cdn.creative-bars1.com/sb/notifications/addon/addon/extension/wind/1/img/ Frame 414C 8 KB
3 KB 554ms
106ms Image
image/svg+xml 172.64.205.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.creative-bars1.com/sb/notifications/addon/addon/extension/wind/1/img/icon-before.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.205.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d77102e66068cf1ee07cdbd7158669db57408fe38645cd5401b48d3910456264

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 23:55:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 361583
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 Nov 2023 13:09:28 GMT
server: cloudflare
etag: W/"6544f108-1f07"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZMqNjf%2FZf8b4S5WdVXPCttFYlfMXgmXeukc0HQd7dAhGwcdCNP3FpIGoDmPvDrot1QqAeEefG57Ab1qRhaTDC6%2FR0df1q4PH1kQZefe%2FkB62LiPbrYd7QZ7ATmE3ztRA3wY93vS1E3J"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public, max-age=315360000
cf-ray: 840fa71dfb436d71-MUC
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon-after.svg
cdn.creative-bars1.com/sb/notifications/addon/addon/extension/wind/1/img/ Frame 414C 7 KB
3 KB 534ms
86ms Image
image/svg+xml 172.64.205.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.creative-bars1.com/sb/notifications/addon/addon/extension/wind/1/img/icon-after.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.205.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64c41949abe3583b1c2ca04470c52a298b8d017136b953036d39195ef9a181d3

