hebeboard.aino.pk Open in urlscan Pro
45.14.224.146 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://hebeboard.aino.pk/
Submission: On October 09 via manual (October 9th 2021, 5:08:04 am UTC) from RO — Scanned from DE

Summary HTTP 80 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 28 domains to perform 80 HTTP transactions. The main IP is 45.14.224.146, located in Amsterdam, Netherlands and belongs to SPECTRAIP SpectraIP B.V., NL. The main domain is hebeboard.aino.pk.

This is the only time hebeboard.aino.pk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	45.14.224.146 45.14.224.146	62068 (SPECTRAIP...) (SPECTRAIP SpectraIP B.V.)
4	172.67.156.75 172.67.156.75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.243.59.20 192.243.59.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
4	104.21.66.8 104.21.66.8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.21.40.186 104.21.40.186	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	142.250.186.72 142.250.186.72	15169 (GOOGLE) (GOOGLE)
4 8	104.18.5.207 104.18.5.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.104.29.90 172.104.29.90	63949 (LINODE-AP...) (LINODE-AP Linode)
11	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
2 2	104.21.23.173 104.21.23.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	172.67.155.236 172.67.155.236	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	66.102.1.157 66.102.1.157	15169 (GOOGLE) (GOOGLE)
2	142.250.185.132 142.250.185.132	15169 (GOOGLE) (GOOGLE)
2	104.21.48.29 104.21.48.29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.199.109.153 185.199.109.153	54113 (FASTLY) (FASTLY)
3	172.67.193.218 172.67.193.218	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	185.162.85.2 185.162.85.2	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	104.16.133.229 104.16.133.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.194.159 13.224.194.159	16509 (AMAZON-02) (AMAZON-02)
2	213.174.135.33 213.174.135.33	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	213.174.135.25 213.174.135.25	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	213.174.135.24 213.174.135.24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	109.206.162.211 109.206.162.211	50245 (SERVEREL-AS) (SERVEREL-AS)
4 5	109.206.168.5 109.206.168.5	50245 (SERVEREL-AS) (SERVEREL-AS)
1 1	31.220.27.135 31.220.27.135	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	213.174.135.37 213.174.135.37	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	172.67.195.8 172.67.195.8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
80	26

2 45.14.224.146 (Amsterdam, Netherlands)

ASN62068 (SPECTRAIP SpectraIP B.V., NL)
PTR: hosted-by.spectraip.net

hebeboard.aino.pk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.156.75 (United States)

ASN13335 (CLOUDFLARENET, US)

fastcdn.jdi5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imgcdn1.jdi5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

pl15024262.performancetrustednetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.21.66.8 (None, )

ASN13335 (CLOUDFLARENET, US)

widget.supercounters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.21.40.186 (None, )

ASN13335 (CLOUDFLARENET, US)

counter.jdi5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.72 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.5.207 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

thumbs2.redgifs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.104.29.90 (Cedar Knolls, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1848-90.members.linode.com

www.supercounters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.23.173 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ad.jetx.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.67.155.236 (United States)

ASN13335 (CLOUDFLARENET, US)

1337x2.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.102.1.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.48.29 (None, )

ASN13335 (CLOUDFLARENET, US)

msgose.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.199.109.153 (San Francisco, United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-109-153.github.com

afarkas.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.193.218 (United States)

ASN13335 (CLOUDFLARENET, US)

1337x1.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.162.85.2 (United Kingdom)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

yfetyg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.133.229 (None, )

ASN13335 (CLOUDFLARENET, US)

cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.159 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-159.fra2.r.cloudfront.net

d1esebcdm6wx7j.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.174.135.33 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

i.wmgtr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.174.135.25 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.174.135.24 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.162.211 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 211.162.serverel.net

js.cdnspace.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 109.206.168.5 (Netherlands) 4 redirects

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.168.5.serverel.net

jscdn.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wideliv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.135 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.viitgb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.174.135.37 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

i.cdnkimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.195.8 (United States)

