urlscan.io logo urlscan.io
SecurityTrails logo

www.heavenwindow.ru.com Open in urlscan Pro
2a06:98c1:3121::a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.heavenwindow.ru.com/ywudlsslbw/bgmfih856316tmsx/sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7o...
Effective URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-e...
Submission: On May 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 61 HTTP transactions. The main IP is 2a06:98c1:3121::a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.heavenwindow.ru.com.
This is the only time www.heavenwindow.ru.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

42    2a06:98c1:3121::a (United States)

ASN13335 (CLOUDFLARENET, US)
www.heavenwindow.ru.com
3    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    74.121.205.60 (United States)

ASN394303 (BIGSCOOTS, US)
PTR: 20943.bigscoots-wpo.com
www.schoolofsquirt.com
5    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:26f0:3500:7::17d8:4dcb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
3    2a02:26f0:3500:7::17d8:4dca (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
pixel.wp.com
Apex Domain
Subdomains		 Transfer
42 ru.com
www.heavenwindow.ru.com
823 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
40 KB
4 typekit.net
p.typekit.net — Cisco Umbrella Rank: 633
use.typekit.net — Cisco Umbrella Rank: 497
99 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
91 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5483
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 7
501 B
1 wp.com
pixel.wp.com — Cisco Umbrella Rank: 2592 Failed
247 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 92
448 B
1 schoolofsquirt.com
www.schoolofsquirt.com
5 KB
61 9
Domain Requested by
42 www.heavenwindow.ru.com www.heavenwindow.ru.com
5 www.google-analytics.com www.googletagmanager.com
www.heavenwindow.ru.com
www.google-analytics.com
3 use.typekit.net www.heavenwindow.ru.com
3 www.googletagmanager.com www.heavenwindow.ru.com
1 www.google.de www.heavenwindow.ru.com
1 www.google.com www.heavenwindow.ru.com
1 pixel.wp.com www.heavenwindow.ru.com
1 stats.g.doubleclick.net www.google-analytics.com
1 p.typekit.net www.heavenwindow.ru.com
1 www.schoolofsquirt.com www.heavenwindow.ru.com
61 10

This site contains links to these domains. Also see Links.

Domain
www.schoolofsquirt.com
www.microlinkszoom.com
pro.schoolofsquirt.com
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.heavenwindow.ru.com
E1		 2022-05-02 -
2022-07-31		 3 months crt.sh
schoolofsquirt.com
R3		 2022-04-18 -
2022-07-17		 3 months crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-07 -
2023-04-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Frame ID: 8933EE371A333EA63D8A266BE83C3239
Requests: 59 HTTP requests in this frame

Frame: http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/blank.htm
Frame ID: 2A33D0A00642D5FA018812E83D975AC9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

School Of Squirt - The Original & Best Place To Learn About Squirtingcheckcheckcheckcheckcheckcheckcheckcheckcheckcheckcheck

Page URL History Show full URLs

  1. http://www.heavenwindow.ru.com/ywudlsslbw/bgmfih856316tmsx/sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_... Page URL
  2. https://www.heavenwindow.ru.com/offer.php?id=314&sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O... Page URL
  3. http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

61
Requests

26 %
HTTPS

80 %
IPv6

9
Domains

10
Subdomains

11
IPs

3
Countries

1059 kB
Transfer

2175 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.heavenwindow.ru.com/ywudlsslbw/bgmfih856316tmsx/sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ Page URL
  2. https://www.heavenwindow.ru.com/offer.php?id=314&sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ Page URL
  3. http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js

61 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
www.heavenwindow.ru.com/ywudlsslbw/bgmfih856316tmsx/sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/ywudlsslbw/bgmfih856316tmsx/sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.25
Resource Hash
06748f34541eddacf70a42e4378079b1f4065b8d9b8c7f2171d4f794cd901d86

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7099f83a8a269bf8-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 11 May 2022 09:43:19 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HdVesaEqAOeURYmVDBjPAikvPIzRrD8dmwELrPVMvqbjTit4AkekSorePKbpodtfr57i4giObCnoIzdCfaClvTcvrsWjHADecqa8D%2B2psOCDyfgYG8Wu8MYM9ACFzlPGMzP3MS4Crbk8kcpWIBcTF2hqGO4yAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
X-Powered-By
PHP/7.3.25
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-1.11.0.min.js
www.heavenwindow.ru.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/jquery-1.11.0.min.js
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/ywudlsslbw/bgmfih856316tmsx/sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/ywudlsslbw/bgmfih856316tmsx/sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:19 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
6310
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified
Fri, 11 Feb 2022 18:18:35 GMT
Server
cloudflare
ETag
W/"6206a87b-1787d"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSBKD6FErKRRTGf%2Bi13iHevHYiJauhNBCIRSJCg9mMAROpqdyTHa%2B329VL99Qq6BRzDaef3TkAIqZp9gIT6QiIUdmVaG6TvoNsUQ%2F5Wr%2FjBwszZmGpxJOj3IHR2vV1CbIJnP34VVSVKPK8pbhgqYolVfWlUfZg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
7099f83b0b319bf8-FRA
js
www.googletagmanager.com/gtag/ 		59 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-22484186-3
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/ywudlsslbw/bgmfih856316tmsx/sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 09:43:19 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39151
x-xss-protection
0
last-modified
Wed, 11 May 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 11 May 2022 09:43:19 GMT
offer.php
www.heavenwindow.ru.com/ 		460 B
906 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.heavenwindow.ru.com/offer.php?id=314&sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/ywudlsslbw/bgmfih856316tmsx/sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.25
Resource Hash
5762ee47eb3879cead15fbaae68cb177f70d4a8755ab7a0a790e61ac8a3e559e

