urlscan.io logo urlscan.io
SecurityTrails logo

www.dofaq.co Open in urlscan Pro
1.171.202.8  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.dofaq.co/
Effective URL: https://www.dofaq.co/
Submission: On January 19 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 5 countries across 14 domains to perform 61 HTTP transactions. The main IP is 1.171.202.8, located in Banqiao, Taiwan and belongs to HINET Data Communication Business Group, TW. The main domain is www.dofaq.co.
TLS certificate: Issued by R3 on January 6th 2024. Valid for: 3 months.
This is the only time www.dofaq.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

25    1.171.202.8 (Banqiao, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 1-171-202-8.dynamic-ip.hinet.net
www.dofaq.co
6    139.45.197.238 (United Kingdom)

ASN9002 (RETN-AS, GB)
tharbadir.com
5    172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
4    139.45.197.235 (United Kingdom)

ASN9002 (RETN-AS, GB)
native.propellerclick.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
2    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
5    139.45.197.151 (United Kingdom)

ASN9002 (RETN-AS, GB)
interstitial-08.com
4    2606:4700:10::6816:1974 (United States)

ASN13335 (CLOUDFLARENET, US)
littlecdn.com
Apex Domain
Subdomains		 Transfer
25 dofaq.co
www.dofaq.co
2 MB
6 tharbadir.com
tharbadir.com
149 KB
5 interstitial-08.com
interstitial-08.com — Cisco Umbrella Rank: 176953
158 KB
5 infolinks.com
resources.infolinks.com — Cisco Umbrella Rank: 6494
router.infolinks.com — Cisco Umbrella Rank: 3004
61 KB
4 littlecdn.com
littlecdn.com — Cisco Umbrella Rank: 16957
35 KB
4 propellerclick.com
native.propellerclick.com — Cisco Umbrella Rank: 977096
2 google.de
www.google.de — Cisco Umbrella Rank: 6518
515 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2616
660 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
394 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 gstatic.com
fonts.gstatic.com
81 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
83 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11663
542 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
2 KB
61 14
Domain Requested by
25 www.dofaq.co 1 redirects www.dofaq.co
6 tharbadir.com www.dofaq.co
tharbadir.com
5 interstitial-08.com tharbadir.com
interstitial-08.com
4 littlecdn.com interstitial-08.com
4 native.propellerclick.com www.dofaq.co
3 router.infolinks.com resources.infolinks.com
2 www.google.de www.dofaq.co
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 www.google-analytics.com www.dofaq.co
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 resources.infolinks.com www.dofaq.co
1 region1.analytics.google.com www.googletagmanager.com
1 www.google.com www.dofaq.co
1 www.googletagmanager.com www.google-analytics.com
1 my.rtmark.net tharbadir.com
1 fonts.googleapis.com www.dofaq.co
61 16

This site contains links to these domains. Also see Links.

Domain
dolohen.com
twitter.com
www.facebook.com
plus.google.com
www.linkedin.com
Subject Issuer Validity Valid
www.dofaq.co
R3		 2024-01-06 -
2024-04-05		 3 months crt.sh
tharbadir.com
R3		 2023-12-08 -
2024-03-07		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-15 -
2024-05-14		 a year crt.sh
propellerclick.com
R3		 2023-12-22 -
2024-03-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
rtmark.net
R3		 2023-12-23 -
2024-03-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
interstitial-08.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.dofaq.co/
Frame ID: 92AE10B5DDA3032F8B7CAAC3A29F2555
Requests: 51 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3088588&wsid=0&pdom=www.dofaq.co&purl=https%3A%2F%2Fwww.dofaq.co%2F
Frame ID: B1E9C449681B4AE92991EB8F9F8E437B
Requests: 1 HTTP requests in this frame

Frame: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftharbadir.com%2F12%3Frnd%3D3716679300%26z%3D2892328%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D6nyuvpkLxN4UjGBoP9wfHQtkv-ZJjosug1ghbLvPheWli-mv9ohU8irGEI0ei8QxqS_IGgNIWnuoPb4pXT7RDWw1OJC67mVkOjUfT_axA4Eq3UTAqWRhpjZtj4sZIvvIrLpHEZgjKt4ugbsetBHE-oipolhKB2D6kz-YuX1Cmi_-pLzldvf2ABp15Kg4jWz9jU_t9qpgo4AvnCE28113EMoGrXgTIF7hs3WG9S9CV79kXpH0B7sG2g98H1jLTJXYtWJKe4htDz7p0M8COwmqldnpuuJ5JZy3kaZIzW5Zb1w3pV92Be7FZY8QcbJkRve2%26bag%3DydU9kaAfa6I%3D%26ruid%3D489a7a56-a685-4682-b96c-2ad7e0a8c262%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fwww.dofaq.co%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D1%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Frame ID: 8885474FEAE7F52194344F8A3BF19272
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

dofaq.co - most frequently asked questions

Page URL History Show full URLs

  1. http://www.dofaq.co/ HTTP 308
    https://www.dofaq.co/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

61
Requests

100 %
HTTPS

60 %
IPv6

14
Domains

16
Subdomains

16
IPs

5
Countries

2755 kB
Transfer

3601 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.dofaq.co/ HTTP 308
    https://www.dofaq.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.dofaq.co/
Redirect Chain
  • http://www.dofaq.co/
  • https://www.dofaq.co/
32 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dofaq.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.171.202.8 Banqiao, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-171-202-8.dynamic-ip.hinet.net
Software
Caddy / PHP/8.2.4
Resource Hash
d0760cfa061160b791a4ccb76c37366b4fc17c78950ba35febdf5d3983e27590

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 19 Jan 2024 04:22:37 GMT
server
Caddy
vary
Accept-Encoding
x-powered-by
PHP/8.2.4

Redirect headers

Connection
close
Content-Length
0
Date
Fri, 19 Jan 2024 04:22:36 GMT
Location
https://www.dofaq.co/
Server
Caddy
main.css
www.dofaq.co/assets/css/ 		69 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dofaq.co/assets/css/main.css
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.171.202.8 Banqiao, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-171-202-8.dynamic-ip.hinet.net
Software
Caddy /
Resource Hash
9a8424d8471121906631551243b53d7f56affb06386d2727ea514e109d041e45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 04:22:38 GMT
content-encoding
gzip
last-modified
Sat, 26 Jan 2019 21:18:11 GMT
server
Caddy
etag
"plyj6b1ivi"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
alt-svc
h3=":443"; ma=2592000
2
tharbadir.com/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tharbadir.com/2?z=2373259
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
a399fc7909f16134952202ca1bafc360d6eba710ddcc797c4b298f1e512253e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-trace-id
c3256e8e820d8bfd79a7c16e1198c9fb
pragma
no-cache
date
Fri, 19 Jan 2024 04:22:39 GMT
content-encoding
gzip
x-sc
EHNphdcYc6UgoHPjdpl5f-Iarv3tFnDemMimO4JrvsBOsvejMtGHhWmlawYurb3r27YhO4hEfEp-0jp57Fnc-wYJtnA=
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires
Mon, 26 Jul 1997 05:00:00 GMT
infolinks_main.js
resources.infolinks.com/js/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b359c27faf1b78ade2b11082fa5d25b090984eac3266133e9b28ead5c5f9516

