urlscan.io logo urlscan.io
SecurityTrails logo

thenewfling.com Open in urlscan Pro
151.101.65.195  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://madenadi-gq.translate.goog/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/rockiness?_x_tr_sch=http&_x_tr_sl=ru&_x...
Effective URL: https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOm...
Submission: On June 19 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 5 countries across 19 domains to perform 51 HTTP transactions. The main IP is 151.101.65.195, located in United States and belongs to FASTLY, US. The main domain is thenewfling.com.
TLS certificate: Issued by GTS CA 1D4 on May 13th 2021. Valid for: 3 months.
This is the only time thenewfling.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 91.218.244.48 50867 (HOSTKEY-R...)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 18.198.80.68 16509 (AMAZON-02)
1 9 151.101.65.195 54113 (FASTLY)
2 2a02:6ea0:c70... 60068 (CDN77 (^_^)/)
2 151.101.1.195 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 136.243.46.156 24940 (HETZNER-AS)
3 95.211.229.245 60781 (LEASEWEB-...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a0c:5c81:512... 55081 (24SHELLS)
1 2600:1f18:454... 14618 (AMAZON-AES)
1 67.22.42.114 48684 (VIKINGHOST)
1 74.117.182.34 40824 (WZCOM-)
2 162.55.0.220 24940 (HETZNER-AS)
2 162.55.0.219 24940 (HETZNER-AS)
51 22
2    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
madenadi-gq.translate.goog
4    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.google.com
4    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.googleapis.com
5    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
fonts.gstatic.com
4    91.218.244.48 (Russian Federation)

ASN50867 (HOSTKEY-RU-AS, NL)
aquaquoa.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    18.198.80.68 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-80-68.eu-central-1.compute.amazonaws.com
trk.epsilonlink.com
9    151.101.65.195 (United States)

ASN54113 (FASTLY, US)
thenewfling.com
2    2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
sdk.unative.com
2    151.101.1.195 (United States)

ASN54113 (FASTLY, US)
swiftfling.com
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    136.243.46.156 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.156.46.243.136.clients.your-server.de
tsyndicate.com
3    95.211.229.245 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
main.exoclick.com
1    2606:4700:3033::6815:3d6c (United States)

ASN13335 (CLOUDFLARENET, US)
nextgencounter.com
1    2a0c:5c81:5120::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
d.adtelligent.com
1    2600:1f18:454c:f520:5f11:72a8:8b05:7d3f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
ads.traffichunt.com
1    67.22.42.114 (Netherlands)

ASN48684 (VIKINGHOST, NL)
tfosrv.com
1    74.117.182.34 (United States)

ASN40824 (WZCOM-, US)
stats-d1272-serving.com
2    162.55.0.220 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.220.0.55.162.clients.your-server.de
tr-un.unative.com
2    162.55.0.219 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.219.0.55.162.clients.your-server.de
api-un.unative.com
Domain Requested by
9 thenewfling.com 1 redirects aquaquoa.com
thenewfling.com
4 aquaquoa.com madenadi-gq.translate.goog
aquaquoa.com
ajax.googleapis.com
4 translate.googleapis.com translate.google.com
translate.googleapis.com
4 translate.google.com madenadi-gq.translate.goog
3 main.exoclick.com thenewfling.com
3 fonts.gstatic.com fonts.googleapis.com
2 api-un.unative.com sdk.unative.com
2 tr-un.unative.com sdk.unative.com
2 tsyndicate.com thenewfling.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.googleapis.com thenewfling.com
2 swiftfling.com thenewfling.com
2 sdk.unative.com thenewfling.com
sdk.unative.com
2 www.gstatic.com madenadi-gq.translate.goog
translate.googleapis.com
2 madenadi-gq.translate.goog 1 redirects
1 stats-d1272-serving.com thenewfling.com
1 tfosrv.com thenewfling.com
1 ads.traffichunt.com thenewfling.com
1 d.adtelligent.com thenewfling.com
1 nextgencounter.com thenewfling.com
1 www.googletagmanager.com thenewfling.com
1 trk.epsilonlink.com 1 redirects
1 ajax.googleapis.com aquaquoa.com
0 stats-dss2145-serving.com Failed thenewfling.com
51 24

This site contains links to these domains. Also see Links.

Domain
trk.epsilonlink.com
lonelypartners.com
Subject Issuer Validity Valid
*.googleusercontent.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-24 -
2021-08-16		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
admin.littlelads.art
GTS CA 1D4		 2021-05-13 -
2021-08-11		 3 months crt.sh
1058678020.rsc.cdn77.org
R3		 2021-05-06 -
2021-08-04		 3 months crt.sh
www.shoplystr.app
GTS CA 1D4		 2021-05-13 -
2021-08-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-24 -
2021-08-16		 3 months crt.sh
tsyndicate.com
R3		 2021-04-27 -
2021-07-26		 3 months crt.sh
exoclick.com
R3		 2021-05-31 -
2021-08-29		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-02 -
2022-03-01		 a year crt.sh
d.adtelligent.com
R3		 2021-05-27 -
2021-08-25		 3 months crt.sh
*.traffichunt.com
Sectigo RSA Domain Validation Secure Server CA		 2020-07-29 -
2021-07-29		 a year crt.sh
*.tfosrv.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-18 -
2021-11-18		 a year crt.sh
74.117.182.34
74.117.182.34		 2018-09-25 -
2028-09-22		 10 years crt.sh
unative.com
R3		 2021-05-06 -
2021-08-04		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D
Frame ID: FB2F0563AA49EC31AF77ED1B8088E253
Requests: 48 HTTP requests in this frame