Request headers

Referer
http://www.heavenwindow.ru.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7099f83b9a3f9ba4-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 11 May 2022 09:43:19 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fkt8RVc3y4JrZ9SGWbQs7sTqawHBZfpKTPNv8oUE3XN8qAn5QNWZq7tya0wk7EaAB%2BrcswplYIG1TD%2F4xkvckrp%2Ffl2wdJQSpWaC%2BPX3eh4Gvq0pAX8%2F%2B27gw1u7afBToj2V2NiejDGN0Ol1ohikFxTd2LChpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.3.25
Primary Request wts_ss2.php
www.heavenwindow.ru.com/clicks/ 		70 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.25
Resource Hash
7560ecd36878d228601d1d62c98df0580da6e2786a1228bac320148af9841fbc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7099f83c4df99bf8-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 11 May 2022 09:43:19 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zVGJTqwhBgcL662HLqNgQwUuqpLetpFW%2BWDaI7iqWNjaLj1%2BiEUFxsbvIjNmvl7NPbRI97e7cIHs5FIc3GskHi08DZLvAC%2BjUuwbvElKckgNpuDe5UqEFxOJiPDP9kW0D4kHHJl4Qun8nqr0%2Bg23YV5c3OWvxA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
X-Powered-By
PHP/7.3.25
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		98 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-22484186-3
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
266ffc86baa5d65a951c4c03c0ad7fff2370997fd15740e5ff7880f2719bc5a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 09:43:19 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39153
x-xss-protection
0
last-modified
Wed, 11 May 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 11 May 2022 09:43:19 GMT
gtm.js
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		93 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/gtm.js
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da09b4fc38a23e1e5ed617fab5bba5541664cc2f320cc477db9a7f265620368

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:20 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
W/"6206a8e9-1745f"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IIewxXjQtZWsFtMUX2AKiby4HIvDi%2FXlGBG1FmWAdd3tXqgH2IwV880EzbA3ODekNqLiebzX0gunZpvQc%2BbcQXxprdL3T%2BRaDpO0Yjw3k5dneh1mAJNpF9okHSqJWQpudIZ6qTEUWMlavZMP3LS3I%2BG%2BoyLSRg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
7099f83eb9cc690f-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
analytics.js
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/analytics.js
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:20 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
W/"6206a8e9-c001"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IhVmUgMytqkf8pZx6KrKpe6jTFFL242gB7Nuq0Zv77xzcuYsffyh%2FNZXNZauoHn51HUjzNtKW2FxYZKPBM0l4rhDyU3810cp2PjeZryk0bNh%2FkKUotHubV284FE8%2Ba60qrGFfcLnsu9CpRxjsZgLW9ELiOUOVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
7099f840a8149a0f-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
wp-emoji-release.js
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/wp-emoji-release.js
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:20 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
W/"6206a8e9-3795"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oNc701YS5wynjiUo7HcU2Lobnuy6XST9u0epDoxUTd0RQW72ywdBZe03ELyUH9YKRu1ZdpgIQEXGErX1YK2HfuBiq6rAma%2BPr84WsUoCLz3nIhSShI%2BibdtjLJhJ5yKweLun4pThZ565AEfeNOjgiEluz3AxUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
7099f840fe50690f-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
style.css
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		57 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/style.css
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:19 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
W/"6206a8e9-e33b"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eD6x6rVu7FBz1CBZEiV03QQeTuOieET0VJRd%2FBaiZYhQ%2Bnlcz9iOuFeAa5u4I05F6fQoa6KmafGSkA9mvTfhErth9XgXzAA8DYyd6b7RguboSrjp64VSk0g0noncTsXO8LMGzsqDniYK5JOLk1E4UhQdPZaFuw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
7099f83cb85b9a0f-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
screen.css
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/screen.css
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:19 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
W/"6206a8e9-484"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VCks7%2FaRFA7vhLs2kNHR1l5I%2FhKf%2BPerYCziHJUpExpPDcWlrCwaNc%2F7PIQKL%2FM9cu%2BVPCMEtXLpPp8HQWDNPmBNM78m4bshLQ2HZ9FgK3981a2glcvdGsOX6cxDN%2B6LSX1Sv6s9hnNSYuJE5NQanfhTxgXEyw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
7099f83cb8fa691f-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
thrive_flat.css
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		394 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/thrive_flat.css
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b531aa01c50f9fdb25ad05635abc3be6d858a42507c6417244d7a64063519f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:19 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
W/"6206a8e9-62908"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2FKWimv%2B9Me%2BvijpWy2Yx3l9H2HLREPOGdYTPJ9N6j8woAseV2GxT76bZaCD09LPb%2BPm9lIWHsWM2erVeQwztIFJMOuxMcr9VdCDOmzvM1F6r82fZElhM96Av5bwnbCuUvaaTyPtEzlszlBpjmlpxAdepEUCog%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
7099f83cce2a993f-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
unsemantic-grid.css
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/unsemantic-grid.css
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ee7784d217b273bd847dcc83ca3451f76f63cc1b619805dbdb297197bb44eb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:19 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
W/"6206a8e9-3107"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=34i70BnUl4XJW2znl8QsgSWY2dbHY5ZBjG91Sc%2FCeyrcie9g7URBl2oOOurZu0bQNRlt6oHWX%2BsKYKfuV5W5%2Fk7cVrXQoW0KTuVytH1iXJBDzXoXT2ZsDp2TVHW%2FYq%2FyWILwa86Vmmg7CWVBRfhVjls6wngT7g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
7099f83ccdc7690f-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
style_002.css
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/style_002.css
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a5a099b1cdf060a28dcd4821c3a04849e32b7e6931b6d289d4afc3324d6e15a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:19 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
W/"6206a8e9-556a"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R66JiXPQtLFrf0c1wb7GjrsvtfxBKGAoboxHKAaT2QxrmcQoeti0%2FmGczrvAzaZsKfasFFjQJr%2BVs8wQmGSmRHmo4MSnJZwzaGQy4LAEV1iD5rBKd9ZZCJVtiGHaEKFOXn6HsJrVh5J5eppXpxwNo0%2BbbhLaRA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
7099f83cc82c9bfb-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
wp-emoji-release.min.js
www.schoolofsquirt.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.schoolofsquirt.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.121.205.60 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS
20943.bigscoots-wpo.com
Software
nginx centminmod / centminmod
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 09:43:20 GMT
content-encoding
br
last-modified
Wed, 21 Jul 2021 00:54:32 GMT
server
nginx centminmod
x-powered-by
centminmod
etag
W/"60f77048-4705"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800
x-hosted-by
BigScoots
mobile.css
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/mobile.css
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b29f10d6e7c79c2f7f11b0abe16a4fb45e29673dababd29a0313d72aeaa90b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:19 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
W/"6206a8e9-ec5"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06B9X%2Bs2yFCO03JR0ppEUXM8idNoftz6ZvLiOxct81h1kwCm1PpIk%2BcACgvjQV%2FuqfZiQgIQZwPKZwr%2B%2F%2F%2FoEd6l8BYU1Ip7xwmZI8JE3x%2B%2Ftsz3ejRiibUP%2FRZ7tqupYgZN11Qk3uCQ6qXF0e7k1Hg98Ni4Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
7099f83cff869bf8-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
font-icons.css
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/font-icons.css
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ccef01c8b992a66a79e7ee0d1d88303bfd159a77058fc9bd8cef15af49f5aaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:20 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
W/"6206a8e9-ade"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fNUYqMlBBlsdSgF8wFmq91emJP9NIBldeMwxNcI8N70g0YIKhYCnyn2LFtM%2F1KXheLP6wRvm4WhR%2BiHmNm6HJBatl5jPWUeTtawe1D9t6JBdIaRugDZlmCkGQ7PX%2BAGBL%2Bo7ypBGZSBTALHcrwBux347HQ0KSA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
7099f83d9acd691f-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
style_003.css
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		107 B
883 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/style_003.css
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cab767b401880e1bff09553abc4dc5eeadf1e2fda4d793f47866784fd7703b7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:20 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
W/"6206a8e9-6b"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JsrlZ0zf589%2BMfR95eu3su6W1BhFRaWTODmDlWC4bn%2FdcfEUx%2BiTJSHHv21LdB6hHY%2FshlVOyOU1U1GCSHNk2ZOFITDvjFqLWeYjKJM5DILpOBm0mr97MetruEv0aai34LwyotEnIxqf7XCYLX9SL11ItLtu3w%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
7099f83d9a319a0f-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
sticky.css
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/sticky.css
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e858a3bf02390ad4f8a5db4f1b4b979d96db387f48f1c6069557bc369ee6662