ASN13335 (CLOUDFLARENET, US)

reiz.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	google-analytics.com www.google-analytics.com	97 KB
8	redgifs.com 4 redirects thumbs2.redgifs.com	986 KB
8	jdi5.com fastcdn.jdi5.com counter.jdi5.com imgcdn1.jdi5.com	10 KB
6	1337x2.xyz 1337x2.xyz	7 KB
6	googletagmanager.com 1 redirects www.googletagmanager.com	193 KB
6	supercounters.com widget.supercounters.com www.supercounters.com	7 KB
4	wideliv.com 4 redirects wideliv.com	2 KB
4	yfetyg.com yfetyg.com	943 B
3	reiz.xyz reiz.xyz	40 KB
3	wpadmngr.com js.wpadmngr.com	26 KB
3	1337x1.site 1337x1.site	3 KB
2	wmgtr.com i.wmgtr.com	34 KB
2	cloudflare.com cloudflare.com	729 B
2	github.io afarkas.github.io	7 KB
2	msgose.com msgose.com	112 KB
2	google.com www.google.com	629 B
2	doubleclick.net stats.g.doubleclick.net	530 B
2	jetx.info 2 redirects ad.jetx.info	2 KB
2	performancetrustednetwork.com pl15024262.performancetrustednetwork.com
2	aino.pk hebeboard.aino.pk	9 KB
1	cdnkimg.com i.cdnkimg.com	15 KB
1	viitgb.com 1 redirects s.viitgb.com	120 B
1	jscdn.cloud jscdn.cloud	29 KB
1	cdnspace.io js.cdnspace.io	28 KB
1	wpushsdk.com js.wpushsdk.com	3 KB
1	nawpush.com na.nawpush.com	379 B
1	cloudfront.net d1esebcdm6wx7j.cloudfront.net	300 B
0	ipldekho.cyou Failed ipldekho.cyou Failed
80	28

	Domain	Requested by
11	www.google-analytics.com	counter.jdi5.com www.google-analytics.com hebeboard.aino.pk www.googletagmanager.com
8	thumbs2.redgifs.com	4 redirects hebeboard.aino.pk
6	1337x2.xyz	hebeboard.aino.pk
6	www.googletagmanager.com	1 redirects hebeboard.aino.pk 1337x2.xyz 1337x1.site
4	wideliv.com	4 redirects
4	yfetyg.com	msgose.com
4	counter.jdi5.com	hebeboard.aino.pk counter.jdi5.com
4	widget.supercounters.com	hebeboard.aino.pk widget.supercounters.com
3	reiz.xyz	srcdoc
3	js.wpadmngr.com	msgose.com js.wpadmngr.com
3	1337x1.site	afarkas.github.io 1337x2.xyz
2	i.wmgtr.com	1337x2.xyz hebeboard.aino.pk
2	cloudflare.com	msgose.com
2	afarkas.github.io	1337x2.xyz
2	msgose.com	1337x2.xyz
2	www.google.com	hebeboard.aino.pk
2	stats.g.doubleclick.net	www.google-analytics.com
2	imgcdn1.jdi5.com	hebeboard.aino.pk counter.jdi5.com
2	ad.jetx.info	2 redirects
2	www.supercounters.com	widget.supercounters.com
2	pl15024262.performancetrustednetwork.com	hebeboard.aino.pk
2	fastcdn.jdi5.com	hebeboard.aino.pk
2	hebeboard.aino.pk	hebeboard.aino.pk
1	i.cdnkimg.com	srcdoc
1	s.viitgb.com	1 redirects
1	jscdn.cloud	js.cdnspace.io
1	js.cdnspace.io	1337x1.site
1	js.wpushsdk.com	js.wpadmngr.com
1	na.nawpush.com	js.wpadmngr.com
1	d1esebcdm6wx7j.cloudfront.net	msgose.com
0	ipldekho.cyou Failed	afarkas.github.io
80	31

This site contains links to these domains. Also see Links.

Domain
youngtube.wapka.top
camnude.chaturbate.com
topanime.mywibes.com
cutiegarden.wapka.site
ouo.io
imgview.net
imgmaze.com
www.kqzyfj.com
imgrock.net
cpmlink.net
chaturbate.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
redgifs.com Cloudflare Inc ECC CA-3	`2020-11-26` - `2021-11-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-14` - `2022-09-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.github.com DigiCert SHA2 High Assurance Server CA	`2020-05-06` - `2022-04-14`	2 years	crt.sh
*.1337x1.site R3	`2021-09-29` - `2021-12-28`	3 months	crt.sh
yfetyg.com R3	`2021-07-22` - `2021-10-20`	3 months	crt.sh
cloudflare.com Cloudflare Inc ECC CA-3	`2021-06-04` - `2022-06-03`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
i.wmgtr.com R3	`2021-08-31` - `2021-11-29`	3 months	crt.sh
js.wpadmngr.com R3	`2021-08-24` - `2021-11-22`	3 months	crt.sh
na.nawpush.com R3	`2021-08-16` - `2021-11-14`	3 months	crt.sh
js.wpushsdk.com R3	`2021-08-20` - `2021-11-18`	3 months	crt.sh
cdnspace.io R3	`2021-08-30` - `2021-11-28`	3 months	crt.sh
jscdn.cloud R3	`2021-09-07` - `2021-12-06`	3 months	crt.sh
i.cdnkimg.com R3	`2021-10-07` - `2022-01-05`	3 months	crt.sh