Frame: https://translate.google.com/translate_un?sl=ru&tl=en&u=http://madenadi.gq/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/rockiness&usg=ALkJrhivs7oD1F76D1d7ScZKtFwd917zAA
Frame ID: 82B2A50EF4B3BA6A2896406B185F83A9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://madenadi-gq.translate.goog/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/rockiness?_x_tr_sch... HTTP 301
    https://madenadi-gq.translate.goog/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/rockiness?_x_tr_sch... Page URL
  2. http://aquaquoa.com/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/rockiness?p=t Page URL
  3. https://trk.epsilonlink.com/f2c0f1ac-8569-4f3f-b13a-c6e44fb28a9f?source={908}&email={email}&CampaignID={... HTTP 302
    https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv?cep=3jsq87-WBLZ05GbPSIcV2RY... HTTP 301
    https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2R... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Page Statistics

51
Requests

88 %
HTTPS

55 %
IPv6

19
Domains

24
Subdomains

22
IPs

5
Countries

592 kB
Transfer

1013 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://madenadi-gq.translate.goog/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/rockiness?_x_tr_sch=http&_x_tr_sl=ru&_x_tr_tl=en&_x_tr_hl=uk HTTP 301
    https://madenadi-gq.translate.goog/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/rockiness?_x_tr_sch=http&_x_tr_sl=ru&_x_tr_tl=en&_x_tr_hl=uk Page URL
  2. http://aquaquoa.com/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/rockiness?p=t Page URL
  3. https://trk.epsilonlink.com/f2c0f1ac-8569-4f3f-b13a-c6e44fb28a9f?source={908}&email={email}&CampaignID={CampaignID}&S1=1248&aff_id=100205&flow_id={flow_id} HTTP 302
    https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D HTTP 301
    https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://madenadi-gq.translate.goog/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/rockiness?_x_tr_sch=http&_x_tr_sl=ru&_x_tr_tl=en&_x_tr_hl=uk HTTP 301
  • https://madenadi-gq.translate.goog/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/rockiness?_x_tr_sch=http&_x_tr_sl=ru&_x_tr_tl=en&_x_tr_hl=uk

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
rockiness
madenadi-gq.translate.goog/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/
Redirect Chain
  • http://madenadi-gq.translate.goog/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/rockiness?_x_tr_sch=http&_x_tr_sl=ru&_x_tr_tl=en&_x_tr_hl=uk
  • https://madenadi-gq.translate.goog/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/rockiness?_x_tr_sch=http&_x_tr_sl=ru&_x_tr_tl=en&_x_tr_hl=uk
1 KB
907 B 		Document
General
Check archive.org
Download Go to
Full URL
https://madenadi-gq.translate.goog/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/rockiness?_x_tr_sch=http&_x_tr_sl=ru&_x_tr_tl=en&_x_tr_hl=uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d4fbaaa233f9bcf95311b13712ad6c6d06f4e589af49b444515108c1c9fea472
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
madenadi-gq.translate.goog
:scheme
https
:path
/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/rockiness?_x_tr_sch=http&_x_tr_sl=ru&_x_tr_tl=en&_x_tr_hl=uk
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-robots-tag
none
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
content-encoding
gzip
date
Sat, 19 Jun 2021 10:17:29 GMT
server
ESF
cache-control
private
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