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:20 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
W/"6206a8e9-74d"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FaD7wcM7bwLwbfC3A5ZSxSZ1FfaMxthQ33sFuvaB7qt%2F8XznDeaB4Dm5kwcnW%2Fo2%2BTljhlw%2FiQoaQyFgKkQ46VnYFaAogve9i%2Fe%2BE7DlGpRnsidiSpKIhjamQY8jvXxmuSTWk9CCAszLPoDx6q2T5YKbDtmn5A%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
7099f83dcba19bfb-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
menu-logo.css
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/menu-logo.css
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04fb8800b3296be9eaac9ab4f89960b4ef83dd859d987ea02f4d4fedc7f3e8ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:20 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
W/"6206a8e9-678"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ze0O0OtQ1AStP87ceFwVPThCAPDZYM7NOwFwQ3BN4ha68q8xPmkTGEYfFkXIwADiYLz1EL4pPgdUoa3lG34OryR%2B4dX%2BAUFmnRXRyOR5LtzLl9DUyYymgHFaTaboMXw%2BMDI3jtlY03Oht5xxmZAr3TZfnJY3Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
7099f83dcfee690f-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
jetpack.css
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		76 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/jetpack.css
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
177b4773b237fa63062f913ed377e24540f843cda864a8d271c5ca083c18a9c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:20 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
W/"6206a8e9-12f9f"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVae4zffdfyN%2BcOWA8WI8t7THmmGwsGIYlChYHx4vwo5L2JM%2BA2bKHRETWtVnKjHoNnHGtewcujTwTQHcXI0a3JLd37EEFxdNs7BTTDS0xLEQXxjuJPQ0W7tHMDbk6t0JH%2BVip6LaQzYD30xvqiziZ7RUJ0byA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
7099f83de843993f-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
jquery.js
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/jquery.js
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:20 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
W/"6206a8e9-15d98"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3qYrkM4glA420Qfk8a9qK74fDkWVd9ZMRJSMhNSSJngFJKFjgHUbl%2BZL5lVy%2FilQTsb1XKvmuEoSKVno1CRssnBb%2FLNfxo8i50YmEsUtQ6wmlhWBaKJCK2n0ZNeLS9N1BGoK9BMjkm3Jpa1zHFtO9ziENgTSiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
7099f83e8cd0691f-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
jquery-migrate.js
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/jquery-migrate.js
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:20 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
W/"6206a8e9-2bd8"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9X3YVQMtj8a4zJhW9ihZG4QyPIBHlCwgsl4FUQfo72715JNlixyBcz7MqLtV3aN5rNDk3fXLsZh0CTcp0h393RFAGkVuP6Fvj6iL%2FGOfYkKjrFaEPi8F%2Bv%2FeOUJeuYJyNGpjmvgWCf%2FNOmhzvjdbDbnzhxQgZw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
7099f83e9c0a9a0f-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
edc2avj.css
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/edc2avj.css
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc3376166dd200ed0ebecad0338a2a9cefa48f34057fed2b7183cb54ab052f91