This page contains 9 frames:

Primary Page: http://hebeboard.aino.pk/
Frame ID: 9EF098EA4ED1E6C1D0A91A4E8CDB7F7B
Requests: 20 HTTP requests in this frame

Frame: https://1337x2.xyz/sub/54/0/
Frame ID: 43029E398B939D00F9097662603F1C42
Requests: 12 HTTP requests in this frame

Frame: http://hebeboard.aino.pk/
Frame ID: 56B880D45674C248178F7981DAA4736D
Requests: 16 HTTP requests in this frame

Frame: https://1337x2.xyz/torrent/5008602/The-Debt-Collector-Il-Ritorno-2020-iTA-ENG-Bluray-1080p-x264-CYBER-mkv/
Frame ID: 7CE9E643763A7225F5C0CD7A7AED4771
Requests: 16 HTTP requests in this frame

Frame: https://1337x1.site/torrent/5010184/The-Manor-2021-1080p-AMZN-WEB-DL-DDP5-1-H-264-CMRG-TGx/
Frame ID: DBF8703CD6F7915A1095612166CFCB91
Requests: 7 HTTP requests in this frame

Frame: https://ipldekho.cyou/a-ads.php
Frame ID: D3F65522A9227C6C3EDACE9EAB9FD932
Requests: 1 HTTP requests in this frame

Frame: https://i.wmgtr.com/cic/aCkBwp_Dl2g-vP-b0VELhQ6ispQm5f1Y.png
Frame ID: A8AB65E2595ADE223822EE6113F0C3AC
Requests: 1 HTTP requests in this frame

Frame: https://i.wmgtr.com/cic/tJjoCJVW2JLBdXDs41YjhyvpauvC5iY8.png
Frame ID: BB3B1A8C6E322E7F821056156F1A7EC8
Requests: 1 HTTP requests in this frame

Frame: https://i.cdnkimg.com/auto/192/image/vk/4074/74/614075c9eeea5t1631614409r9619.jpg
Frame ID: A6F9FAED81CD21E2117721A5F7BB8284
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

hebeboard.aino.pk

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

80
Requests

71 %
HTTPS

0 %
IPv6

28
Domains

31
Subdomains

26
IPs

4
Countries

1641 kB
Transfer

9209 kB
Size

5
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: http://youngtube.wapka.top/
Title: GUTIEGARDENS

Search URL Search Domain Scan URL

URL: http://youngtube.wapka.top/young
Title: YUONGTUBE

Search URL Search Domain Scan URL

URL: http://camnude.chaturbate.com/
Title: TEEN GIRLS

Search URL Search Domain Scan URL

URL: http://topanime.mywibes.com/
Title: 180chan

Search URL Search Domain Scan URL

URL: http://cutiegarden.wapka.site/
Title: 155chan

Search URL Search Domain Scan URL

URL: http://ouo.io/srTOTG
Title: HostGator Web Hosting

Search URL Search Domain Scan URL

URL: http://imgview.net/0ovl2x75bqwq/AmourAngels-0002.jpg.html
Title: FREE Web Masha Babko

Search URL Search Domain Scan URL

URL: http://imgmaze.com/c0ddbtxvflqz/16h8byp.jpg.html
Title: 100TB VIDEO GIrls

Search URL Search Domain Scan URL

URL: http://www.kqzyfj.com/click-1853554-11768630
Title: XXX Hosting

Search URL Search Domain Scan URL

URL: http://imgrock.net/cdksl217xnz1/001.jpg.html
Title: TEEN Hosting

Search URL Search Domain Scan URL

URL: http://cpmlink.net/ibdpAQ
Title: siberian mouses

Search URL Search Domain Scan URL

URL: http://chaturbate.com/accounts/model_register/?tour=NwNd&disable_sound=0&campaign=ldZ4M
Title: REGISTRATION MODEL