Content-Type
application/binary
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Pragma
no-cache
Expires
Mon, 01 Jan 1990 00:00:00 GMT
Date
Sat, 19 Jun 2021 10:17:28 GMT
Location
https://madenadi-gq.translate.goog/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/rockiness?_x_tr_sch=http&_x_tr_sl=ru&_x_tr_tl=en&_x_tr_hl=uk
Server
ESF
Content-Length
0
X-XSS-Protection
0
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
element.js
translate.google.com/translate_a/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=gtElInit&client=wt&hl=uk
Requested by
Host: madenadi-gq.translate.goog
URL: https://madenadi-gq.translate.goog/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/rockiness?_x_tr_sch=http&_x_tr_sl=ru&_x_tr_tl=en&_x_tr_hl=uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
cec144a1a1a2ca751306c2b54e85d0114b2ec63ac6cd2d49550a1511d5a33ac4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Jun 2021 10:17:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
HTTP server (unknown)
content-language
uk
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3857
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
translate_un
translate.google.com/ Frame 82B2 		320 B
413 B 		Document
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_un?sl=ru&tl=en&u=http://madenadi.gq/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/rockiness&usg=ALkJrhivs7oD1F76D1d7ScZKtFwd917zAA
Requested by
Host: madenadi-gq.translate.goog
URL: https://madenadi-gq.translate.goog/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/rockiness?_x_tr_sch=http&_x_tr_sl=ru&_x_tr_tl=en&_x_tr_hl=uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
7e822a7128666d3a45ab550577d05703a3818f8dc9b50ce247e0a275cf6bf49f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
translate.google.com
:scheme
https
:path
/translate_un?sl=ru&tl=en&u=http://madenadi.gq/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/rockiness&usg=ALkJrhivs7oD1F76D1d7ScZKtFwd917zAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 10:17:29 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
content-language
en
x-content-type-options
nosniff
content-encoding
gzip
server
HTTP server (unknown)
content-length
247
x-xss-protection
0
set-cookie
CONSENT=PENDING+684; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.com; Secure
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
translateelement.css
translate.googleapis.com/translate_static/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=gtElInit&client=wt&hl=uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 09:20:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
3401
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3130
x-xss-protection
0
last-modified
Wed, 24 Feb 2021 19:45:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 19 Jun 2021 10:20:48 GMT
main_uk.js
translate.googleapis.com/translate_static/js/element/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/js/element/main_uk.js
Requested by
Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=gtElInit&client=wt&hl=uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a8fd9218aa8723ceefc7551b0508bb93b1a674042cea269ef771a6250114814
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 09:55:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
1317
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2687
x-xss-protection
0
last-modified
Mon, 24 May 2021 18:08:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 19 Jun 2021 10:55:32 GMT
element_main.js
translate.googleapis.com/element/TE_20210503_00/e/js/element/ 		252 KB
252 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/element/TE_20210503_00/e/js/element/element_main.js
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main_uk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09363cc7c668ce12683214a9877ae9c068a82dfb8f64111355933c24e7193a98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 13:20:47 GMT
x-content-type-options
nosniff
age
75402
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
257604
x-xss-protection
0
last-modified
Mon, 03 May 2021 09:56:24 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 18 Jun 2022 13:20:47 GMT
gen204
translate.google.com/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://translate.google.com/gen204?nca=te_li&client=wt_lib&logld=vTE_20210503_00
Requested by
Host: madenadi-gq.translate.goog
URL: https://madenadi-gq.translate.goog/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/rockiness?_x_tr_sch=http&_x_tr_sl=ru&_x_tr_tl=en&_x_tr_hl=uk
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Jun 2021 10:17:29 GMT
x-content-type-options
nosniff
server
HTTP server (unknown)
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 		825 B
913 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Requested by
Host: madenadi-gq.translate.goog
URL: https://madenadi-gq.translate.goog/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/rockiness?_x_tr_sch=http&_x_tr_sl=ru&_x_tr_tl=en&_x_tr_hl=uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 09:48:20 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
1749
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
825
x-xss-protection
0
expires
Sun, 19 Jun 2022 09:48:20 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://translate.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 09:30:55 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
2794
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1847
x-xss-protection
0
expires
Sun, 19 Jun 2022 09:30:55 GMT
t
translate.googleapis.com/translate_a/ 		17 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_a/t?anno=3&client=wt_lib&format=html&v=1.0&key&logld=vTE_20210503_00&sl=ru&tl=en&tc=1&sr=1&tk=955438.554604&mode=1
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20210503_00/e/js/element/element_main.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
4ba5d012086b047a8480a382cd74952b49f64c938f025d1df0bf5af77607845d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 19 Jun 2021 10:17:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
HTTP server (unknown)
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37
x-xss-protection
0
expires
Sat, 19 Jun 2021 10:17:29 GMT
gen204
translate.google.com/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://translate.google.com/gen204?sl=ru&tl=en&textlen=17&ttt=51&ttl=78&sr=1&nca=te_time&client=wt_lib&logld=vTE_20210503_00
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Jun 2021 10:17:29 GMT
x-content-type-options
nosniff
server
HTTP server (unknown)
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rockiness
aquaquoa.com/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/ 		1 KB
950 B 		Document
General
Check archive.org
Download Go to
Full URL
http://aquaquoa.com/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/rockiness?p=t
Requested by
Host: madenadi-gq.translate.goog
URL: https://madenadi-gq.translate.goog/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/rockiness?_x_tr_sch=http&_x_tr_sl=ru&_x_tr_tl=en&_x_tr_hl=uk
Protocol
HTTP/1.1
Server
91.218.244.48 , Russian Federation, ASN50867 (HOSTKEY-RU-AS, NL),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
679683c6d4b382f2746ee231e7720909c824858b522679986197fee0737e2f87

Request headers

Host
aquaquoa.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sat, 19 Jun 2021 10:17:48 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: aquaquoa.com
URL: http://aquaquoa.com/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/rockiness?p=t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 09:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2443
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 Jun 2022 09:36:46 GMT
891749907.1447267154.2218528270.594583058
aquaquoa.com/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://aquaquoa.com/891749907.1447267154.2218528270.594583058
Requested by
Host: aquaquoa.com
URL: http://aquaquoa.com/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/rockiness?p=t
Protocol
HTTP/1.1
Server
91.218.244.48 , Russian Federation, ASN50867 (HOSTKEY-RU-AS, NL),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8effef18a817c22d929eb3955cd32d2ffb4859b8d7035c8e2f4ade2bb41e77f6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
aquaquoa.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Jun 2021 10:17:49 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
14742
Expires
0
rockiness&p=a
aquaquoa.com/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/ 		155 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://aquaquoa.com/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/rockiness&p=a
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
HTTP/1.1
Server
91.218.244.48 , Russian Federation, ASN50867 (HOSTKEY-RU-AS, NL),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Pragma
no-cache
Origin
http://aquaquoa.com
Accept-Encoding
gzip, deflate
Host
aquaquoa.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Cache-Control
no-cache
X-Requested-With
XMLHttpRequest
Connection
keep-alive
Content-Length
0
Accept
*/*
Referer
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 19 Jun 2021 10:17:49 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
GE4YlhWMD0=
aquaquoa.com/M1k4/em1MSCs1dE1YOWk4ZFc5V/Uh5Vy8yS3/NxNmgxMDU1N09vd/ 		0
257 B 		Script
General
Check archive.org
Download Go to
Full URL
http://aquaquoa.com/M1k4/em1MSCs1dE1YOWk4ZFc5V/Uh5Vy8yS3/NxNmgxMDU1N09vd/GE4YlhWMD0=
Requested by
Host: aquaquoa.com
URL: http://aquaquoa.com/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/rockiness?p=t
Protocol
HTTP/1.1
Server
91.218.244.48 , Russian Federation, ASN50867 (HOSTKEY-RU-AS, NL),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
aquaquoa.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Connection
keep-alive
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 19 Jun 2021 10:17:49 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Primary Request /
thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/
Redirect Chain
  • https://trk.epsilonlink.com/f2c0f1ac-8569-4f3f-b13a-c6e44fb28a9f?source={908}&email={email}&CampaignID={CampaignID}&S1=1248&aff_id=100205&flow_id={flow_id}
  • https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_j...
  • https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_...
15 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D
Requested by
Host: aquaquoa.com
URL: http://aquaquoa.com/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/rockiness?p=t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5c875771455fbdf7bc665febdfb14933bade4a32b4d5fff469118e1d5897d59f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:method
GET
:authority
thenewfling.com
:scheme
https
:path
/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://aquaquoa.com/bossed/cox/852767216/oread/glutted/marshalsea/1624028332/rockiness?p=t