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:20 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
W/"6206a8e9-cae"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sD4ccZeZlenZ28Z%2BRKGVDUy65IFF%2FRupRebBuo%2BSGE47BcW1fBBPJhCayraNW2QLDXL6CCfBct5u6%2BVuR2LqixHt1Y0zlj9c5pvq1ZKfqHdYw%2FJ0oJX6xaB4EjptCS6e9LOQB1CGcGqvFlaffT1jpCRZ9zK1gA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
7099f83de9d29bf8-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
sos-logo-tiny-1.png
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/sos-logo-tiny-1.png
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
970d7e7b687bbb122c2418af225ecc6e6d3d39057fcd9f467757462d3064f90d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:20 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
"6206a8e9-16af"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dm7l3zNxrQXTpjaoYmedxuv1AwIyHUFMB8kwcB1zFRJ9r5Fzd8HOiFLQx7TJQdR6W%2B2PSN3JM99EKhPSN3EX7yY4e1sj5t2vYYDfjXIaTSFrbLzLXF6euFot5ukigrEG2k6m5f8O%2FuNXCySbpRzeIza6FBIlvA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7099f84048b0691f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
5807
1f609.svg
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/1f609.svg
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2468609517599c10415c9c9b65024cf697b747dbb837d07d0ea12130f224c65f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:20 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
W/"6206a8e9-49f"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZRKtgFFdQQXAjeNPpbCfO5Qqi10LK6Q%2F2Wcy7VXn73k%2BIhZXzpk0os%2Bos6oKAZJ1YSraqQ7WVUZOB2FmMYJFgT4rzJ5SJQ6qlGdV49f3wPlLWAeVRtjUYaq0j4rYMIfFHrKfo1w9gkFJc3ujsUx%2FAfjMjJhrA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
7099f8411a27691f-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
sticky.js
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/sticky.js
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cf678c930e404a259cde8363532ab40f706f6e79d568977775d377a40404004

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:20 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
W/"6206a8e9-2115"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ukizs4C3awOjaxoIIbnKhQVFOjIbpKeghiZcGOusjLgoHgXjP82K8VAvlHl76j104iQeuAnp7y2p%2B2L%2FLAOLzlMbZ3cz3j%2BM643yauI%2B2fhMx1YPkfG2QqDnyJzQB%2BVF%2FvwW%2B2QjftMfenyx0qosUaq%2Bhzioww%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
7099f83f7dd39a0f-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
front.js
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/front.js
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:20 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
W/"6206a8e9-17cb"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2BCq6TT%2FGus7mg2kOfdshrYU0fwWjUafETzGazOUeBILF0ExzkNKR%2Fmj5dMYjO0Bu2cJDyRwXMZ080JVFvDcCdFVeuOqnXvXYF5JzMds54eDgyqV1Xcw3th5c%2F5QGjZEOtJT68JJBQQyyMyPCDofCD8F4Q6AuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
7099f83f7f08691f-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
imagesloaded.js
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/imagesloaded.js
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:20 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
W/"6206a8e9-15fd"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5gL6jR9q8QoLSzzo1inhYm11SutehDCPaGIgLJgu5WozEdh%2BfbkQdkF3vjdo1jRQ480eYu%2F43d33fDgSCf9cA7fCHiOMd0B5uEg%2B%2BPQws3l0npyOhHadZW6caxffrkfLZKHy%2FhcT0bzU9piLAcgW9ajZfP3aw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
7099f83f7d999bf8-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
masonry.js
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/masonry.js
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:20 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
W/"6206a8e9-5e4a"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FosQrnJgLVFL%2BbqO%2Fp8rbZOCuZtw%2FfmH74eeQ5qgK3cyJY2CWZrw6zsRT6QMZg7ZqBC2jaY0NkPYkYXfvJRgQOB9PfXhQog0IPSPTUpDg8wWEI2OAc5oZwCTCtEPHkAJrYWJOkv2aqCJgSIiLqEYb6Adq4ZoJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
7099f83f7b16993f-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
jquery_002.js
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/jquery_002.js
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:20 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
W/"6206a8e9-71b"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7AVL%2B0AAeMXAv3U9RHI5c0tkjIVK9%2FtLFhLnSj3GiwzaQu1CTKx2LU2YC4qAQg2DLVmLXb6toW3LFDTYM7udSfncWeavfIvan0mWUe7w2nPFdAFUuVEJCgC%2F4RHUoWcCLeUb67feaxWbEVKO5CeBuicM%2FsHlLA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
7099f83f79b79bfb-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
frontend_002.js
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/frontend_002.js
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2558f8df90b3370d31e7dac6b5003c9e795c2b52a8db7fa172c4e2ce68ff171