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 04:22:39 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 18 Jan 2024 12:14:51 GMT
server
cloudflare
age
450
etag
W/"1099-60f374f7d575a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
847c4c413cf703a6-FRA
expires
Fri, 19 Jan 2024 05:15:09 GMT
img2
www.dofaq.co/img/ 		121 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dofaq.co/img/img2?https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Fus-news%2Fscott-peterson-case-los-angeles-innocence-project-takes-case-man-convi-rcna134567
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.171.202.8 Banqiao, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-171-202-8.dynamic-ip.hinet.net
Software
Caddy, Caddy / PHP/7.4.29
Resource Hash
c7139d35df4892e230e00da0854b61aebe319e8292015ea50a835d994591f90e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Fri, 19 Jan 2024 04:22:38 GMT
server
Caddy, Caddy
x-powered-by
PHP/7.4.29
content-type
image/jpeg
cache-control
max-age=864000
alt-svc
h3=":443"; ma=2592000
content-length
124364
expires
Mon, 29 Jan 2024 04:22:38 GMT
1
native.propellerclick.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://native.propellerclick.com/1?z=2373354&eid=
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.235 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-trace-id
aa270713f14a7ae9eebdce0db4405d0f
date
Fri, 19 Jan 2024 04:22:39 GMT
x-sc
4KdnrdofxFOHMlcU
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/plain; charset=utf-8
access-control-allow-origin
access-control-expose-headers
X-Sc
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length
7
img2
www.dofaq.co/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dofaq.co/img/img2?https%3A%2F%2Fwww.justice.gov%2Fopa%2Fpr%2Fjustice-department-releases-report-its-critical-incident-review-response-mass-shooting-robb
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.171.202.8 Banqiao, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-171-202-8.dynamic-ip.hinet.net
Software
Caddy, Caddy / PHP/7.4.29
Resource Hash
0430212c94419456bb8ca4bcada4a3859cbffb6da747af4f3976b89192ad4a56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Fri, 19 Jan 2024 04:22:40 GMT
server
Caddy, Caddy
x-powered-by
PHP/7.4.29
content-type
image/jpeg
cache-control
max-age=864000
alt-svc
h3=":443"; ma=2592000
content-length
5297
expires
Mon, 29 Jan 2024 04:22:40 GMT
img2
www.dofaq.co/img/ 		128 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dofaq.co/img/img2?https%3A%2F%2Fwww.crainsgrandrapids.com%2Fnews%2Fnonprofits-philanthropy%2Fkalamazoo-billionaire-donates-100m-to-black-womens-college-in-atlanta%2F
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.171.202.8 Banqiao, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-171-202-8.dynamic-ip.hinet.net
Software
Caddy, Caddy / PHP/7.4.29
Resource Hash
d79a6ca4378cc5aa418c99f37dc955a3136a4f9b527befca52f799e10ca45322

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Fri, 19 Jan 2024 04:22:39 GMT
server
Caddy, Caddy
x-powered-by
PHP/7.4.29
content-type
image/jpeg
cache-control
max-age=864000
alt-svc
h3=":443"; ma=2592000
content-length
130746
expires
Mon, 29 Jan 2024 04:22:39 GMT
img2
www.dofaq.co/img/ 		143 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dofaq.co/img/img2?https%3A%2F%2Fwww.cbsnews.com%2Fnews%2Fselena-gomez-david-henrie-wizards-of-waverly-place-reboot%2F
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.171.202.8 Banqiao, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-171-202-8.dynamic-ip.hinet.net
Software
Caddy, Caddy / PHP/7.4.29
Resource Hash
9a20a3c7117d229784b085923d73133b86004ab03ed025526b012d0b9bf61355