Response headers

cache-control
max-age=3600
content-encoding
br
content-type
text/html; charset=utf-8
etag
"5223f16a5f36efacbfe66d839b6fb240479981c84181f0673511a80685042e60-br"
last-modified
Fri, 18 Jun 2021 12:08:32 GMT
strict-transport-security
max-age=31556926
accept-ranges
bytes
date
Sat, 19 Jun 2021 10:17:30 GMT
x-served-by
cache-hhn4038-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1624097850.209506,VS0,VE288
vary
x-fh-requested-host, accept-encoding
content-length
2233

Redirect headers

location
/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D
content-type
text/plain; charset=utf-8
accept-ranges
bytes
date
Sat, 19 Jun 2021 10:17:30 GMT
x-served-by
cache-hhn4038-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1624097850.080326,VS0,VE109
vary
x-fh-requested-host, accept-encoding
content-length
697
webPushMotivationPopupSmall.css
thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/css/webPushMotivationPopupSmall.css
Requested by
Host: thenewfling.com
URL: https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1d0085245bd8d2d09608a659e54ebf672ae357cc71f50a631f18d2e37a9a8fda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:path
/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/css/webPushMotivationPopupSmall.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
thenewfling.com
referer
https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Fri, 18 Jun 2021 12:08:32 GMT
x-timer
S1624097851.525354,VS0,VE1
etag
"481b967dc9221a9592037fa7759cad78eab7649938e4eef2a15fd0eb22dc7273-br"
x-served-by
cache-hhn4038-HHN
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/css; charset=utf-8
cache-control
max-age=3600
date
Sat, 19 Jun 2021 10:17:30 GMT
accept-ranges
bytes
content-length
1015
x-cache-hits
1
style.css
thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/css/style.css
Requested by
Host: thenewfling.com
URL: https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
993888e975a2807a5ba7c50dbc3ad1f4453b9da52621642408f80e807806ec6d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:path
/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/css/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
thenewfling.com
referer
https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Fri, 18 Jun 2021 12:08:32 GMT
x-timer
S1624097851.525336,VS0,VE1
etag
"6ce574583e6cb0411a88c31e909a1afd5f88d481e82e861e676760bbbad2437e-br"
x-served-by
cache-hhn4038-HHN
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/css; charset=utf-8
cache-control
max-age=3600
date
Sat, 19 Jun 2021 10:17:30 GMT
accept-ranges
bytes
content-length
1781
x-cache-hits
1
cookie.css
thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/css/ 		4 KB
825 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/css/cookie.css
Requested by
Host: thenewfling.com
URL: https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fc8f986e30be86e2b781c732d580f28a7afeb48e4e22799986407f2faafd7c02
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:path
/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/css/cookie.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
thenewfling.com
referer
https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Fri, 18 Jun 2021 12:08:32 GMT
x-timer
S1624097851.525442,VS0,VE1
etag
"845b84f5410f0a90a22ce127f32962ad0a6340508e177e4075fcbe53d7500df9-br"
x-served-by
cache-hhn4038-HHN
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/css; charset=utf-8
cache-control
max-age=3600
date
Sat, 19 Jun 2021 10:17:30 GMT
accept-ranges
bytes
content-length
714
x-cache-hits
1
script.js
thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/js/ 		86 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/js/script.js
Requested by
Host: thenewfling.com
URL: https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8de92b8c40dcc641784e9e30da76a4bcc5ad8bd315afc6ed57878de11fe01489
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:path
/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/js/script.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
thenewfling.com
referer
https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Fri, 18 Jun 2021 12:08:32 GMT
x-timer
S1624097851.525576,VS0,VE1
etag
"3d2cec1057f6252741c8632ff5f04b2477006b3575b73b41debbefe060089e52-br"
x-served-by
cache-hhn4038-HHN
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Sat, 19 Jun 2021 10:17:30 GMT
accept-ranges
bytes
content-length
27952
x-cache-hits
1
UNativeSDK.js
sdk.unative.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.unative.com/UNativeSDK.js
Requested by
Host: thenewfling.com
URL: https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
12f3ffc2bef3ae11d82ec74d1c21eaf9d7ee389d320b85d8fb00b666a6eefa2c