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:20 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
W/"6206a8e9-115cb"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gUIn50%2BKr37KFXQqAibK1C2XOqwnv2fBWi%2BiYKkiPZQGfab6NQRMaVWdmGZAWwm%2FQAI5BvMatgG6HZVM7OZW3KwTSw3H77TDnm%2FtWHNouwha2Ztskm8tMmXKqnuqF8wqip0AvUURRyjdFvY96P5M2D8dQV2QnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
7099f83fab8f690f-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
main.js
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/main.js
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0901279dec1117310802c450665b34a60788da4a00e066d2de367327cd13456

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:20 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
W/"6206a8e9-1c98"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGsNG7StRAq7fnMUzKrRnP5878xdop9KJiudFRyiZ6uHuKqes6caps1o1XVMjPFoScBocebEwo%2Fe15%2BuUPXVAY2Pjx%2FwtuD9%2FxRnYeFos9nUXFVh30wWRB0IsEWnzujj7xuja7cPDz44SXP65i6JJtkH4g3B2A%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
7099f8406cb9993f-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
frontend.js
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/frontend.js
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b991021ae67f0ba966eca14253e6a8012415cf0b20b686533feece87db2ba802

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:20 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
W/"6206a8e9-728"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CVuJt5%2BzMxuZHW%2FLq9%2BCsChgYgo7DSWiVrJt6ieh%2FynLjvDIfrc%2F6CKFqMTeaoQHBNvgI9zaEV82VEpINHUcY818O%2FJ882y0e2ywmH0e1wt%2FFU8QcSGCoARyrMAq%2B9MhcHeEBLH3%2ByTe%2FR6L1sYzOTmM25zq2w%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
7099f8407fa69bf8-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
wp-embed.js
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/wp-embed.js
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:20 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
W/"6206a8e9-592"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOWb2W1x%2FQ0Oice0wtgX%2BKPahNyuZEtvy3iDN08TmABp4DRb23ynuz51Q1GvXac8ht7hyK3J4T3dPV7U9ZeQWUJs%2Bdk0Mu2MaJIN1OEdsphSbg8Sj8jT%2BPhcjK%2BfA4z4xcZzxHgTBMkXpNc3HA7hHcvu36KJdw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
7099f8407da69bfb-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
e-202115.js
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/e-202115.js
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:20 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
W/"6206a8e9-230c"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecoocHm3kTJp4h%2BOqDSJN7UAoIQmALh5xAhqSgTwmvchFq2FS9MlLxLEh%2FMMZ5UQU3jB%2F69ewDAWn0CWjzT3M6EIvfLcHVGl4CnlsIbb0aHHkigpKIt9xHVIDaq9pGigwez2swz%2BewHEhMh3%2BafzyujFXlAK8g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
7099f8416e9e993f-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
g.gif
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		50 B
812 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/g.gif
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:20 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
"6206a8e9-32"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q6usZJdEFHImozKfqy4j%2FvSGKfRc2c7CiDbIVPOY3nPKtVSiwkIwLW62dYE%2B51zy3QQvW8krVJ9NfKpvns1%2BEhMI0mdbhqQobUikPoPGevCN%2Fx5SbuvAyAE1Rl0PRSeny%2B5%2BD6d1K2q1EfPxxEvONtM9cX3dyg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/gif
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7099f841692d9bfb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
50
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-22484186-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5051
date
Wed, 11 May 2022 08:19:09 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 11 May 2022 10:19:09 GMT
gtm.js
www.googletagmanager.com/ 		140 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WQK7ZT
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b1f90f27e8d7fbf7011ecdb3a8cea9346c31878feeb733c25cef1973a322f340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 09:43:20 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53841
x-xss-protection
0
last-modified
Wed, 11 May 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 11 May 2022 09:43:20 GMT
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=edc2avj&ht=tk&f=139.140.175.176&a=13090676&app=typekit&e=css
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/edc2avj.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:7::17d8:4dcb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 09:43:20 GMT
last-modified
Sat, 16 Oct 2021 08:18:43 GMT
server
nginx
etag
"616a8ae3-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
H2
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5051
date
Wed, 11 May 2022 08:19:09 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 11 May 2022 10:19:09 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/edc2avj.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:7::17d8:4dca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b99ce50d05750058143cb93936075ad5107f9a3e5b03f2d4872c0ebe753a9f7

Request headers

Referer
http://www.heavenwindow.ru.com/
Origin
http://www.heavenwindow.ru.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 09:43:20 GMT
server
nginx
etag
"852dacc5cd2685c187708b882b28635465e17bd0"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
32688
l
use.typekit.net/af/71f83c/00000000000000003b9b093b/27/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/edc2avj.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:7::17d8:4dca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a2b997da567762896061490c3c08e506b2e5b936978560fc12251dd245140b32

Request headers

Referer
http://www.heavenwindow.ru.com/
Origin
http://www.heavenwindow.ru.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 09:43:20 GMT
server
nginx
etag
"a0f35f91fdc2ca0a90c8288c08c20681c1aecfcf"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
33660
l
use.typekit.net/af/6aec08/00000000000000003b9b0935/27/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/6aec08/00000000000000003b9b0935/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/edc2avj.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:7::17d8:4dca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a0acc524b541f57df4024b039206425fbcc49c7b3cba369bc0b4a57cfc0e9629