Search URL Search Domain Scan URL

URL: http://camnude.chaturbate.com/accounts/register/
Title: REGISTRATION USER

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://www.googletagmanager.com/gtag/js?id=UA-46789381-15 HTTP 302
https://www.googletagmanager.com/gtag/js?id=UA-46789381-15

Request Chain 5

http://thumbs2.redgifs.com/CookedLawfulBullmastiff-mobile.mp4 HTTP 301
https://thumbs2.redgifs.com/CookedLawfulBullmastiff-mobile.mp4

Request Chain 6

http://thumbs2.redgifs.com/ThirstyDeterminedGopher-mobile.mp4 HTTP 301
https://thumbs2.redgifs.com/ThirstyDeterminedGopher-mobile.mp4

Request Chain 10

http://ad.jetx.info/red2.php?rand=wF273383e470041b80e245db20c410fcba&id=27 HTTP 302
https://1337x2.xyz/submit.php

Request Chain 22

http://www.googletagmanager.com/gtag/js?id=UA-46789381-15 HTTP 307
https://www.googletagmanager.com/gtag/js?id=UA-46789381-15

Request Chain 28

http://thumbs2.redgifs.com/CookedLawfulBullmastiff-mobile.mp4 HTTP 301
https://thumbs2.redgifs.com/CookedLawfulBullmastiff-mobile.mp4

Request Chain 29

http://thumbs2.redgifs.com/ThirstyDeterminedGopher-mobile.mp4 HTTP 301
https://thumbs2.redgifs.com/ThirstyDeterminedGopher-mobile.mp4

Request Chain 33

http://ad.jetx.info/red2.php?rand=wF273383e470041b80e245db20c410fcba&id=27 HTTP 302
https://1337x2.xyz/submit.php