Request headers

Referer
https://thenewfling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt
Abk73BDIN7jvUx4FAA==
x-accel-expires
@1624799207
date
Sat, 19 Jun 2021 10:17:30 GMT
content-encoding
br
etag
W/"43f4-5bfc628d78321"
last-modified
Mon, 12 Apr 2021 13:04:53 GMT
server
CDN77-Turbo
x-77-nzt-ray
x3tK4uUHIZ8=
vary
Accept-Encoding
x-77-cache
HIT
content-type
application/x-javascript
x-cache
HIT
x-age
335443
x-77-pop
frankfurtDE
UNativeSDKUpdaterWorker.js
swiftfling.com/ 		62 B
345 B 		Script
General
Check archive.org
Download Go to
Full URL
https://swiftfling.com/UNativeSDKUpdaterWorker.js
Requested by
Host: thenewfling.com
URL: https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1ce071c9effc970aa56d59810f9b04372a9ac4c0bb273fd416f743b0c3e49689
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://thenewfling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
last-modified
Fri, 18 Jun 2021 12:08:32 GMT
x-timer
S1624097851.570012,VS0,VE1
etag
"98584797339fc7b930aed7f5fc19a38730c4312dc558a3ef458942d9df3c2e87"
x-served-by
cache-hhn4032-HHN
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Sat, 19 Jun 2021 10:17:30 GMT
accept-ranges
bytes
content-length
62
x-cache-hits
1
UNativeSDKWorker.js
swiftfling.com/ 		62 B
120 B 		Script
General
Check archive.org
Download Go to
Full URL
https://swiftfling.com/UNativeSDKWorker.js
Requested by
Host: thenewfling.com
URL: https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1ce071c9effc970aa56d59810f9b04372a9ac4c0bb273fd416f743b0c3e49689
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://thenewfling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
last-modified
Fri, 18 Jun 2021 12:08:32 GMT
x-timer
S1624097851.570077,VS0,VE1
etag
"98584797339fc7b930aed7f5fc19a38730c4312dc558a3ef458942d9df3c2e87"
x-served-by
cache-hhn4032-HHN
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Sat, 19 Jun 2021 10:17:30 GMT
accept-ranges
bytes
content-length
62
x-cache-hits
1
css
fonts.googleapis.com/ 		1008 B
511 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Assistant
Requested by
Host: thenewfling.com
URL: https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/css/webPushMotivationPopupSmall.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e29136de65bbf6c76f8060488e808bfcf750db5beee0b52174d084d85ae3d943
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thenewfling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 19 Jun 2021 10:03:07 GMT
server
ESF
date
Sat, 19 Jun 2021 10:17:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 19 Jun 2021 10:17:30 GMT
gtm.js
www.googletagmanager.com/ 		112 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TMR4NP
Requested by
Host: thenewfling.com
URL: https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
caf0c044669c897565c1b3b9fdaf21753cc16f1cb0d92d67d2865901751deb59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://thenewfling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 10:17:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38185
x-xss-protection
0
last-modified
Sat, 19 Jun 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 19 Jun 2021 10:17:30 GMT
css
fonts.googleapis.com/ 		6 KB
669 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700
Requested by
Host: thenewfling.com
URL: https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/css/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thenewfling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 19 Jun 2021 09:28:45 GMT
server
ESF
date
Sat, 19 Jun 2021 10:17:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 19 Jun 2021 10:17:30 GMT
shapes.png
thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/images/shapes.png
Requested by
Host: thenewfling.com
URL: https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bacbf7948643d205b2cf2c6e5f07dce8b00a43544df6e243d15b90e5643496ec
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:path
/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/images/shapes.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
thenewfling.com
referer
https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/css/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Fri, 18 Jun 2021 12:08:32 GMT
x-timer
S1624097851.603167,VS0,VE1
etag
"1acfff82b83077721448556f3aafe7b378afee917cf11d0e33a3b71e6e5e2890-br"
x-served-by
cache-hhn4038-HHN
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
image/png
cache-control
max-age=3600
date
Sat, 19 Jun 2021 10:17:30 GMT
accept-ranges
bytes
content-length
3245
x-cache-hits
1
photo1.jpg
thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/images/ 		41 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/images/photo1.jpg
Requested by
Host: thenewfling.com
URL: https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
da6ad5651fb06e746150df46ff7842aed7daedfdfc79ed09445ced0d4e0b9fdf
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:path
/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/images/photo1.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
thenewfling.com
referer
https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/css/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Fri, 18 Jun 2021 12:08:32 GMT
x-timer
S1624097851.603189,VS0,VE1
etag
"aa8ef0dd4c199a01db66569381ae38d6ad58b27a72e5496795759a07b025fd6e-br"
x-served-by
cache-hhn4038-HHN
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
image/jpeg
cache-control
max-age=3600
date
Sat, 19 Jun 2021 10:17:30 GMT
accept-ranges
bytes
content-length
41065
x-cache-hits
1
photo2.jpg
thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/images/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/images/photo2.jpg
Requested by
Host: thenewfling.com
URL: https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
95c0d0e4fbb0cc3972035daba8bcc7f17623ce7bfda1bd3ba00507baec039c6c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