Request headers

Referer
http://www.heavenwindow.ru.com/
Origin
http://www.heavenwindow.ru.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 09:43:20 GMT
server
nginx
etag
"98ea2e3888e90196090ca6bc7ddc5345e1871a7a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
34380
click-box.jpg
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		328 KB
329 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/click-box.jpg
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69d8acb1d591a05de8ee50e77ce8f6872cc5cdd120125d8aa386eb31ccf98ec8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:20 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1631
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
336086
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
"6206a8e9-520d6"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YErtSHEARMW%2F58GuklMNr4CZR49dtDbLQDDluC8eFpUgG1bg717qMVnNYEoWhxZfCxUH3d%2FuTH%2BRL2mbbdtEN%2B2hoAr1bF6lO1F0SgrpOY%2BxLuZXrCTvfo3CQPyUf5beL37JfB6HTBEVbiO8qCakxM5jRRrZ8A%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
7099f8406f9f9a0f-FRA
wap-megan-small.jpg
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/wap-megan-small.jpg
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6abed458bcfd5c4bab5cea2f84ad8fdad9a4488ca5b949f34020f7077053bb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:20 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
"6206a8e9-a5f5"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=itegmEtSqH2K4G4y4RPBU5Eq3LP00pJeJx9owudZNl4vliuqMMOtcyNypcq9tcTysAADmtEs0%2B4BVXMObCsAZMWJHsue5kJ9H12Nculz9RGP7kfy0lCElYxt5xwdxdGrMHLe%2F9OcBeQHEbUczizeYjg7dnNpQg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7099f8417a099bf8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
42485
wap-katia-small.jpg
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/wap-katia-small.jpg
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
770eb583dc189fa1df3fb6e00e10b75f4b9f041efff69ab4d1748fedeed6fe45

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:20 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
"6206a8e9-ae3d"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RV7BCaZK3xf%2Bt%2BlWjftP4E1LCGO4qrUSouzm3Dwf7Vnw36mim4SUKvjLVtIYZ6nhgJf0lc674%2F8JbKTEE8Z6kpwra6NPpyEFN4S2XnZLKA%2F22JSExfxP%2BAWdCyZo7n0OjqHaVsbigalK86JO%2FN8zu%2FcpQzKyBw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7099f841e804690f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
44605
wap-chrissy-small.jpg
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/wap-chrissy-small.jpg
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13065c081312f094ed752e74f9f9fb71244f4975efdf707f57dddb7b17fa819f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:20 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
"6206a8e9-b3f3"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ctavETyXRhp%2Fwedc9Lv600MMn3OyLFgd4Ku17zTF01x4SCaUlsntfasTrbDV0QmcjpEm%2BgIb4Q5A09Sv4cezco%2FsvJJ9AsPxCukh6MPanqydiI%2BLfYSv9bkkh6HNCN7xIXp2mLKpPw9H%2FxyBTblqgoULXGKIog%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7099f841fc04691f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
46067
wap-arrow-small.jpg
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/wap-arrow-small.jpg
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58162d2e56333abc255f31af928a0710dd7814898d67b4db3be0d9bd0f811c29

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:20 GMT
CF-Cache-Status
MISS
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
"6206a8e9-849d"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Fz5e8LxqF1u%2FKJzb9EAjeAUgYTY8N6UzaWgqxRK57%2FEXcC9YRQbLwcCtm4NutXlekowG6b4oKefPURUAWl39jJL%2F5toOD0x0yklBYl5VPjGizJjZ83UUFN4LcBOH6cMJkrvyfqz4xZRTVfOuBm1OrHDbUc4bA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7099f8423af29a0f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
33949
stroke-video.jpg
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/stroke-video.jpg
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d967b9f264ca94ba53f9adfd9ab95f39e53382a418a9f739fe67b1404c1788fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:20 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
"6206a8e9-8310"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VuHYLQP8ON1xcw19TOlfMHS2Q6aGpVvmCCLkDQRUrKLsqJS%2FVXdwZyKptvhRNuMVBUSikMw%2BUX%2BUloNtXEG1NNkdUbyIYbBpmlKDdW%2F4%2Bu1i5PzRqtK5UNW1RuSEUMMiiSqotQb4AaEQqV%2FyqRpa6gnOrFwIPA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7099f842385d993f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
33552
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=955711540&t=pageview&_s=1&dl=http%3A%2F%2Fwww.heavenwindow.ru.com%2Fclicks%2Fwts_ss2.php%3Fsid%3D967536%26h%3DsodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc%2F4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ&ul=en-us&de=UTF-8&dt=School%20Of%20Squirt%20-%20The%20Original%20%26%20Best%20Place%20To%20Learn%20About%20Squirting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1490469429&gjid=1409420136&cid=1437869826.1652262200&tid=UA-22484186-3&_gid=1998974565.1652262200&_r=1&gtm=2ou590&z=840477824
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.heavenwindow.ru.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 11 May 2022 09:43:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.heavenwindow.ru.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=955711540&t=pageview&_s=1&dl=http%3A%2F%2Fwww.heavenwindow.ru.com%2Fclicks%2Fwts_ss2.php%3Fsid%3D967536%26h%3DsodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc%2F4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ&ul=en-us&de=UTF-8&dt=School%20Of%20Squirt%20-%20The%20Original%20%26%20Best%20Place%20To%20Learn%20About%20Squirting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=804683232&gjid=405626767&cid=1437869826.1652262200&tid=UA-50355398-1&_gid=1998974565.1652262200&_r=1&gtm=2wg5c1WQK7ZT&z=1157189840
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.heavenwindow.ru.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 11 May 2022 09:43:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.heavenwindow.ru.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-22484186-3&cid=1437869826.1652262200&jid=1490469429&gjid=1409420136&_gid=1998974565.1652262200&_u=YEBAAUAAAAAAAC~&z=798009158
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.heavenwindow.ru.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 11 May 2022 09:43:20 GMT
content-type
text/plain
access-control-allow-origin
http://www.heavenwindow.ru.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
blank.htm
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/ Frame 2A33 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/blank.htm
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4082fbd91490dca29de8a985204a543c3bfd77ba5adcb3062588ded44d7ac64b