Request Chain 73

https://wideliv.com/b2/l/i/icon?cid=1&eid=10592&n=a29094e2b9ccb4c51188b373&nid=1&sid=%2FZTO0fBhL2z4LZBg6RxDKo5BqRv1ioVlkXBBkJDXJfLScDpkaKe2gztYOac8zIrCBlHBcXVAbe8%2Bltl1%2FnXFrQpKr8NiOlp5AwQJA%2FCYFTP0hbKqYoCHjFdznV9OlvyGIVnwJ8YfebkqYotLdztggBlL7wLpy%2B9GQJ%2FbfMQAMmKdAuvOKJHTqTS9vBU%2FSRG1HvW%2F9NHxM1MFoEPKF1tNVqOmmdTEDk%2BSOXCKDcp4KGStqGgujl78XDF1kpLINAjoqaGrAEJWJ%2BlEuNSElB7RhFFmxZ8Zno2Mz2EIF3dMxQH7vtra2WhDABxVCyKEJ8XrjFf6rDUQ%2FpuNecIU69%2F7aKuakfxascgycpbG5iN%2F2101WJe9bs78%2BwVQf0eh%2FS7Rv3tHeQUD3aM0%2BRCXNtas27deC6BePG3X161gUGud1AhpmUGK0qeSaLpV9iX8JBrUGJY3nfIv7DOy29EELtmjMY%2FSN3NAkkiL0PdnFTKDsplwIsYV2He8GZcp8OMbxgnyYM%2FwMaqAcUFCra8KMIg5qCxSw1gYhlTe2rw9nSo%2BWlpYoiTbg0av8bcArFHFSuTVlPnPRqiO8ftgoRCt7%2Ffn%2FpDplfjrdDHFMe6ar1%2BvsnVDLkJexgod3dGu10oYY41T%2Bi9PwLRIf5JJIjO3ihgRgeEuCbOpobLM082LyPRJmlcPLPVL1qnoUFAmbKUXUfZE9pQg5jVicd6kCea5f1j9qB5Pdl2Fhdu0LXvkR1c7qsQr66Sey%2B6EqUA8bPU48j%2BTz5KL6tPoPLDsWys8knbiZ9nw7K6tcyKiqoLLOuZ3%2F4RrCBHjYqhfH%2B%2FFh59OIzEgnDgOIM3DiUxLyCIZs5Z56vGm4zclOvkhVhBELdOLzx1Sovw6tsdbeoSgp4V7D2s9HVcssYHavZZJmmZUJMOVWWDSOcaJsebPBZ9JGJHH43KGdbuSUxbU%2FJnNfhM%2B0MrEYvnTsnl2mn3oAOZhsv2ui7Ze44x%2BOBXg5YF0c3dSBrCL8MVw2TaSTGg0F7ee5zseQkMkNarigC3bKM5pKYkacDVcYh8Ivsqh7gfVGVeF5nXp%2BH4%2FHapgcLf3o3bTl2Sbh4903UR8zSh2pIsji2SuOP50eGfPw8jNw5UuiGXGTvqnM9BehI5y6iK8MaxicXWzeOI0N4awIyt3pRyRmZ4D3feH8WMdJPDjTExgWdrnlRAxx0I4mm%2Bp3OrSlSgjPNktQF11SeNkMqyyGXeBJyVqH%2BrxMfOSw8j1Kqljxei64EaX7lkx1z94i2hMylfhgqtJn4bPBF8zjR%2FaHLvOfR%2FXPAoa9fgJLdv51q3mmE2Rlic42e%2FHj1Y6rtRwjIsh7JBLr8a8UmFDxQDhHGhpHA%2Fvon%2FQ5n7fbgvSdwv3jPtfQiSxHXtK9cJ92xdQO2eac5lj7ib9WKTCbAZPJ76%2BVL6Lj0kCLJ62iUfD%2Be4Y66SYx4hGvUUNIm2QRDyd5oxTm64E7xGgS4SCcGr7dxedWOlwPt%2FM8x%2BCsN6KIHZPotIux31IiOja3o2j2izFL8bseWxFGa6Gg3zVEK5ebavsQQu95odSwGWY1sJMNX9XQ3V2yqrM03yOdsFO20LkZic0Wkwmc0DGX5Y4PxxLPXHKs9ZxI8tpm73nxwLJfL0csQ%2BB5dwX6eoo49%2F7cLS1tkkMsG2Jdh1S7ktvRFW3SzO308qa2UiG5%2BboMxD%2FfWeWdeLxl0yyoAqyFDq%2Bz4qHUtlD8cwqqo%2BiMCArNlTbxsQNUT%2FbIKbqGDPwbvbqmfLrXtHsuiIp92U9Eh0EDGuzmH89MystkOPj2tEAAFJDnG1VIuR%2ByEADBDRfGuZZKtjqXyUnkH2Vg6wBzMhTML707Xppfm7k2IY0wKR8s44sDTjQNM4Nsu3vc8sTFkn9%2F32eEID2WmY2XKdL5M88YwL73eTnKxoZirv6hCrwIfXpB93vFexovsj8Vwqdj2MWbgPtPd1AD1Kf8yvDpyHSmRe%2FefMP5w7tEhdeE1cFnKpkG9FAoWDO42UDP8EI3fUhEljNOBIxCzQSyhJN%2F2RjWjjfx4LRFVVgdwUL2LPmFUqGAgBLP4dBYlwV%2BuOCcMxOEo9HNkm7ewspVwOnHgaapI1kFxYt7ZAFOG7n%2FN50pxEtUttQ4F6CYxoRyQR190cBzHcibeo6HA7M0LCZ%2FKh0VW6HMLazNty0Jh4wvN%2FFwyk3jQs%2BtWt7GxN3dvrcVDflfTwmiSUK5s2ABd5yPgEj%2Bkbjkx2tMcSoEFTGAdbI2BO7J53RA7zIDKHa1%2BBzuWFhOpK52RBW2AKU2W95rFHWkfsmAectgUJ9vTReYjoaKmjyBYHACnv0rSJGU71CyQIevaPOxKjzh7YlStl13pFxu9gri5WpVbsN1CZPPujOS8MtvYj3W9LuzZcOyxvr8N25xtNQYyD46%2FSIv%2BVx7FbKULOWZ9FSv37PcvgICexIBKQrNztfTSMi8ADdgjX9KRdWWK2EO9%2BHs1U7QIS7rwayzy3CoEhWAU543TZxRuz3cyTrLYywOlySbp6ZohKYzoemI4LtQeyvV0%2BNDQ9DVIDgjWlsRlYjAbIsULzQUalgG5Ljq%2F3NeFu6v%2FDEaRffNz1G%2FturBpYNu37Gk9FgjeWvW6BGb6K2wlEAq3k1mJZJ5jn0L%2FEJCq6mEbHoQxiq179eIBI%2BICWyfP2%2BnJLOv4lPUr9JkbZNuiX9llIi6cy%2Baez0B%2FEBGymlYCC84nXRiXuBjWGjq%2F0oTXPb4BhB4FJ9QymVNZ1wB%2F2%2Fwbr2ARG7JbZM3OiEwj6TYpQg%2Fi0SzsFu99lU9xJRH3vSMhNZv3g&ts=1633756082&ttl=1800&v=v4.3.4 HTTP 302
https://s.viitgb.com/nurl/590/nnme43dhbf7v4adhlvgfiycnmbra67lrwolvy26ax7vk5kohw2lm2v37j5mvqke2kzqfccmqwtsil7mjyduhiuh3v23n2sj34g2plec7icqg5ocxdzbzx3gmkzfcm6djgjla7kq3erdrzoz7gbutevspjnq2ar6ukm44c2byyzhlh4kyzbk67qcw2ezyorelmcvmjycq6vel6i6xowpgagzo6vu52sdd4x2xji3aj2cvkpiuynjzuv3q7nqfhqcvb7yercarqzhedokrtotzprslrez3lpeot5jjavktzjeguzyfbpbggikfl2czwommbxde2swlkj5qcal47fvyffpexwok7b5lvu4yw2y2l5huwyiqtexcmb2yk44idtb6ca5uozcgabosqdc4tdebiiitnmbtqsljgjle7o26tb5cjab2jgytavnpjhblfwthxi5f3yzrlz6s6u3edzqwawozniz7mtfcm34hwvpchna5cmmlrd4wbed3u35yssezgge4ri6dkl5fawou2nvdcun62frn3wsxyi6ny25kkjhowzpcx7inspxbnuz6ms7kr3bift6cqbf5cnxgrtqjplmhvow4osa=?1=1&data[]=16337560823492237809479204&v[]=2978295338&f=https%3A%2F%2Fi.cdnkimg.com%2Fauto%2F192%2Fimage%2Fvk%2F4074%2F74%2F614075c9eeea5t1631614409r9619.jpg HTTP 302
https://i.cdnkimg.com/auto/192/image/vk/4074/74/614075c9eeea5t1631614409r9619.jpg