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Fri, 19 Jan 2024 04:22:40 GMT
server
Caddy, Caddy
x-powered-by
PHP/7.4.29
content-type
image/jpeg
cache-control
max-age=864000
alt-svc
h3=":443"; ma=2592000
content-length
146052
expires
Mon, 29 Jan 2024 04:22:40 GMT
img2
www.dofaq.co/img/ 		158 KB
158 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dofaq.co/img/img2?https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Fworld%2Fus-bound-plane-returns-tokyo-man-bites-flight-attendant-rcna134442
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.171.202.8 Banqiao, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-171-202-8.dynamic-ip.hinet.net
Software
Caddy, Caddy / PHP/7.4.29
Resource Hash
10237632b27634de747e702462f742906be72a5f7d846acfbd78905f30e03a6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Fri, 19 Jan 2024 04:22:38 GMT
server
Caddy, Caddy
x-powered-by
PHP/7.4.29
content-type
image/jpeg
cache-control
max-age=864000
alt-svc
h3=":443"; ma=2592000
content-length
161403
expires
Mon, 29 Jan 2024 04:22:38 GMT
img2
www.dofaq.co/img/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dofaq.co/img/img2?https%3A%2F%2Fwww.blazersedge.com%2F2024%2F1%2F18%2F24043585%2Fdeadspin-slams-deandre-ayton-portland-trail-blazers-joe-cronin-chauncey-billups
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.171.202.8 Banqiao, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-171-202-8.dynamic-ip.hinet.net
Software
Caddy, Caddy / PHP/7.4.29
Resource Hash
a8c59da0edc47bcd13de03d141f1d6860da28ebadf7ffa4498f3b92adfe26b25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Fri, 19 Jan 2024 04:22:40 GMT
server
Caddy, Caddy
x-powered-by
PHP/7.4.29
content-type
image/jpeg
cache-control
max-age=864000
alt-svc
h3=":443"; ma=2592000
content-length
55231
expires
Mon, 29 Jan 2024 04:22:40 GMT
1
native.propellerclick.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://native.propellerclick.com/1?z=2373357&eid=
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.235 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-trace-id
2280e6d198a248242fdfa47a84c628ce
date
Fri, 19 Jan 2024 04:22:39 GMT
x-sc
4KdnrdofxFOHMlcU
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/plain; charset=utf-8
access-control-allow-origin
access-control-expose-headers
X-Sc
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length
7
img2
www.dofaq.co/img/ 		45 B
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dofaq.co/img/img2?https%3A%2F%2Fen.as.com%2Fsoccer%2Fatletico-madrid-real-madrid-live-online-score-stats-updates-copa-del-rey-round-of-16-n%2F
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.171.202.8 Banqiao, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-171-202-8.dynamic-ip.hinet.net
Software
Caddy, Caddy / PHP/7.4.29
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Fri, 19 Jan 2024 04:22:39 GMT
server
Caddy, Caddy
x-powered-by
PHP/7.4.29
content-type
application/octet-stream
cache-control
max-age=864000
alt-svc
h3=":443"; ma=2592000
content-length
45
expires
Mon, 29 Jan 2024 04:22:39 GMT
img2
www.dofaq.co/img/ 		604 KB
605 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dofaq.co/img/img2?https%3A%2F%2Falaskapublic.org%2F2024%2F01%2F18%2Fhow-a-supreme-court-case-about-herring-fishermen-could-upend-federal-regulation-on-land-and-sea%2F
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.171.202.8 Banqiao, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-171-202-8.dynamic-ip.hinet.net
Software
Caddy, Caddy / PHP/7.4.29
Resource Hash
ecd1267ef827b2e3e4f96c9a97836da3c89ff9bd371d73a7318f762928bb3eec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Fri, 19 Jan 2024 04:22:40 GMT
server
Caddy, Caddy
x-powered-by
PHP/7.4.29
content-type
image/jpeg
cache-control
max-age=864000
alt-svc
h3=":443"; ma=2592000
content-length
618540
expires
Mon, 29 Jan 2024 04:22:39 GMT
img2
www.dofaq.co/img/ 		45 B
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dofaq.co/img/img2?https%3A%2F%2Fen.as.com%2Fsoccer%2Funionistas-barcelona-live-online-score-stats-and-updates-copa-del-rey-round-of-16-n%2F
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.171.202.8 Banqiao, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-171-202-8.dynamic-ip.hinet.net
Software
Caddy, Caddy / PHP/7.4.29
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Fri, 19 Jan 2024 04:22:40 GMT
server
Caddy, Caddy
x-powered-by
PHP/7.4.29
content-type
application/octet-stream
cache-control
max-age=864000
alt-svc
h3=":443"; ma=2592000
content-length
45
expires
Mon, 29 Jan 2024 04:22:40 GMT
img2
www.dofaq.co/img/ 		136 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dofaq.co/img/img2?https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Fsports%2Fthunders-josh-giddey-wont-face-charges-allegations-inappropriate-relat-rcna134458
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.171.202.8 Banqiao, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-171-202-8.dynamic-ip.hinet.net
Software
Caddy, Caddy / PHP/7.4.29
Resource Hash
2867c0129473d18e57ff7d782ae6311f9f64450233d14d02cef2a76ae2b3bee7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Fri, 19 Jan 2024 04:22:39 GMT
server
Caddy, Caddy
x-powered-by
PHP/7.4.29
content-type
image/jpeg
cache-control
max-age=864000
alt-svc
h3=":443"; ma=2592000
content-length
139262
expires
Mon, 29 Jan 2024 04:22:39 GMT
img2
www.dofaq.co/img/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dofaq.co/img/img2?https%3A%2F%2Fkslsports.com%2F510028%2Freport-lakers-monitoring-sexton-trade%2F
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.171.202.8 Banqiao, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-171-202-8.dynamic-ip.hinet.net
Software
Caddy, Caddy / PHP/7.4.29
Resource Hash
fd1b763795817d69798c100dd379621363e95228cb6061e343788bebd202aede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Fri, 19 Jan 2024 04:22:40 GMT
server
Caddy, Caddy
x-powered-by
PHP/7.4.29
content-type
image/jpeg
cache-control
max-age=864000
alt-svc
h3=":443"; ma=2592000
content-length
117992
expires
Mon, 29 Jan 2024 04:22:40 GMT
1
native.propellerclick.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://native.propellerclick.com/1?z=2373360&eid=
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.235 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-trace-id
7b57162009204ef79b03fc45b7d04daf
date
Fri, 19 Jan 2024 04:22:39 GMT
x-sc
4KdnrdofxFOHMlcU
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/plain; charset=utf-8
access-control-allow-origin
access-control-expose-headers
X-Sc
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length
7
img2
www.dofaq.co/img/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dofaq.co/img/img2?https%3A%2F%2Fwww.foxla.com%2Fnews%2Fkanye-west-teeth-titanium-dentures-jaws-james-bond
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.171.202.8 Banqiao, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-171-202-8.dynamic-ip.hinet.net
Software
Caddy, Caddy / PHP/7.4.29
Resource Hash
6cf901373322888293c98c2393be1c20d38a88515810d9b28b35a476c0f2e67a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Fri, 19 Jan 2024 04:22:40 GMT
server
Caddy, Caddy
x-powered-by
PHP/7.4.29
content-type
image/jpeg
cache-control
max-age=864000
alt-svc
h3=":443"; ma=2592000
content-length
70277
expires
Mon, 29 Jan 2024 04:22:40 GMT
img2
www.dofaq.co/img/ 		140 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dofaq.co/img/img2?https%3A%2F%2Fwww.nbcsports.com%2Folympics%2Fnews%2Figa-swiatek-danielle-collins-australian-open
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.171.202.8 Banqiao, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-171-202-8.dynamic-ip.hinet.net
Software
Caddy, Caddy / PHP/7.4.29
Resource Hash
3674fc29afc050c09980342f8360ae30abca5afe0603f9c393925d9e21ed4ea6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Fri, 19 Jan 2024 04:22:40 GMT
server
Caddy, Caddy
x-powered-by
PHP/7.4.29
content-type
image/jpeg
cache-control
max-age=864000
alt-svc
h3=":443"; ma=2592000
content-length
143826
expires
Mon, 29 Jan 2024 04:22:40 GMT
img2
www.dofaq.co/img/ 		114 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dofaq.co/img/img2?https%3A%2F%2Fwww.espn.com%2Fnba%2Fstory%2F_%2Fid%2F39331271%2Fbucks-giannis-antetokounmpo-vs-cavaliers-bruised-shoulder
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.171.202.8 Banqiao, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-171-202-8.dynamic-ip.hinet.net
Software
Caddy, Caddy / PHP/7.4.29
Resource Hash
627ee1f487924e88306ee6383c2a23b4193fb2e56848f10251ece511988ef610

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Fri, 19 Jan 2024 04:22:39 GMT
server
Caddy, Caddy
x-powered-by
PHP/7.4.29
content-type
image/jpeg
cache-control
max-age=864000
alt-svc
h3=":443"; ma=2592000
content-length
117175
expires
Mon, 29 Jan 2024 04:22:39 GMT
img2
www.dofaq.co/img/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dofaq.co/img/img2?https%3A%2F%2Fwww.nbc.com%2Fnbc-insider%2Fmaggie-lockwood-marriage-may-soon-be-over-chicago-med
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.171.202.8 Banqiao, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-171-202-8.dynamic-ip.hinet.net
Software
Caddy, Caddy / PHP/7.4.29
Resource Hash
fd1b763795817d69798c100dd379621363e95228cb6061e343788bebd202aede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Fri, 19 Jan 2024 04:22:39 GMT
server
Caddy, Caddy
x-powered-by
PHP/7.4.29
content-type
image/jpeg
cache-control
max-age=864000
alt-svc
h3=":443"; ma=2592000
content-length
117992
expires
Mon, 29 Jan 2024 04:22:39 GMT
img2
www.dofaq.co/img/ 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dofaq.co/img/img2?https%3A%2F%2Fwww.cbsnews.com%2Fnews%2Farnold-schwarzenegger-detained-munich-airport-luxury-watch%2F
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.171.202.8 Banqiao, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-171-202-8.dynamic-ip.hinet.net
Software
Caddy, Caddy / PHP/7.4.29
Resource Hash
52b17b344c5939565f70d476104fe112a0969eaa211b604ca45d4ec7e9bd2033