Request headers

Referer
http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7099f841899f9a0f-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 11 May 2022 09:43:20 GMT
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10BBaR6tiQMWlYEzq%2Bbcnhlw%2Fmy0TGqYahxRTTaGmsBJw6wnQyW5Yn7PSgCuZpa1ksDDbam3uRS0Dnl8ZxNwc2ttWIm0PzfHfyciUM8uLA9rL2c%2Bg0nGjtbdWDjQIXL%2FUHWk7wf0rdY7Hg7t1bWzGuZTU6OlWg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
g.gif
pixel.wp.com/ 		0
0
g.gif
pixel.wp.com/ 		0
0
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22484186-3&cid=1437869826.1652262200&jid=1490469429&_u=YEBAAUAAAAAAAC~&z=1883451159
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 May 2022 09:43:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22484186-3&cid=1437869826.1652262200&jid=1490469429&_u=YEBAAUAAAAAAAC~&z=1883451159
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 May 2022 09:43:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
inject.css
www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/blank_data/ Frame 2A33 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/blank_data/inject.css
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/blank.htm
Protocol
HTTP/1.1
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fcb9630248f525a2dc403f5d88ad721b941306c1540dbed57a9e046b7a6ea6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/clicks/SquirtingSchool2_files/blank.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 09:43:20 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Fri, 11 Feb 2022 18:20:25 GMT
Server
cloudflare
ETag
W/"6206a8e9-f28"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s8FjS5OgjkySCzymAVnytmfyMApXpD1wxy7VPfgTeHGgby1zbPJakzxeAVJSahivSj4AuBW8SLfW%2FayS%2BT2ALGVatsXukmAZSj2d0qDRPvetmgC2jIj7LnDNTpKj30w%2FVyN4EJoTkdLytvxvCt9GvvVKUDNkRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
7099f8425cbf9bfb-FRA
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
g.gif
pixel.wp.com/ 		50 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pixel.wp.com/g.gif?v=ext&j=1%3A9.6.1&blog=64496574&post=4228&tz=1&srv=www.schoolofsquirt.com&host=www.heavenwindow.ru.com&ref=&fcp=615&rand=0.9682120301413475
Requested by
Host: www.heavenwindow.ru.com
URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ
Protocol
HTTP/1.1
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 11 May 2022 09:43:20 GMT
Cache-Control
no-cache
Server
nginx
Connection
keep-alive
Content-Length
50
Content-Type
image/gif
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=955711540&t=event&ni=1&_s=1&dl=http%3A%2F%2Fwww.heavenwindow.ru.com%2Fclicks%2Fwts_ss2.php%3Fsid%3D967536%26h%3DsodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc%2F4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ&ul=en-us&de=UTF-8&dt=School%20Of%20Squirt%20-%20The%20Original%20%26%20Best%20Place%20To%20Learn%20About%20Squirting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=25%25&el=http%3A%2F%2Fwww.heavenwindow.ru.com%2Fclicks%2Fwts_ss2.php%3Fsid%3D967536%26h%3DsodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc%2F4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ&_u=aGDACUABBAAAAC~&jid=&gjid=&cid=1437869826.1652262200&tid=UA-50355398-1&_gid=1998974565.1652262200&gtm=2wg5c1WQK7ZT&z=277026739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.heavenwindow.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 May 2022 20:20:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
48175
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pixel.wp.com
URL
file://pixel.wp.com/g.gif?v=ext&j=1%3A9.6.1&blog=64496574&post=4228&tz=1&srv=www.schoolofsquirt.com&host=&ref=&fcp=7006&rand=0.6457847384272682
Domain
pixel.wp.com
URL
file://pixel.wp.com/g.gif?v=ext&j=1%3A9.6.1&blog=64496574&post=4228&tz=1&srv=www.schoolofsquirt.com&host=&ref=&fcp=510&rand=0.5654239798109387

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| gtag object| dataLayer object| _wpemojiSettings object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga undefined| $ function| jQuery object| gaplugins object| gaGlobal object| gaData function| generateStickyDebounce object| tocplus function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| tve_frontend_options function| _typeof object| ThriveGlobal object| TVE_jQFn object| TCB_Front function| tve_add_http function| tve_is_email function| tve_unserialize object| generatepressMenu object| tve_dash_front object| TVE_Dash undefined| __thrive_$oJ object| wp object| TL_Const object| _stq object| twemoji function| st_go function| linktracker_init object| wpcom object| tcb_autofill number| TCB_PAGE_INDEX

5 Cookies

Domain/Path Name / Value
.heavenwindow.ru.com/ Name: _gcl_au
Value: 1.1.843608800.1652262200
.heavenwindow.ru.com/ Name: _ga
Value: GA1.3.1437869826.1652262200
.heavenwindow.ru.com/ Name: _gid
Value: GA1.3.1998974565.1652262200
.heavenwindow.ru.com/ Name: _gat_gtag_UA_22484186_3
Value: 1
.heavenwindow.ru.com/ Name: _gat_UA-50355398-1
Value: 1