Request Chain 74

https://wideliv.com/b2/l/i/icon?cid=1&eid=10592&n=4759a1b9c0f93abed932ce09&nid=1&sid=54QnkA4kuag9hnjNwxv5EYHJagZ9YMy%2Ftch%2BEcELevhNCkDQdRTym1uARpxxS1UTjX9AhnY5Ttd5Zjumh%2FRLHXv3ez3Pmq1K7YspjoYfuTJ5KrhzsvJvXGrZ8XXrvK9zhpULrrDph7k%2Fofx%2FU0zmHRM1rnXZClzovhFHW%2FJuLkMDqvI6DkIo5n3nOsw0KtEGC3b9D5G7K0BX6NhaZvHbHJBDb8aTBOmQt4MDCl10G%2BhleULe7MwYeS2ozMNtSeCwPy%2FLp2Pj9nDDJWHdo2JfUz1qMM1QYxBMGaecgZElw1ZoBnSa1MwmH%2Fne7z4gPVLrvNNjuM57BUNzksAoeTXk8VF8VM2UOifvT50joufQXiHZ6lwWS0suUST2ZtGMF%2FIuiFsx8HsF7dPsEM4CzPxs%2F37D%2FLj0bK99XbNMY7EGsoC%2B6iSqPn17FdZtf8MqZ648JwtcEhbw%2F2bFuBjcL7bDVrtFKOsr1rdE53AaYTIexI9NaTtQmrnl1djxvJGJsp8Yo7nPA2lJUJQkO9mNbqOUyVKpDAuMZjZCi0EI0CUH6tMnlBF8tb6lcG97xsGN5NCTBsCHE1oZTaWimV2elYpag8TNiqW0CI5KZvYPxJUzpz1sOYCqibNuMmB0q1lGlRrlEj1133ii7uo00APN3Bm2p5Fsew82G7vCher%2FFUANEcb1hTrJf0odSNdxaDZrgdClyQOIFNWNstzKnOshgnGrw2p%2FQN3i5fe%2Fd1xOFJ5siTuXXZjSFgQYFHxKkmNndCNsKVUL0vFCXEL%2Fd4GF1V%2Bbi8NdCztcP%2FRHiajFGvQsbl%2F1vmiWw15v2KvMvGpfYY93fbxFQYvuGWcbrPlyCU51k81de2MNLRWRmDUejc0V5oChMsPJJFDlUkImTggt4F4uiNmziyUvTmjX7eAjQ5QnFFVq9Vc3nVdUfp1XGkAy846KpbuNyrHjesFlVGAIPzNjSNr8mophgyedxOl6QBY0DlFh8qxv6RnkZ%2FYmQgD%2BGFWzzWHVd8y%2FSEn38vAlHhGjbGBFtw%2FSyVemDQWzHOhzTxZwsDI0cPtk9ACjGynKqhDCFzvdKDUVidTy5BtzKUrNp%2F397pmHRqAC5EKLKv3e6WOJFxa%2FTnCdcZPcK%2FcZxG%2Bnk%2BESaqgrfYJAJXJA%2F4UfqiO30ipTddwtEpty3v7Vb10gXYJVUiVEp9EsX4kqMaWlZGLHBzV3w5sCZrVpz17FfMmZRKzkHfM90UQ0zuKp8yY1tDS53IR9eBDM5wW30yplJNWQkJ6Oc4W9yWR5q27crppdCByub6Ksn3feuKRygaTQyw%2Bppp07hZMHidPO10QZhaSBXUbV1%2Bq%2FaOPuLmIt7kMyS%2BXLdxe7r7bAlMVjKfAb56v%2FigvJRD4ARGxqpcclbE1033br36b5yJEQR3u95kV6AVUA4y1Z4Xzkh8yHOtsaXvShxa2KhGVSrO97X8UNP%2FzQvxMFa0kWoXE1gd4%2FjPXQPyp2Ix90wKjtK209bClQs0Y5L3bmCbBT4mDoc46s3k9d6nWk4WwQCYqThGy9q5AE6bj13As1Jph1S4ShOGcqvp3jWIeT3lmr%2BvF%2B7hIdWqAt6kC4LrMsdhmQsENYC%2BvkczEKK3V09vubSxUBzIc33qVd9n%2BwNdbecFEUcHoHHSqyVxr3j4cxarI6g4oKjTkBu0ltTxwAar3ZtKlvbmMHSaflWoBsWcSSnDV10T%2B%2BsGYw2MINugwLZwtMIIAgYuKFy9q3D3KApGDle42eFp41hKZOnz0coJxylX5P4n%2FR2kbOfCYP6lG9AX8QQBmoIMQI%2BRFTi%2BE6BPu1MOZU4oVU6YLF%2B2BTNhHDEaKvI8ne98DB%2FxUE%2F5SXvsHQKdZkwd0h9sF8yg&ts=1633756082&ttl=1800&v=v4.3.4 HTTP 302
https://reiz.xyz/8xCM9hXcvvfS0AuoKBMCo8RJBdDgjbo3HxMijDjj.png