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Fri, 19 Jan 2024 04:22:40 GMT
server
Caddy, Caddy
x-powered-by
PHP/7.4.29
content-type
image/jpeg
cache-control
max-age=864000
alt-svc
h3=":443"; ma=2592000
content-length
125680
expires
Mon, 29 Jan 2024 04:22:40 GMT
1
native.propellerclick.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://native.propellerclick.com/1?z=2373363&eid=
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.235 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-trace-id
e49a7bfb3bae924b6a4bdd5e552ae060
date
Fri, 19 Jan 2024 04:22:39 GMT
x-sc
4KdnrdofxFOHMlcU
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/plain; charset=utf-8
access-control-allow-origin
access-control-expose-headers
X-Sc
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length
7
jquery.min.js
www.dofaq.co/assets/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dofaq.co/assets/js/jquery.min.js
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.171.202.8 Banqiao, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-171-202-8.dynamic-ip.hinet.net
Software
Caddy /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 04:22:38 GMT
content-encoding
gzip
last-modified
Sat, 18 Feb 2017 03:04:43 GMT
server
Caddy
etag
"oljv7v221h"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000
skel.min.js
www.dofaq.co/assets/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dofaq.co/assets/js/skel.min.js
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.171.202.8 Banqiao, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-171-202-8.dynamic-ip.hinet.net
Software
Caddy /
Resource Hash
ddef8dbceabe0ffc9e272d6aad6a5890452be9294e08be661e97369d97d7ef81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 04:22:38 GMT
content-encoding
gzip
last-modified
Sat, 18 Feb 2017 03:04:43 GMT
server
Caddy
etag
"oljv7v70d"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000
content-length
3253
util.js
www.dofaq.co/assets/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dofaq.co/assets/js/util.js
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.171.202.8 Banqiao, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-171-202-8.dynamic-ip.hinet.net
Software
Caddy /
Resource Hash
c2e1e72b0de356f6ce184e3af4fa8ab6590a2581162905a27d77886b2d960e00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 04:22:38 GMT
content-encoding
gzip
last-modified
Sat, 18 Feb 2017 03:04:43 GMT
server
Caddy
etag
"oljv7v9ld"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000
content-length
3409
main.js
www.dofaq.co/assets/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dofaq.co/assets/js/main.js
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.171.202.8 Banqiao, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-171-202-8.dynamic-ip.hinet.net
Software
Caddy /
Resource Hash
ec71ee626e75ef6edaf52516cfc43c6b5ff0d2dfa1223e43f4584ef158fc4eaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 04:22:38 GMT
content-encoding
gzip
last-modified
Sat, 18 Feb 2017 03:04:43 GMT
server
Caddy
etag
"oljv7v51e"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000
content-length
2098
font-awesome.min.css
www.dofaq.co/assets/css/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dofaq.co/assets/css/font-awesome.min.css
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/assets/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.171.202.8 Banqiao, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-171-202-8.dynamic-ip.hinet.net
Software
Caddy /
Resource Hash
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/assets/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 04:22:38 GMT
content-encoding
gzip
last-modified
Sat, 18 Feb 2017 03:04:43 GMT
server
Caddy
etag
"oljv7vmfb"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
alt-svc
h3=":443"; ma=2592000
css
fonts.googleapis.com/ 		26 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,400italic,600italic|Roboto+Slab:400,700
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/assets/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
206316e12f74ff89a30d55c4c856abe0802d950eb5c4ed623885b43b0e2ab9e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 Jan 2024 04:22:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 Jan 2024 03:35:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Jan 2024 04:22:39 GMT
ice.js
resources.infolinks.com/js/1915.001-3.034.ab.1916.005-3.034/ 		189 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1915.001-3.034.ab.1916.005-3.034/ice.js
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7401331fe9d05cc8dc756089452201c48d3369b40262532cee58ea569f85d36b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 04:22:40 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 17 Jan 2024 13:16:52 GMT
server
cloudflare
age
10299
etag
W/"2f39f-60f240f6c464d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
847c4c459fa603a6-FRA
expires
Sun, 18 Feb 2024 01:31:01 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,400italic,600italic|Roboto+Slab:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.dofaq.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 11:02:10 GMT
x-content-type-options
nosniff
age
148830
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 11:02:10 GMT
4e75f1b34f01fbdc8712a12f1943297a
tharbadir.com/27/ 		403 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tharbadir.com/27/4e75f1b34f01fbdc8712a12f1943297a
Requested by
Host: tharbadir.com
URL: https://tharbadir.com/2?z=2373259
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
1b9453b6abbb91a88b95a5f310aab86ad9593da2f8b6a3e02e2cfb3bfe31e3a7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 04:22:40 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
a83710614ecbeb8c8d006f10660792e0
last-modified
Mon, 15 Jan 2024 08:07:28 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
access-control-expose-headers
X-Sc
cache-control
max-age:290304000, public
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires
Mon, 14 Feb 2084 08:07:28 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 19 Jan 2024 02:50:28 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5532
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 19 Jan 2024 04:50:28 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v34/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,400italic,600italic|Roboto+Slab:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.dofaq.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:26:31 GMT
x-content-type-options
nosniff
age
179769
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34328
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 01:54:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 02:26:31 GMT
fontawesome-webfont.woff2
www.dofaq.co/assets/fonts/ 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.dofaq.co/assets/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/assets/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
1.171.202.8 Banqiao, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
1-171-202-8.dynamic-ip.hinet.net
Software
Caddy /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer
https://www.dofaq.co/assets/css/font-awesome.min.css
Origin
https://www.dofaq.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 04:22:38 GMT
last-modified
Sat, 18 Feb 2017 03:04:43 GMT
server
Caddy
etag
"oljv7v1jh4"
content-type
font/woff2
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
71896
manage
router.infolinks.com/usync/ Frame B1E9 		0
33 B 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=3088588&wsid=0&pdom=www.dofaq.co&purl=https%3A%2F%2Fwww.dofaq.co%2F
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1915.001-3.034.ab.1916.005-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dofaq.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
847c4c45ffea03a6-FRA
content-length
0
date
Fri, 19 Jan 2024 04:22:40 GMT
server
cloudflare
via
1.1 google
lcmanage
router.infolinks.com/usync/ 		0
33 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/lcmanage?pid=3088588&wsid=0&pdom=www.dofaq.co&purl=https%3A%2F%2Fwww.dofaq.co%2F
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1915.001-3.034.ab.1916.005-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 04:22:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
847c4c45ffed03a6-FRA
content-length
0
gsd
router.infolinks.com/ 		0
43 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/gsd?evt=afterGSD&pid=3088588&wsid=0&pdom=www.dofaq.co&purl=https%3A%2F%2Fwww.dofaq.co%2F&jsv=1915.001-3.034.ab.1916.005-3.034&_cb=17056381603100
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1915.001-3.034.ab.1916.005-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 04:22:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
847c4c45ffec03a6-FRA
content-length
0
gid.js
my.rtmark.net/ 		65 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: tharbadir.com
URL: https://tharbadir.com/27/4e75f1b34f01fbdc8712a12f1943297a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
c4d0823586105a35793fe1ba7318fe076a95e30c6134dc32d210265edadaeea2
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 04:22:40 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.dofaq.co
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
collect
www.google-analytics.com/j/ 		16 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1967014335&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dofaq.co%2F&ul=en-us&de=UTF-8&dt=dofaq.co%20-%20most%20frequently%20asked%20questions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1883311726&gjid=809760874&cid=376041152.1705638160&tid=UA-92790284-1&_gid=1015537098.1705638160&_r=1&_slc=1&z=1385564490
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
62e7f4683f9402bf777bac547cfbb7413af75641d12381671a57fddd7a8d3a50
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dofaq.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 04:22:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.dofaq.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-92790284-1&cid=376041152.1705638160&jid=1883311726&gjid=809760874&_gid=1015537098.1705638160&_u=IEBAAEAAAAAAACAAI~&z=555438530
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dofaq.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 19 Jan 2024 04:22:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.dofaq.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		234 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YKQTKQ3QD7&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9ad6446be89ad05029580d946f743018e9efc6557d546c286e62fb06e15419ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 04:22:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84125
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 19 Jan 2024 04:22:40 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-92790284-1&cid=376041152.1705638160&jid=1883311726&_u=IEBAAEAAAAAAACAAI~&z=1769741039
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 04:22:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-92790284-1&cid=376041152.1705638160&jid=1883311726&_u=IEBAAEAAAAAAACAAI~&z=1769741039
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 04:22:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
9
tharbadir.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tharbadir.com/9?z=2892328&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fwww.dofaq.co%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&sah=1200&drf=&hil=1&ist=0&oaid=1653933f0a914e6bba32a1bf3be8f9bc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.dofaq.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://www.dofaq.co
cache-control
no-store, no-cache, must-revalidate, max-age=0
date
Fri, 19 Jan 2024 04:22:40 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
pragma
no-cache
server
nginx
9
tharbadir.com/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tharbadir.com/9?z=2892328&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fwww.dofaq.co%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&sah=1200&drf=&hil=1&ist=0&oaid=1653933f0a914e6bba32a1bf3be8f9bc
Requested by
Host: tharbadir.com
URL: https://tharbadir.com/27/4e75f1b34f01fbdc8712a12f1943297a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
34133602a72b2388bb01f3b42e3bbf2a625d95b510015a8d3d261e4efa383a05