2 Console Messages

Source Level URL
Text
javascript error URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ(Line 282)
Message:
Not allowed to load local resource: file://pixel.wp.com/g.gif?v=ext&j=1%3A9.6.1&blog=64496574&post=4228&tz=1&srv=www.schoolofsquirt.com&host=&ref=&fcp=7006&rand=0.6457847384272682
javascript error URL: http://www.heavenwindow.ru.com/clicks/wts_ss2.php?sid=967536&h=sodFzXBUoeMWi-RaF1uCxDSumT27EJSkit3hDqDOVrc/4O3_SjDV7zjHWqJYjl-eBB7oN4bJib2Q-BxIX7DDMxxrdjYb5EchpWlLWnUosYVKSh21JoNm9maeSnx7W9JrAiKoaH2O96UR-ZlzrlHbOrkK8hzhpUP09mDsCccWIwiNq74rbvPBVACY1QMTj1s2Bg7_nrjZWXtv4EmOuM7WDCQ(Line 282)
Message:
Not allowed to load local resource: file://pixel.wp.com/g.gif?v=ext&j=1%3A9.6.1&blog=64496574&post=4228&tz=1&srv=www.schoolofsquirt.com&host=&ref=&fcp=510&rand=0.5654239798109387

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

p.typekit.net
pixel.wp.com
stats.g.doubleclick.net
use.typekit.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.heavenwindow.ru.com
www.schoolofsquirt.com
pixel.wp.com
192.0.76.3
2a00:1450:4001:800::2008
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:828::200e
2a00:1450:400c:c0a::9d
2a02:26f0:3500:7::17d8:4dca
2a02:26f0:3500:7::17d8:4dcb
2a06:98c1:3121::a
74.121.205.60
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04fb8800b3296be9eaac9ab4f89960b4ef83dd859d987ea02f4d4fedc7f3e8ad
06748f34541eddacf70a42e4378079b1f4065b8d9b8c7f2171d4f794cd901d86
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0cf678c930e404a259cde8363532ab40f706f6e79d568977775d377a40404004
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0fcb9630248f525a2dc403f5d88ad721b941306c1540dbed57a9e046b7a6ea6b
13065c081312f094ed752e74f9f9fb71244f4975efdf707f57dddb7b17fa819f
177b4773b237fa63062f913ed377e24540f843cda864a8d271c5ca083c18a9c6
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2468609517599c10415c9c9b65024cf697b747dbb837d07d0ea12130f224c65f
266ffc86baa5d65a951c4c03c0ad7fff2370997fd15740e5ff7880f2719bc5a7
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b
2e858a3bf02390ad4f8a5db4f1b4b979d96db387f48f1c6069557bc369ee6662
4082fbd91490dca29de8a985204a543c3bfd77ba5adcb3062588ded44d7ac64b
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
5762ee47eb3879cead15fbaae68cb177f70d4a8755ab7a0a790e61ac8a3e559e
58162d2e56333abc255f31af928a0710dd7814898d67b4db3be0d9bd0f811c29
5b29f10d6e7c79c2f7f11b0abe16a4fb45e29673dababd29a0313d72aeaa90b5
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5ccef01c8b992a66a79e7ee0d1d88303bfd159a77058fc9bd8cef15af49f5aaa
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
69d8acb1d591a05de8ee50e77ce8f6872cc5cdd120125d8aa386eb31ccf98ec8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6da09b4fc38a23e1e5ed617fab5bba5541664cc2f320cc477db9a7f265620368
7560ecd36878d228601d1d62c98df0580da6e2786a1228bac320148af9841fbc
770eb583dc189fa1df3fb6e00e10b75f4b9f041efff69ab4d1748fedeed6fe45
7a5a099b1cdf060a28dcd4821c3a04849e32b7e6931b6d289d4afc3324d6e15a
7ee7784d217b273bd847dcc83ca3451f76f63cc1b619805dbdb297197bb44eb8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
970d7e7b687bbb122c2418af225ecc6e6d3d39057fcd9f467757462d3064f90d
9b531aa01c50f9fdb25ad05635abc3be6d858a42507c6417244d7a64063519f1
9b99ce50d05750058143cb93936075ad5107f9a3e5b03f2d4872c0ebe753a9f7
a0acc524b541f57df4024b039206425fbcc49c7b3cba369bc0b4a57cfc0e9629
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2b997da567762896061490c3c08e506b2e5b936978560fc12251dd245140b32
b1f90f27e8d7fbf7011ecdb3a8cea9346c31878feeb733c25cef1973a322f340
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b6abed458bcfd5c4bab5cea2f84ad8fdad9a4488ca5b949f34020f7077053bb0
b991021ae67f0ba966eca14253e6a8012415cf0b20b686533feece87db2ba802
c0901279dec1117310802c450665b34a60788da4a00e066d2de367327cd13456
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
cab767b401880e1bff09553abc4dc5eeadf1e2fda4d793f47866784fd7703b7d
d967b9f264ca94ba53f9adfd9ab95f39e53382a418a9f739fe67b1404c1788fa
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2558f8df90b3370d31e7dac6b5003c9e795c2b52a8db7fa172c4e2ce68ff171
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fc3376166dd200ed0ebecad0338a2a9cefa48f34057fed2b7183cb54ab052f91
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869