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 23:55:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 361583
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 Nov 2023 13:09:28 GMT
server: cloudflare
etag: W/"6544f108-1c01"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2ptzDMFW%2BiuNEua8%2F3IcnubXYys3d9E1PPnp4Drebkb7Vezu%2FYwAUVpnHo7%2F5wzm9IHqbMMsQ4t0NvKoQrfTxBqJ2TqfKNbp7mNzppw9pzhJ5oPCb%2FKAc55tn5BVrKGjFdT3teOi9TB"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public, max-age=315360000
cf-ray: 840fa71dfb426d71-MUC
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK sbls
indecentcurvelawsuit.com/pixel/ 0
469 B 127ms
126ms Image
text/plain 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indecentcurvelawsuit.com/pixel/sbls?bv=23.51.2179&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Faddon%2Faddon%2Fextension%2Fwind%2F1%2Fcss%2Fmain.css&l=2947&fd=709.6999998092651
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tomsguideax.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 23:55:33 GMT
Server: nginx/1.19.5
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK sbls
indecentcurvelawsuit.com/pixel/ 0
469 B 240ms
127ms Image
text/plain 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indecentcurvelawsuit.com/pixel/sbls?bv=23.51.2179&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Faddon%2Faddon%2Fextension%2Fwind%2F1%2Fcss%2Fanimate.css&l=79249&fd=722.0999999046326
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tomsguideax.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 23:55:33 GMT
Server: nginx/1.19.5
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK sbls
indecentcurvelawsuit.com/pixel/ 0
469 B 273ms
127ms Image
text/plain 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indecentcurvelawsuit.com/pixel/sbls?bv=23.51.2179&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Faddon%2Faddon%2Fextension%2Fwind%2F1%2Fjs%2Fscript.js&l=16987&fd=817.1000003814697
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tomsguideax.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 23:55:33 GMT
Server: nginx/1.19.5
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK impr.gif
indecentcurvelawsuit.com/ 7 B
641 B 127ms
126ms Image
image/gif 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://indecentcurvelawsuit.com/impr.gif?sid=H4sIAAAAAAAC%2F1xSzYscxRuu3oRfIPwQ9KDkIPTBQwLZ2e6emZ4ZooZ8mDgm0ZCs7Lmqq3q2nOqupqp6erOnYFByHC8xx95nkix%2BBPTgTVFmPSgLHsZDWIX9GwTPgszuwIAvFO%2F7Pk9V8T5P1ac75SEJUdIDd0tvS6XoWrsR%2BGc3ZM51Zf331%2F0waAQX%2FA2Zx60L%2FlbcOudfKgolNgS7Id1au9lpNGP%2F7I1312%2FdPO8rORT%2BdZEM9Tn%2FyqbRmVgLo6ARNOKg12uEUc%2B%2FS1Nq5OIcZPE87LYbYa%2FbiKNGFGLL%2FAewpQdLPfDRIXkFks%2F%2B%2F6v%2FC2QyRZ59c1XYodPF%2BXeyUlGnDUZ898N8mOsqR7YsU%2BMhzXcXu6HtjJDHK9D57kIn9OjJXCeYnBHvn7fB8mfH44ONJmEUgClIB8ZfQzWaQqgpJJ0i0Q8guULC0V9Hnj3tO6ruHVN0Ts3I%2Fz7%2FHrKakVOfPEaePb%2BuNKPKv6NLJwy20hpyawo5mKIo9%2BC2PchqD4n7GJL%2FRgJ1YX7rLaloDskP3mhGLKY8jlY7rSBabbVbwSqLO%2BkqTYNu0Aq7oRDtI3OknEKmUygxBrUeyvmSHsp0BWWxgowf%2BCLmXZrykHU7CWM8DKM0TMI0FkmvSVkYoEzmGsZwxRiJGiMx91GY%2BxjKMUz5E%2BxmDcs9WEcw4jUqQVBZgooSVJKgcgTVqH7KlY1s%2FYwrW7JwkaNFbtYT7QY79Kl2A5ETUDPeKQ7Jy3PzvFfX3sRQHPixiHia8GYQBb047nZ4p8XTbpSkAaetVi%2BGlTWkXTmSui1n5Ez%2FJAo5IyuP7oLRPVi1h0SeAC1fB60mnSgA3Zy0ugG28%2B%2BcLpwspG0wpQe20K6R6Axc1yjcSbh73o46JGeOXvM9HUEk%2B2QRSEyNwtT4SP5MMFAPJ3d0RZ7c0ZUl335QOJnJbeqkzu866oT35Q1xr9KG96%2Fa8ReXkjkxL79eF9bdpDmX%2BcCSry5LzoW5pk0iyA99uyHY7dJuXi5NXhY3b1%2B51s8KI6yVOp%2BCyhkhh38ikTPy0uDU0f89l%2F8BaaYwZY2sXM4q9R6S4j5sscSsJjBq2bPCQ1XWExOxJagkgRLLnrIaVuxffHH6rWLy4jSY2P%2Fxr2Nuxz7EwHig7gHyrMbI1BipGlSNYcsTE1eY%2FYu%2FN48CTHkTpoz3hCmjPjs218oDvx3HrNsOQkHb3RalIUs77aiXpk0WdpodnsDZmXj86O9%2FAQAA%2F%2F8BAAD%2F%2F3eZiba9BAAA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tomsguideax.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 23:55:33 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 7
X-Request-ID: d672f584e1a40f5cdd728f9c63afa9a6
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK sbs
indecentcurvelawsuit.com/pixel/ 0
469 B 211ms
122ms Image
text/plain 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://indecentcurvelawsuit.com/pixel/sbs?c=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tomsguideax.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 23:55:33 GMT
Server: nginx/1.19.5
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 414C 16 KB
16 KB 902ms
83ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@400;700&family=Roboto:wght@300;400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f195.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tomsguideax.pages.dev
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 17:38:05 GMT
x-content-type-options: nosniff
age: 368249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 17:38:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 414C 15 KB
16 KB 851ms
32ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@400;700&family=Roboto:wght@300;400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f195.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tomsguideax.pages.dev
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 00:57:14 GMT
x-content-type-options: nosniff
age: 82700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 00:57:14 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 414C 15 KB
16 KB 877ms
58ms Font
font/woff2 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@400;700&family=Roboto:wght@300;400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f195.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tomsguideax.pages.dev
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 16:39:21 GMT
x-content-type-options: nosniff
age: 26173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 16:39:21 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
clearancejoinjavelin.com/e4/76/2f	1970-01-20 17:49:54	Name: 4b4e7ab587d59b22ad7bcd2439afc363_FEATURES-1671-layer Value: 0
proftrafficcounter.com/	1970-01-21 03:04:18	Name: uid_id2 Value: 32b6ad62-7402-4540-b67f-af0804181ee5:1:1
tomsguideax.pages.dev/	1970-01-20 17:38:23	Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c Value: 32b6ad62-7402-4540-b67f-af0804181ee5%3A1%3A1
tomsguideax.pages.dev/	1970-01-20 17:28:26	Name: pp_main_e4762f9b24d98cd34d2eff6f8ae3dfa0 Value: 1
tomsguideax.pages.dev/	1970-01-20 17:28:26	Name: sb_main_6e2dfcd302096687d74df82cf0da4496 Value: 1
tomsguideax.pages.dev/	1970-01-20 17:28:26	Name: sb_count_6e2dfcd302096687d74df82cf0da4496 Value: 1
tomsguideax.pages.dev/	1970-01-21 02:13:54	Name: HstCfa4595848 Value: 1704498931126
tomsguideax.pages.dev/	1970-01-21 02:13:54	Name: HstCla4595848 Value: 1704498931126
tomsguideax.pages.dev/	1970-01-21 02:13:54	Name: HstCmu4595848 Value: 1704498931126
tomsguideax.pages.dev/	1970-01-21 02:13:54	Name: HstPn4595848 Value: 1
tomsguideax.pages.dev/	1970-01-21 02:13:54	Name: HstPt4595848 Value: 1
tomsguideax.pages.dev/	1970-01-21 02:13:54	Name: HstCnv4595848 Value: 1
tomsguideax.pages.dev/	1970-01-21 02:13:54	Name: HstCns4595848 Value: 1
indecentcurvelawsuit.com/	1970-01-20 17:29:45	Name: u_pl Value: 18231100
indecentcurvelawsuit.com/	1970-01-20 17:38:23	Name: uid_id2 Value: 32b6ad62-7402-4540-b67f-af0804181ee5:1:1
indecentcurvelawsuit.com/	1970-01-20 17:29:45	Name: pdhtkv Value: true
indecentcurvelawsuit.com/	1970-01-20 17:29:45	Name: uncs Value: 1
indecentcurvelawsuit.com/	1970-01-20 17:29:45	Name: pdhtkv29 Value: true
indecentcurvelawsuit.com/	1970-01-20 17:29:45	Name: uncs29 Value: 1
indecentcurvelawsuit.com/	1970-01-20 17:28:18	Name: slec6e2dfcd302096687d74df82cf0da4496 Value: [4878130]
tomsguideax.pages.dev/	1970-01-20 17:28:18	Name: pbpr0tpuw4isk85t8yg3jb2lj5vqf Value: indecentcurvelawsuit.com