Request headers

Referer
https://www.dofaq.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
340c49ababcefe83c40950a6f63184e8
pragma
no-cache
date
Fri, 19 Jan 2024 04:22:40 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
https://www.dofaq.co
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires
Mon, 26 Jul 1997 05:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-YKQTKQ3QD7&_ono=1&gtm=45je41h0v9134938419&_p=1705638160371&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=376041152.1705638160&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.dofaq.co%2F&dt=dofaq.co%20-%20most%20frequently%20asked%20questions&sid=1705638160&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=6162
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YKQTKQ3QD7&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 04:22:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.dofaq.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-YKQTKQ3QD7&cid=376041152.1705638160&gtm=45je41h0v9134938419&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YKQTKQ3QD7&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 04:22:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.dofaq.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-YKQTKQ3QD7&cid=376041152.1705638160&gtm=45je41h0v9134938419&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=2026553750
Requested by
Host: www.dofaq.co
URL: https://www.dofaq.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 04:22:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
11
tharbadir.com/ 		0
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tharbadir.com/11?rnd=800494062&z=2892328&b=5362695&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=6nyuvpkLxN4UjGBoP9wfHQtkv-ZJjosug1ghbLvPheWli-mv9ohU8irGEI0ei8QxqS_IGgNIWnuoPb4pXT7RDWw1OJC67mVkOjUfT_axA4Eq3UTAqWRhpjZtj4sZIvvIrLpHEZgjKt4ugbsetBHE-oipolhKB2D6kz-YuX1Cmi_-pLzldvf2ABp15Kg4jWz9jU_t9qpgo4AvnCE28113EMoGrXgTIF7hs3WG9S9CV79kXpH0B7sG2g98H1jLTJXYtWJKe4htDz7p0M8COwmqldnpuuJ5JZy3kaZIzW5Zb1w3pV92Be7FZY8QcbJkRve2&ruid=489a7a56-a685-4682-b96c-2ad7e0a8c262&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fwww.dofaq.co%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&sah=1200&drf=&hil=1&ist=0&ot=58
Requested by
Host: tharbadir.com
URL: https://tharbadir.com/27/4e75f1b34f01fbdc8712a12f1943297a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-trace-id
0ec45e94fc7eeede654428b14ca223ac
pragma
no-cache
date
Fri, 19 Jan 2024 04:22:40 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/jpeg
access-control-allow-origin
https://www.dofaq.co
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
interstitial-08.com/ Frame 8885 		21 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftharbadir.com%2F12%3Frnd%3D3716679300%26z%3D2892328%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D6nyuvpkLxN4UjGBoP9wfHQtkv-ZJjosug1ghbLvPheWli-mv9ohU8irGEI0ei8QxqS_IGgNIWnuoPb4pXT7RDWw1OJC67mVkOjUfT_axA4Eq3UTAqWRhpjZtj4sZIvvIrLpHEZgjKt4ugbsetBHE-oipolhKB2D6kz-YuX1Cmi_-pLzldvf2ABp15Kg4jWz9jU_t9qpgo4AvnCE28113EMoGrXgTIF7hs3WG9S9CV79kXpH0B7sG2g98H1jLTJXYtWJKe4htDz7p0M8COwmqldnpuuJ5JZy3kaZIzW5Zb1w3pV92Be7FZY8QcbJkRve2%26bag%3DydU9kaAfa6I%3D%26ruid%3D489a7a56-a685-4682-b96c-2ad7e0a8c262%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fwww.dofaq.co%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D1%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Requested by
Host: tharbadir.com
URL: https://tharbadir.com/27/4e75f1b34f01fbdc8712a12f1943297a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.33
Resource Hash
94af9a310d2a4923b2f4702366345b2000e9b9f71c6e1e8128fd4ce705b22353