:path
/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/images/photo2.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
thenewfling.com
referer
https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/css/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Fri, 18 Jun 2021 12:08:32 GMT
x-timer
S1624097851.603141,VS0,VE1
etag
"9c1d737f11e2c1463b511f681e94a54e3f74139ba1cc3b204660bf46c5d192fb-br"
x-served-by
cache-hhn4038-HHN
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
image/jpeg
cache-control
max-age=3600
date
Sat, 19 Jun 2021 10:17:30 GMT
accept-ranges
bytes
content-length
47480
x-cache-hits
1
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://thenewfling.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 15:02:11 GMT
x-content-type-options
nosniff
age
587719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 15:02:11 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://thenewfling.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 12 Jun 2021 17:35:42 GMT
x-content-type-options
nosniff
age
578508
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Jun 2022 17:35:42 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://thenewfling.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 05:12:17 GMT
x-content-type-options
nosniff
age
18313
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 Jun 2022 05:12:17 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TMR4NP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thenewfling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
4733
date
Sat, 19 Jun 2021 08:58:37 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Sat, 19 Jun 2021 10:58:37 GMT
06eb0705-463f-4b96-836b-64bf3cfa8631
tsyndicate.com/api/v1/retargeting/set/ 		35 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsyndicate.com/api/v1/retargeting/set/06eb0705-463f-4b96-836b-64bf3cfa8631?gtmcb=47710874
Requested by
Host: thenewfling.com
URL: https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.46.156 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.156.46.243.136.clients.your-server.de
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://thenewfling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Jun 2021 10:17:30 GMT
server
nginx
x-api-version
1
vary
*
report-to
{ "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-type
text/plain; charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag
none, noindex, nofollow
content-length
35
x-request-id
e057a46dae214efd
expires
0
tag.php
main.exoclick.com/ 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://main.exoclick.com/tag.php?goal=68831a8833a4917ff6b2c530dc3a4c1f&gtmcb=807996617
Requested by
Host: thenewfling.com
URL: https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thenewfling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 19 Jun 2021 10:17:30 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
tag.php
main.exoclick.com/ 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://main.exoclick.com/tag.php?goal=33d8e6a4225d77ae914dff110feef000&gtmcb=1417406157
Requested by
Host: thenewfling.com
URL: https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thenewfling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 19 Jun 2021 10:17:30 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
index.min.js
nextgencounter.com/ 		645 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nextgencounter.com/index.min.js?pk=d22e6e1bbef67e016bac3e7555dfcf6d&gtmcb=1424647777
Requested by
Host: thenewfling.com
URL: https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3d6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thenewfling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 10:17:31 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 19 Mar 2021 11:14:58 GMT
server
cloudflare
etag
W/"605487b2-285"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sxAx5yGJvPzOQqwfSzjErZTNchdJ6dU1fhgrIwl5enpMVhn9Bm3nxGjnvD6E2Ml9eo1%2BG5FsT7XxFvuRsg1BtpplMhL281OqigPjO59punffUjX37BS6i8vmqKSzB3%2Fu6xLgCI8Ys43Hujbs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
661c020e99a54e9d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0ac55f9d1e00004e9d6eabd000000001
tag.php
main.exoclick.com/ 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://main.exoclick.com/tag.php?goal=5ca8b60d120434a1134c010ca6272da6&gtmcb=1946976233
Requested by
Host: thenewfling.com
URL: https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thenewfling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 19 Jun 2021 10:17:30 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
d.adtelligent.com/segments/ 		43 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adtelligent.com/segments/?id=290&gtmcb=1144692425
Requested by
Host: thenewfling.com
URL: https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5120::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://thenewfling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 19 Jun 2021 10:17:29 GMT
Server
VertaMedia 1.0
Content-Type
image/gif
Access-Control-Allow-Origin
https://thenewfling.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=7200
Content-Length
43
/
ads.traffichunt.com/adv_ret/ 		0
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.traffichunt.com/adv_ret/?adv_pixel_id=861&nid=3&gtmcb=207726712
Requested by
Host: thenewfling.com
URL: https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:454c:f520:5f11:72a8:8b05:7d3f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thenewfling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 19 Jun 2021 10:17:30 GMT
server
nginx
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
e61f38d1-37ba-4a3d-9474-c0d9e0d9ea70
tsyndicate.com/api/v1/retargeting/set/ 		35 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsyndicate.com/api/v1/retargeting/set/e61f38d1-37ba-4a3d-9474-c0d9e0d9ea70?gtmcb=1309836812
Requested by
Host: thenewfling.com
URL: https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.46.156 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.156.46.243.136.clients.your-server.de
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://thenewfling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Jun 2021 10:17:30 GMT
server
nginx
x-api-version
1
vary
*
report-to
{ "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-type
text/plain; charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag
none, noindex, nofollow
content-length
35
x-request-id
978521aa69b4227f
expires
0
segment
stats-dss2145-serving.com/tracking/ 		0
0
retargeting.js
tfosrv.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tfosrv.com/retargeting.js?id=981&gtmcb=692127643
Requested by
Host: thenewfling.com
URL: https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.22.42.114 , Netherlands, ASN48684 (VIKINGHOST, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thenewfling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Jun 2021 10:17:30 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding
chunked
Content-Type
text/javascript
Expires
0
segment
stats-d1272-serving.com/tracking/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats-d1272-serving.com/tracking/segment?key=da813846-7710-4846-ae14-3396e3c110d9
Requested by
Host: thenewfling.com
URL: https://thenewfling.com/ep/adu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv/?cep=3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY&lptoken=167924fa09bd96d75090&source=%7B908%7D&email=%7Bemail%7D&CampaignID=%7BCampaignID%7D&S1=1248&aff_id=100205&flow_id=%7Bflow_id%7D
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.117.182.34 , United States, ASN40824 (WZCOM-, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thenewfling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
close
Cache-Control
no-cache
Content-Type
application/json
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1392655529&t=pageview&_s=1&dl=https%3A%2F%2Fthenewfling.com%2Fep%2Fadu_de_27_03_20_t1_v1_3_ex1_re1_dis2_Push2_jv%2F%3Fcep%3D3jsq87-WBLZ05GbPSIcV2RYliRbAIy6extrCX8xCOmaSfxgA40q7LrgICwsZJBkuf136rYn3jeZZX7fG31Eh3eKDiHMmF3cC9E6SVGVWJbBA4K-4GCDRAa_jgmedJuYjMqBzOgaUSpRWc10HXgXa2F0JVzY2NoxH1Sp6UA4jRE08eYUUaZFjGR6cIHBWkzHrI6PX3x878SMtYtdtzw7Yms2GQjtIwU_pJEUX40bHRIuuYxqu8nNxPJDJRbsK0m0UAs5yB2KxgAMn0UNSl2mUWUddW0R9qpPpduEEZLAstq19G6P1j-J0coUqtagR6e9h-oEkjcbLXO4KZfrLgIfupecXCAFZ2rSwC8pQSdngRHwNgsIgIOjiK9WYikrE9Sx4Ke6J-7V-UjmMz2rUNkBAr-CW_5U6GW-IvFrCyd2xJxjBN1NqJDEomQRH0YwowDPExq6fYD7tpyKMN7BL7GWFff1peDw94f_TzQrkr2_ujNY%26lptoken%3D167924fa09bd96d75090%26source%3D%257B908%257D%26email%3D%257Bemail%257D%26CampaignID%3D%257BCampaignID%257D%26S1%3D1248%26aff_id%3D100205%26flow_id%3D%257Bflow_id%257D&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=150261319&gjid=961679045&cid=1909182405.1624097851&tid=UA-133587726-1&_gid=1987443808.1624097851&_r=1&gtm=2wg6g0TMR4NP&z=1456290954
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://thenewfling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 19 Jun 2021 10:17:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thenewfling.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
UNativePageSDKES6.js
sdk.unative.com/ 		174 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.unative.com/UNativePageSDKES6.js?v=150706
Requested by
Host: sdk.unative.com
URL: https://sdk.unative.com/UNativeSDK.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
93276c95839806dd7db3ca66ed454f14f7e3cee0fd3549ac7631f9b7b5d4e3ee