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tomsguideax.pages.dev/apple-touch-icon.png Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

banquetunarmedgrater.com
cdn.creative-bars1.com
cdn.yourwebbars.com
clearancejoinjavelin.com
fonts.googleapis.com
fonts.gstatic.com
friendshipmale.com
harmglitchorder.com
indecentcurvelawsuit.com
mos.fie.futurecdn.net
proftrafficcounter.com
s10.histats.com
s4.histats.com
tomsguideax.pages.dev
unseenreport.com
104.20.80.99
104.21.86.121
104.26.7.19
142.250.186.138
172.217.16.195
172.64.173.31
172.64.205.8
172.66.44.84
173.233.137.52
18.173.187.29
192.243.59.13
192.243.61.225
3.124.14.40
54.39.156.32
03dfe6b7da1ae5521d9cfa41c96b35f2620c3f7c41cba2acfa7314813b3c1d8c
043fea53a2ede7d35f0c094657f0917cce7efb1222f31190a8f74a3088bbac3f
04a8e9e7155d989eb4bdaaa902fc5f984b39c75f5b4ab6e4a3e76cb0823cb8e4
2a391b8a3ddf3fc1f0f9e7cff59e37313c84f4e8156d101a091ab131f4cc6633
2b0e499fab2cb58721f9b00dd921736ad8173df46f3297d92465cab70f29743d
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3028c87fc798ac3741f02079034e6c23462afc0c5e6c8d321188ce3716c8472a
33c2e731596c08ea0f1caffc07ec173da7eda1da6c08066e3dd4649ba9c3508e
40dc15cbb8195154ea9ae021544975902b1679e5cd00b9a252e83c8d0a38bba1
43e69e1c16c8efc172697db5d94b681a66c113b0e197888b175bf2ff1e98270a
64c41949abe3583b1c2ca04470c52a298b8d017136b953036d39195ef9a181d3
7333163f8d44aacc9d622a45276fc2cbb50233fcd645bb141c7fc68ead051555
7cae8bac9f678b64c4c3d4955e729cc6e7fb75ca5b9cc1b4796e46913792a593
81680cd9f10c99a909b5b71b8afaa76195a4129f084e8156ece665c13c6b5421
9630c142a8c074cc1809ebf4109538cf29cc0baeb6c27726191f1cf5376e2e21
ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bc1149f4a72aa4858d3a9f71462f75e5884ffe8073ea9d6d5761d5663d651e20
d5eb4c04b2dd5e2f150a27b23853dcf93c117899ec93805fe764bfb90bb5d4aa
d66a3e47e439f12d6bed2bba5c75d8b47dd8b48ff380ad66829e07a191549586
d77102e66068cf1ee07cdbd7158669db57408fe38645cd5401b48d3910456264
db7b9448a2c535230aa677bd472eeac811b4ded4fd51b978dc19fa4ef2c5c2c6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55a32bc5487a9569a73606fc933285ba410bae625891d42469d3f3fef740f6a
f413e19d0714851f6474e7ee9632408e58ac146fbdbe62747134bea2fa3415e0
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb8cbac53f0c50a78bd75c22d4ae46bd687c312f8d1d138b9cf5f1cdb4337018

tomsguideax.pages.dev Open in urlscan Pro 172.66.44.84 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

38 Requests

100 %HTTPS

0 %IPv6

14 Domains

15 Subdomains

14 IPs

4 Countries

229 kBTransfer

572 kBSize

21 Cookies

7 Outgoing links

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tomsguideax.pages.dev Open in urlscan Pro
172.66.44.84 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

100 %
HTTPS

0 %
IPv6

14
Domains

15
Subdomains

14
IPs

4
Countries

229 kB
Transfer

572 kB
Size

21
Cookies

38 HTTP transactions
0 data transactions