Request headers

Referer
https://www.dofaq.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 19 Jan 2024 04:22:40 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
style.css
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/ Frame 8885 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/style.css?v=1518177503492
Requested by
Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftharbadir.com%2F12%3Frnd%3D3716679300%26z%3D2892328%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D6nyuvpkLxN4UjGBoP9wfHQtkv-ZJjosug1ghbLvPheWli-mv9ohU8irGEI0ei8QxqS_IGgNIWnuoPb4pXT7RDWw1OJC67mVkOjUfT_axA4Eq3UTAqWRhpjZtj4sZIvvIrLpHEZgjKt4ugbsetBHE-oipolhKB2D6kz-YuX1Cmi_-pLzldvf2ABp15Kg4jWz9jU_t9qpgo4AvnCE28113EMoGrXgTIF7hs3WG9S9CV79kXpH0B7sG2g98H1jLTJXYtWJKe4htDz7p0M8COwmqldnpuuJ5JZy3kaZIzW5Zb1w3pV92Be7FZY8QcbJkRve2%26bag%3DydU9kaAfa6I%3D%26ruid%3D489a7a56-a685-4682-b96c-2ad7e0a8c262%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fwww.dofaq.co%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D1%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12ec824a66b6ad652e1cf0952853b6ba3053dd76a84bbcf4bdb3c055e411c78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://interstitial-08.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 04:22:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Dec 2023 12:54:54 GMT
server
cloudflare
age
6572
etag
W/"656f1d9e-30c9"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=3600
cf-ray
847c4c493c6a2be8-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
audible.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame 8885 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/audible.png
Requested by
Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftharbadir.com%2F12%3Frnd%3D3716679300%26z%3D2892328%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D6nyuvpkLxN4UjGBoP9wfHQtkv-ZJjosug1ghbLvPheWli-mv9ohU8irGEI0ei8QxqS_IGgNIWnuoPb4pXT7RDWw1OJC67mVkOjUfT_axA4Eq3UTAqWRhpjZtj4sZIvvIrLpHEZgjKt4ugbsetBHE-oipolhKB2D6kz-YuX1Cmi_-pLzldvf2ABp15Kg4jWz9jU_t9qpgo4AvnCE28113EMoGrXgTIF7hs3WG9S9CV79kXpH0B7sG2g98H1jLTJXYtWJKe4htDz7p0M8COwmqldnpuuJ5JZy3kaZIzW5Zb1w3pV92Be7FZY8QcbJkRve2%26bag%3DydU9kaAfa6I%3D%26ruid%3D489a7a56-a685-4682-b96c-2ad7e0a8c262%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fwww.dofaq.co%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D1%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
871975b8040629c7b43de81b1a0878f40991ec2f49caddd6441b5d1f8322aeed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://interstitial-08.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 04:22:40 GMT
cf-cache-status
HIT
age
6753
content-length
3429
last-modified
Tue, 05 Dec 2023 12:54:54 GMT
server
cloudflare
etag
"656f1d9e-d65"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
847c4c493c6b2be8-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
0100657458245.jpeg
interstitial-08.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/ Frame 8885 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://interstitial-08.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/0100657458245.jpeg
Requested by
Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftharbadir.com%2F12%3Frnd%3D3716679300%26z%3D2892328%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D6nyuvpkLxN4UjGBoP9wfHQtkv-ZJjosug1ghbLvPheWli-mv9ohU8irGEI0ei8QxqS_IGgNIWnuoPb4pXT7RDWw1OJC67mVkOjUfT_axA4Eq3UTAqWRhpjZtj4sZIvvIrLpHEZgjKt4ugbsetBHE-oipolhKB2D6kz-YuX1Cmi_-pLzldvf2ABp15Kg4jWz9jU_t9qpgo4AvnCE28113EMoGrXgTIF7hs3WG9S9CV79kXpH0B7sG2g98H1jLTJXYtWJKe4htDz7p0M8COwmqldnpuuJ5JZy3kaZIzW5Zb1w3pV92Be7FZY8QcbJkRve2%26bag%3DydU9kaAfa6I%3D%26ruid%3D489a7a56-a685-4682-b96c-2ad7e0a8c262%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fwww.dofaq.co%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D1%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftharbadir.com%2F12%3Frnd%3D3716679300%26z%3D2892328%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D6nyuvpkLxN4UjGBoP9wfHQtkv-ZJjosug1ghbLvPheWli-mv9ohU8irGEI0ei8QxqS_IGgNIWnuoPb4pXT7RDWw1OJC67mVkOjUfT_axA4Eq3UTAqWRhpjZtj4sZIvvIrLpHEZgjKt4ugbsetBHE-oipolhKB2D6kz-YuX1Cmi_-pLzldvf2ABp15Kg4jWz9jU_t9qpgo4AvnCE28113EMoGrXgTIF7hs3WG9S9CV79kXpH0B7sG2g98H1jLTJXYtWJKe4htDz7p0M8COwmqldnpuuJ5JZy3kaZIzW5Zb1w3pV92Be7FZY8QcbJkRve2%26bag%3DydU9kaAfa6I%3D%26ruid%3D489a7a56-a685-4682-b96c-2ad7e0a8c262%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fwww.dofaq.co%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D1%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 04:22:40 GMT
last-modified
Thu, 31 Jan 2019 11:14:34 GMT
server
nginx
etag
"5c52d89a-d0e0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length
53472
0933414948049.jpeg
interstitial-08.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/ Frame 8885 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://interstitial-08.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/0933414948049.jpeg
Requested by
Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftharbadir.com%2F12%3Frnd%3D3716679300%26z%3D2892328%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D6nyuvpkLxN4UjGBoP9wfHQtkv-ZJjosug1ghbLvPheWli-mv9ohU8irGEI0ei8QxqS_IGgNIWnuoPb4pXT7RDWw1OJC67mVkOjUfT_axA4Eq3UTAqWRhpjZtj4sZIvvIrLpHEZgjKt4ugbsetBHE-oipolhKB2D6kz-YuX1Cmi_-pLzldvf2ABp15Kg4jWz9jU_t9qpgo4AvnCE28113EMoGrXgTIF7hs3WG9S9CV79kXpH0B7sG2g98H1jLTJXYtWJKe4htDz7p0M8COwmqldnpuuJ5JZy3kaZIzW5Zb1w3pV92Be7FZY8QcbJkRve2%26bag%3DydU9kaAfa6I%3D%26ruid%3D489a7a56-a685-4682-b96c-2ad7e0a8c262%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fwww.dofaq.co%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D1%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftharbadir.com%2F12%3Frnd%3D3716679300%26z%3D2892328%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D6nyuvpkLxN4UjGBoP9wfHQtkv-ZJjosug1ghbLvPheWli-mv9ohU8irGEI0ei8QxqS_IGgNIWnuoPb4pXT7RDWw1OJC67mVkOjUfT_axA4Eq3UTAqWRhpjZtj4sZIvvIrLpHEZgjKt4ugbsetBHE-oipolhKB2D6kz-YuX1Cmi_-pLzldvf2ABp15Kg4jWz9jU_t9qpgo4AvnCE28113EMoGrXgTIF7hs3WG9S9CV79kXpH0B7sG2g98H1jLTJXYtWJKe4htDz7p0M8COwmqldnpuuJ5JZy3kaZIzW5Zb1w3pV92Be7FZY8QcbJkRve2%26bag%3DydU9kaAfa6I%3D%26ruid%3D489a7a56-a685-4682-b96c-2ad7e0a8c262%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fwww.dofaq.co%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D1%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 04:22:40 GMT
last-modified
Wed, 15 Aug 2018 10:56:50 GMT
server
nginx
etag
"5b7406f2-393b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length
14651
0350025199145.jpeg
interstitial-08.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/ Frame 8885 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://interstitial-08.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/0350025199145.jpeg
Requested by
Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftharbadir.com%2F12%3Frnd%3D3716679300%26z%3D2892328%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D6nyuvpkLxN4UjGBoP9wfHQtkv-ZJjosug1ghbLvPheWli-mv9ohU8irGEI0ei8QxqS_IGgNIWnuoPb4pXT7RDWw1OJC67mVkOjUfT_axA4Eq3UTAqWRhpjZtj4sZIvvIrLpHEZgjKt4ugbsetBHE-oipolhKB2D6kz-YuX1Cmi_-pLzldvf2ABp15Kg4jWz9jU_t9qpgo4AvnCE28113EMoGrXgTIF7hs3WG9S9CV79kXpH0B7sG2g98H1jLTJXYtWJKe4htDz7p0M8COwmqldnpuuJ5JZy3kaZIzW5Zb1w3pV92Be7FZY8QcbJkRve2%26bag%3DydU9kaAfa6I%3D%26ruid%3D489a7a56-a685-4682-b96c-2ad7e0a8c262%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fwww.dofaq.co%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D1%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftharbadir.com%2F12%3Frnd%3D3716679300%26z%3D2892328%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D6nyuvpkLxN4UjGBoP9wfHQtkv-ZJjosug1ghbLvPheWli-mv9ohU8irGEI0ei8QxqS_IGgNIWnuoPb4pXT7RDWw1OJC67mVkOjUfT_axA4Eq3UTAqWRhpjZtj4sZIvvIrLpHEZgjKt4ugbsetBHE-oipolhKB2D6kz-YuX1Cmi_-pLzldvf2ABp15Kg4jWz9jU_t9qpgo4AvnCE28113EMoGrXgTIF7hs3WG9S9CV79kXpH0B7sG2g98H1jLTJXYtWJKe4htDz7p0M8COwmqldnpuuJ5JZy3kaZIzW5Zb1w3pV92Be7FZY8QcbJkRve2%26bag%3DydU9kaAfa6I%3D%26ruid%3D489a7a56-a685-4682-b96c-2ad7e0a8c262%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fwww.dofaq.co%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D1%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 04:22:40 GMT
last-modified
Tue, 17 Jul 2018 10:46:08 GMT
server
nginx
etag
"5b4dc8f0-8b17"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length
35607
01289039865190.jpeg
interstitial-08.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/ Frame 8885 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://interstitial-08.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/01289039865190.jpeg
Requested by
Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftharbadir.com%2F12%3Frnd%3D3716679300%26z%3D2892328%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D6nyuvpkLxN4UjGBoP9wfHQtkv-ZJjosug1ghbLvPheWli-mv9ohU8irGEI0ei8QxqS_IGgNIWnuoPb4pXT7RDWw1OJC67mVkOjUfT_axA4Eq3UTAqWRhpjZtj4sZIvvIrLpHEZgjKt4ugbsetBHE-oipolhKB2D6kz-YuX1Cmi_-pLzldvf2ABp15Kg4jWz9jU_t9qpgo4AvnCE28113EMoGrXgTIF7hs3WG9S9CV79kXpH0B7sG2g98H1jLTJXYtWJKe4htDz7p0M8COwmqldnpuuJ5JZy3kaZIzW5Zb1w3pV92Be7FZY8QcbJkRve2%26bag%3DydU9kaAfa6I%3D%26ruid%3D489a7a56-a685-4682-b96c-2ad7e0a8c262%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fwww.dofaq.co%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D1%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftharbadir.com%2F12%3Frnd%3D3716679300%26z%3D2892328%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D6nyuvpkLxN4UjGBoP9wfHQtkv-ZJjosug1ghbLvPheWli-mv9ohU8irGEI0ei8QxqS_IGgNIWnuoPb4pXT7RDWw1OJC67mVkOjUfT_axA4Eq3UTAqWRhpjZtj4sZIvvIrLpHEZgjKt4ugbsetBHE-oipolhKB2D6kz-YuX1Cmi_-pLzldvf2ABp15Kg4jWz9jU_t9qpgo4AvnCE28113EMoGrXgTIF7hs3WG9S9CV79kXpH0B7sG2g98H1jLTJXYtWJKe4htDz7p0M8COwmqldnpuuJ5JZy3kaZIzW5Zb1w3pV92Be7FZY8QcbJkRve2%26bag%3DydU9kaAfa6I%3D%26ruid%3D489a7a56-a685-4682-b96c-2ad7e0a8c262%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fwww.dofaq.co%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D1%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 04:22:40 GMT
last-modified
Thu, 31 Jan 2019 11:14:34 GMT
server
nginx
etag
"5c52d89a-c502"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length
50434
player.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame 8885 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/player.png
Requested by
Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftharbadir.com%2F12%3Frnd%3D3716679300%26z%3D2892328%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D6nyuvpkLxN4UjGBoP9wfHQtkv-ZJjosug1ghbLvPheWli-mv9ohU8irGEI0ei8QxqS_IGgNIWnuoPb4pXT7RDWw1OJC67mVkOjUfT_axA4Eq3UTAqWRhpjZtj4sZIvvIrLpHEZgjKt4ugbsetBHE-oipolhKB2D6kz-YuX1Cmi_-pLzldvf2ABp15Kg4jWz9jU_t9qpgo4AvnCE28113EMoGrXgTIF7hs3WG9S9CV79kXpH0B7sG2g98H1jLTJXYtWJKe4htDz7p0M8COwmqldnpuuJ5JZy3kaZIzW5Zb1w3pV92Be7FZY8QcbJkRve2%26bag%3DydU9kaAfa6I%3D%26ruid%3D489a7a56-a685-4682-b96c-2ad7e0a8c262%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fwww.dofaq.co%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D1%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1eb8cf889202f439bb6bd1a03049b2e71953c7c0a5aadddde498cbea9bcadac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://interstitial-08.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 04:22:40 GMT
cf-cache-status
HIT
age
6572
content-length
28527
last-modified
Tue, 05 Dec 2023 12:54:54 GMT
server
cloudflare
etag
"656f1d9e-6f6f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
847c4c493c6d2be8-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
script.js
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/ Frame 8885 		1 KB
564 B 		Script
General
Check archive.org
Download Go to
Full URL
https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/script.js?v=1518177503494
Requested by
Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftharbadir.com%2F12%3Frnd%3D3716679300%26z%3D2892328%26b%3D5362695%26c%3D2755022%26var%3D%26varid%3D0%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3D6nyuvpkLxN4UjGBoP9wfHQtkv-ZJjosug1ghbLvPheWli-mv9ohU8irGEI0ei8QxqS_IGgNIWnuoPb4pXT7RDWw1OJC67mVkOjUfT_axA4Eq3UTAqWRhpjZtj4sZIvvIrLpHEZgjKt4ugbsetBHE-oipolhKB2D6kz-YuX1Cmi_-pLzldvf2ABp15Kg4jWz9jU_t9qpgo4AvnCE28113EMoGrXgTIF7hs3WG9S9CV79kXpH0B7sG2g98H1jLTJXYtWJKe4htDz7p0M8COwmqldnpuuJ5JZy3kaZIzW5Zb1w3pV92Be7FZY8QcbJkRve2%26bag%3DydU9kaAfa6I%3D%26ruid%3D489a7a56-a685-4682-b96c-2ad7e0a8c262%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fwww.dofaq.co%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D1%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55c72f42fc6ee2c502a5f86fe215690719ce746f383ec8551af1f1fb66252b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://interstitial-08.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 04:22:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Dec 2023 12:54:54 GMT
server
cloudflare
age
1508
etag
W/"656f1d9e-58b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=3600
cf-ray
847c4c493c6c2be8-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
11
tharbadir.com/ 		0
731 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tharbadir.com/11?rnd=800494062&z=2892328&b=5362695&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=6nyuvpkLxN4UjGBoP9wfHQtkv-ZJjosug1ghbLvPheWli-mv9ohU8irGEI0ei8QxqS_IGgNIWnuoPb4pXT7RDWw1OJC67mVkOjUfT_axA4Eq3UTAqWRhpjZtj4sZIvvIrLpHEZgjKt4ugbsetBHE-oipolhKB2D6kz-YuX1Cmi_-pLzldvf2ABp15Kg4jWz9jU_t9qpgo4AvnCE28113EMoGrXgTIF7hs3WG9S9CV79kXpH0B7sG2g98H1jLTJXYtWJKe4htDz7p0M8COwmqldnpuuJ5JZy3kaZIzW5Zb1w3pV92Be7FZY8QcbJkRve2&ruid=489a7a56-a685-4682-b96c-2ad7e0a8c262&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fwww.dofaq.co%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&sah=1200&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
Requested by
Host: tharbadir.com
URL: https://tharbadir.com/27/4e75f1b34f01fbdc8712a12f1943297a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.dofaq.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-trace-id
19bc9e74c114baf56977063db2e1e3ff
pragma
no-cache
date
Fri, 19 Jan 2024 04:22:45 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/jpeg
access-control-allow-origin
https://www.dofaq.co
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ 		152 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a5b11fb2b805c87ab9e5425e8c6f70b353c99cc11cb9ef8023f05d1d765c019