Request headers

Referer
https://thenewfling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt
Abk73BB5dybvUx4FAA==
x-accel-expires
@1624799207
date
Sat, 19 Jun 2021 10:17:30 GMT
content-encoding
br
etag
W/"2b78f-5bfc628d78321"
last-modified
Mon, 12 Apr 2021 13:04:53 GMT
server
CDN77-Turbo
x-77-nzt-ray
h19EyU+ofYk=
vary
Accept-Encoding
x-77-cache
HIT
content-type
application/x-javascript
x-cache
HIT
x-age
335443
x-77-pop
frankfurtDE
33db8e77-19c7-4958-9af2-1a888a2a64fd
tr-un.unative.com/track/visit/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tr-un.unative.com/track/visit/33db8e77-19c7-4958-9af2-1a888a2a64fd
Protocol
HTTP/1.1
Server
162.55.0.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.0.55.162.clients.your-server.de
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type,sdk-version
Origin
https://thenewfling.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

allow
HEAD,GET,OPTIONS
last-modified
Sat, 19 Jun 2021 10:17:30 UTC
x-responded-by
cors-support-provider
access-control-expose-headers
set-cookie
access-control-allow-origin
*
access-control-request-headers
content-type,sdk-version,origin,accept,content-type,x-requested-with
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age
86400
access-control-allow-headers
content-type,sdk-version,origin,accept,content-type,x-requested-with
content-type
application/vnd.sun.wadl+xml;charset=UTF-8
content-length
594
date
Sat, 19 Jun 2021 10:17:30 GMT
33db8e77-19c7-4958-9af2-1a888a2a64fd
tr-un.unative.com/track/visit/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr-un.unative.com/track/visit/33db8e77-19c7-4958-9af2-1a888a2a64fd
Requested by
Host: sdk.unative.com
URL: https://sdk.unative.com/UNativePageSDKES6.js?v=150706
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.55.0.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.0.55.162.clients.your-server.de
Software
/
Resource Hash

Request headers

Referer
https://thenewfling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sdk-version
unative/web/150706
content-type
application/json;charset=UTF-8

Response headers

date
Sat, 19 Jun 2021 10:17:30 GMT
x-responded-by
cors-support-provider
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin
*
access-control-expose-headers
set-cookie
access-control-allow-credentials
true
content-length
0
access-control-request-headers
origin,accept,content-type,x-requested-with
33db8e77-19c7-4958-9af2-1a888a2a64fd
api-un.unative.com/p/w/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-un.unative.com/p/w/33db8e77-19c7-4958-9af2-1a888a2a64fd
Protocol
HTTP/1.1
Server
162.55.0.219 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.219.0.55.162.clients.your-server.de
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type,sdk-version
Origin
https://thenewfling.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

allow
HEAD,GET,OPTIONS
last-modified
Sat, 19 Jun 2021 10:17:30 UTC
x-responded-by
cors-support-provider
access-control-expose-headers
set-cookie
access-control-allow-origin
*
access-control-request-headers
content-type,sdk-version,origin,accept,content-type,x-requested-with
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age
86400
access-control-allow-headers
content-type,sdk-version,origin,accept,content-type,x-requested-with
content-type
application/vnd.sun.wadl+xml;charset=UTF-8
content-length
586
date
Sat, 19 Jun 2021 10:17:30 GMT
33db8e77-19c7-4958-9af2-1a888a2a64fd
api-un.unative.com/p/w/ 		157 B
616 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-un.unative.com/p/w/33db8e77-19c7-4958-9af2-1a888a2a64fd
Requested by
Host: sdk.unative.com
URL: https://sdk.unative.com/UNativePageSDKES6.js?v=150706
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.55.0.219 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.219.0.55.162.clients.your-server.de
Software
/
Resource Hash
e373ac1520688109127301f32d60cfb2565bc73a39ea1516366a402ad58676a5

Request headers

Referer
https://thenewfling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sdk-version
unative/web/150706
content-type
application/json;charset=UTF-8

Response headers

date
Sat, 19 Jun 2021 10:17:30 GMT
x-responded-by
cors-support-provider
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
set-cookie
access-control-allow-credentials
true
content-length
157
access-control-request-headers
origin,accept,content-type,x-requested-with

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
stats-dss2145-serving.com
URL
https://stats-dss2145-serving.com/tracking/segment?key=b8dc8146-d8b8-4e7f-ac0b-3734979d8cca&gtmcb=718286289

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer function| $ function| jQuery function| UNative object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData number| __uNativeSdkLoadCount

3 Cookies

Domain/Path Name / Value
.thenewfling.com/ Name: _gat_UA-133587726-1
Value: 1
.thenewfling.com/ Name: _gid
Value: GA1.2.1987443808.1624097851
.thenewfling.com/ Name: _ga
Value: GA1.2.1909182405.1624097851

2 Console Messages

Source Level URL
Text
console-api log URL: https://sdk.unative.com/UNativePageSDKES6.js?v=150706(Line 1)
Message:
Not Incognito
console-api error URL: https://sdk.unative.com/UNativePageSDKES6.js?v=150706(Line 1)
Message:
TypeError: Cannot read property 'permission' of undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.traffichunt.com
ajax.googleapis.com
api-un.unative.com
aquaquoa.com
d.adtelligent.com
fonts.googleapis.com
fonts.gstatic.com
madenadi-gq.translate.goog
main.exoclick.com
nextgencounter.com
sdk.unative.com
stats-d1272-serving.com
stats-dss2145-serving.com
swiftfling.com
tfosrv.com
thenewfling.com
tr-un.unative.com
translate.google.com
translate.googleapis.com
trk.epsilonlink.com
tsyndicate.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
stats-dss2145-serving.com
136.243.46.156
151.101.1.195
151.101.65.195
162.55.0.219
162.55.0.220
18.198.80.68
2600:1f18:454c:f520:5f11:72a8:8b05:7d3f
2606:4700:3033::6815:3d6c
2a00:1450:4001:808::2001
2a00:1450:4001:809::2003
2a00:1450:4001:813::2008
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200a
2a02:6ea0:c700::10
2a0c:5c81:5120::2
67.22.42.114
74.117.182.34
91.218.244.48
95.211.229.245
09363cc7c668ce12683214a9877ae9c068a82dfb8f64111355933c24e7193a98
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
12f3ffc2bef3ae11d82ec74d1c21eaf9d7ee389d320b85d8fb00b666a6eefa2c
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1ce071c9effc970aa56d59810f9b04372a9ac4c0bb273fd416f743b0c3e49689
1d0085245bd8d2d09608a659e54ebf672ae357cc71f50a631f18d2e37a9a8fda
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
4a8fd9218aa8723ceefc7551b0508bb93b1a674042cea269ef771a6250114814
4ba5d012086b047a8480a382cd74952b49f64c938f025d1df0bf5af77607845d
5c875771455fbdf7bc665febdfb14933bade4a32b4d5fff469118e1d5897d59f
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
679683c6d4b382f2746ee231e7720909c824858b522679986197fee0737e2f87
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7e822a7128666d3a45ab550577d05703a3818f8dc9b50ce247e0a275cf6bf49f
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8de92b8c40dcc641784e9e30da76a4bcc5ad8bd315afc6ed57878de11fe01489
8effef18a817c22d929eb3955cd32d2ffb4859b8d7035c8e2f4ade2bb41e77f6
93276c95839806dd7db3ca66ed454f14f7e3cee0fd3549ac7631f9b7b5d4e3ee
95c0d0e4fbb0cc3972035daba8bcc7f17623ce7bfda1bd3ba00507baec039c6c
993888e975a2807a5ba7c50dbc3ad1f4453b9da52621642408f80e807806ec6d
bacbf7948643d205b2cf2c6e5f07dce8b00a43544df6e243d15b90e5643496ec
caf0c044669c897565c1b3b9fdaf21753cc16f1cb0d92d67d2865901751deb59
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cec144a1a1a2ca751306c2b54e85d0114b2ec63ac6cd2d49550a1511d5a33ac4
d4fbaaa233f9bcf95311b13712ad6c6d06f4e589af49b444515108c1c9fea472
da6ad5651fb06e746150df46ff7842aed7daedfdfc79ed09445ced0d4e0b9fdf
e29136de65bbf6c76f8060488e808bfcf750db5beee0b52174d084d85ae3d943
e373ac1520688109127301f32d60cfb2565bc73a39ea1516366a402ad58676a5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
fc8f986e30be86e2b781c732d580f28a7afeb48e4e22799986407f2faafd7c02