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8885 		548 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32c21b537a7c9420627217e0c79185ef4c70c07e08f79fa1ad96b9c437e9f46b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 number| infolinks_pid number| infolinks_wsid boolean| IL_INIT object| $iceboot object| INFOLINKS object| regeneratorRuntime object| zfgformats object| zfgstorage boolean| zfgloadednative string| GoogleAnalyticsObject function| ga object| adsbygoogle function| $ function| jQuery object| skel function| onorientationchange object| jQuery1113047428170007904025 function| _typeof function| _defineProperty function| _retranber object| syncCallbacks object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| google_tag_manager object| googletag object| _nps boolean| nsto

12 Cookies

Domain/Path Name / Value
native.propellerclick.com/ Name: scm
Value: 1
tharbadir.com/ Name: scm
Value: 1
tharbadir.com/ Name: oaidts
Value: 1705638159
www.dofaq.co/ Name: logglytrackingsession
Value: 605d7875-226b-496c-895b-c7fdd022205b
.dofaq.co/ Name: _ga
Value: GA1.2.376041152.1705638160
.dofaq.co/ Name: _gid
Value: GA1.2.1015537098.1705638160
.dofaq.co/ Name: _gat
Value: 1
my.rtmark.net/ Name: ID
Value: 1653933f0a914e6bba32a1bf3be8f9bc
.dofaq.co/ Name: _ga_YKQTKQ3QD7
Value: GS1.2.1705638160.1.0.1705638160.60.0.0
tharbadir.com/ Name: OAID
Value: 1653933f0a914e6bba32a1bf3be8f9bc
tharbadir.com/ Name: oaidvc
Value: 1
tharbadir.com/ Name: CNT
Value: 1_v1_B9RRAAEAAAAdTQAA

4 Console Messages

Source Level URL
Text
network error URL: https://native.propellerclick.com/1?z=2373357&eid=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://native.propellerclick.com/1?z=2373354&eid=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://native.propellerclick.com/1?z=2373360&eid=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://native.propellerclick.com/1?z=2373363&eid=
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
interstitial-08.com
littlecdn.com
my.rtmark.net
native.propellerclick.com
region1.analytics.google.com
resources.infolinks.com
router.infolinks.com
stats.g.doubleclick.net
tharbadir.com
www.dofaq.co
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
1.171.202.8
139.45.195.8
139.45.197.151
139.45.197.235
139.45.197.238
172.66.42.247
2001:4860:4802:34::36
2001:4860:4802:36::178
2606:4700:10::6816:1974
2a00:1450:4001:811::2008
2a00:1450:4001:827::2003
2a00:1450:4001:828::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82b::200a
2a00:1450:400c:c00::9c
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c
0430212c94419456bb8ca4bcada4a3859cbffb6da747af4f3976b89192ad4a56
0a5b11fb2b805c87ab9e5425e8c6f70b353c99cc11cb9ef8023f05d1d765c019
10237632b27634de747e702462f742906be72a5f7d846acfbd78905f30e03a6c
1b359c27faf1b78ade2b11082fa5d25b090984eac3266133e9b28ead5c5f9516
1b9453b6abbb91a88b95a5f310aab86ad9593da2f8b6a3e02e2cfb3bfe31e3a7
206316e12f74ff89a30d55c4c856abe0802d950eb5c4ed623885b43b0e2ab9e3
2867c0129473d18e57ff7d782ae6311f9f64450233d14d02cef2a76ae2b3bee7
32c21b537a7c9420627217e0c79185ef4c70c07e08f79fa1ad96b9c437e9f46b
34133602a72b2388bb01f3b42e3bbf2a625d95b510015a8d3d261e4efa383a05
3674fc29afc050c09980342f8360ae30abca5afe0603f9c393925d9e21ed4ea6
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
52b17b344c5939565f70d476104fe112a0969eaa211b604ca45d4ec7e9bd2033
55c72f42fc6ee2c502a5f86fe215690719ce746f383ec8551af1f1fb66252b2e
627ee1f487924e88306ee6383c2a23b4193fb2e56848f10251ece511988ef610
62e7f4683f9402bf777bac547cfbb7413af75641d12381671a57fddd7a8d3a50
6cf901373322888293c98c2393be1c20d38a88515810d9b28b35a476c0f2e67a
7401331fe9d05cc8dc756089452201c48d3369b40262532cee58ea569f85d36b
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
871975b8040629c7b43de81b1a0878f40991ec2f49caddd6441b5d1f8322aeed
89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568
94af9a310d2a4923b2f4702366345b2000e9b9f71c6e1e8128fd4ce705b22353
9a20a3c7117d229784b085923d73133b86004ab03ed025526b012d0b9bf61355
9a8424d8471121906631551243b53d7f56affb06386d2727ea514e109d041e45
9ad6446be89ad05029580d946f743018e9efc6557d546c286e62fb06e15419ea
a399fc7909f16134952202ca1bafc360d6eba710ddcc797c4b298f1e512253e1
a8c59da0edc47bcd13de03d141f1d6860da28ebadf7ffa4498f3b92adfe26b25
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238
c2e1e72b0de356f6ce184e3af4fa8ab6590a2581162905a27d77886b2d960e00
c4d0823586105a35793fe1ba7318fe076a95e30c6134dc32d210265edadaeea2
c7139d35df4892e230e00da0854b61aebe319e8292015ea50a835d994591f90e
d0760cfa061160b791a4ccb76c37366b4fc17c78950ba35febdf5d3983e27590
d12ec824a66b6ad652e1cf0952853b6ba3053dd76a84bbcf4bdb3c055e411c78
d1eb8cf889202f439bb6bd1a03049b2e71953c7c0a5aadddde498cbea9bcadac
d79a6ca4378cc5aa418c99f37dc955a3136a4f9b527befca52f799e10ca45322
ddef8dbceabe0ffc9e272d6aad6a5890452be9294e08be661e97369d97d7ef81
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec71ee626e75ef6edaf52516cfc43c6b5ff0d2dfa1223e43f4584ef158fc4eaa
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ecd1267ef827b2e3e4f96c9a97836da3c89ff9bd371d73a7318f762928bb3eec
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d
fd1b763795817d69798c100dd379621363e95228cb6061e343788bebd202aede