Request Chain 75

https://wideliv.com/b2/l/i/icon?cid=1&eid=10592&n=ee22632627bcb829820cd418&nid=1&sid=FnoxTdFNi3ZetY%2F6jdH1%2ByRYRKFvSzuemJWOPVnRcjxUES3oNOAfuGU2diTvk7KDNhJOK%2F84qyVD9dyBetuYhIL6y099%2FYf9ezmklt4Ccu6J6ayPdO9hj5TsOARfvP0RafQWvglp5pKCQrmW5HEgAveQhuUliZsyCmDs80YoXGBgD5%2FtcWQ7wc%2BQBmA41Sg9GWfcLf9rNsNa0tng1itUwZv3K7cOPqfMlO3rdaCmprqv7TUEjZW3%2FL%2BhYQfgdEmJTjIbRUNyXXyHF73kk54wIFFcTxG9maPMITPGno2ru2L291EiCqwfOSBJ9gmPLp63pjyqNjF%2FXy2Px%2Bs3D73EKQD6NBWetFsWDGoe0xzpNKdy4kXyMhyuQ5zNqXRxMyLelAIPK%2BIbkGOXtROG7Rw%2FZ9giNn%2FmuBn%2FGEowNWD5kx7yvEio983THYfAsw3A2Jbdz%2BZmhFfDZ3eQ2xuWCS3biqilOn02%2Fi3YqXPodWB2g3jQJdiDlbjrcxlH0I%2Buzo1d5wAeQu6PWmbkI36W6BqK6kl2LXE5IJ4oPqLN87QI%2FGgT4GRA1pyujLHUTQgfZ8IUhZVV8o%2BUcrtUpxfsjy9yZnMBYuma3TpINwxPrwi0MMZv7ULUWZ8ZWtYCYPRzXzKrHVEZgTkCe6J4X5cJ0Tbx4CA5Czlfw5Zoc2gC72TwQ1y2%2BX7K7gDnj34VpJ%2BJkXAOHTuef13uicqVNpbX2wDBtOfUMNKy40LNrYjV2JaHuVOcApgc2V1Z%2Fmd96owgIMq56xFfR1DKZFIrjA%2BiULxwjUzp5sop8yERzLM11Y9jmJ%2B18kFFqpyx6w7bNItzMEk8XtYdqPX4qdRkbYbxOX%2FeJzTUQo1flcJPeA%2FmTBK2xCdguEHniZo0tqbtr5DogKm5bvKmUOVDBlBsBDgYgeM7cxHqrviHbxRFstHsXOjUaeb5ISp1c0fw7gNcGN2B0F%2FuUm3NCcq5i4mLjiv7YYrvL%2BCSXSgXDgHNKbAjADafr3p25uUnK9KAdvasyJag5epmR3In6212Wk6w0rAyqw%2F%2FPbhn4IhE6TREJ%2Fh7XYoWsZSNbRRKX8XVKnUIxVpk7EIXGrBB6%2FJtfxoDuz6sWJezqI9a1D%2BJfdwNHEKtSaYQoAFyITm4SHiaCxJtp0UwrHwcogNO1qT%2FtA1GSUQCtV8bnGScgQE9q%2BRtSfEafMahxdPe39l%2Btjr7bzMYYUH78jmvpwklyWjmbql2jZvgd7GaE8ln5v%2BDQKTdGvN8ak5IUFGoLUbmM6Yv3yd2s%2B%2BTdX1t9LRVcwQLxQeKD3jNbGGa5Vy5mm3Z9gdIpKGwNmojt7lh97n25krWMOgZduI6eQYf5wXZ%2FP3Qk3GkV%2FNLgcHW5rn3bFyx2KPPkmkIXlagXgBnmY41QW0qCgaaPgsmOk1kOHlictk%2BsDL%2Bh%2BWDWL64yWqN42ZcjlVA8TY5J%2FAVNFLd71TUupiCMARwmKcKC5QvA0OZBcXZCrkzXH8mdP7qrp2Bf207NWzHbN3uEOy%2B1BvUS4vxBlRi%2BkBvx7pUDPGDEPifte4%2BDH8xdx8BzouiBmtSgqlMfLldRYZS41Y7hSQSl7Nl6DwIQXL3pFf2xebyX1NZmg3Wl%2BGU4LKXw0EHu1UxnJ4AWJqf5SlBqQ0QNi8IE2TXeY2ZcJ8aud5KORnGeYvIKvUsm8S5S9FxMWaUYsy%2Bwf6Pk%2Bgs17lry3oEdPVVdBgi2XCpwagJOUlTZSdmIx%2FSkB5hVwsjuTo6B4fh5LyZ%2BqbgORbWovcDSVMS45ZWVDnc37X2aDfnPnMy%2Bk%2Fqlk%2BvXOuma9B8VkIBkosmIguwFBYXbixpssAETEMsRmJIVHaw3oacg4htarmnCZwPP0rALb0NXg&ts=1633756082&ttl=1800&v=v4.3.4 HTTP 302
https://reiz.xyz/XML8zou80R17SOGE81z0h5Ahl8DiPoM5oshCv09i.png

Request Chain 76

https://wideliv.com/b2/l/i/icon?cid=1&eid=10592&n=07384d981006519efd6f47cc&nid=1&sid=UoGOLayNsXndD%2BgTM6JPFbjfsT%2FJGF3CJkEqnQpla294R62u%2BMzCQXT%2FpkqfFxW2rCFr%2BDCi59WlQH8RgkIQAUJNKqxY54vx2up7g326DKgZSUk404RCnSme2aEhNVpB8fSsq70tTpYLu0MQVRjZV%2BiAnPntXB93OEaE2ILXAqt%2BDC3%2BitOMwRjo9Pl1mEOJ%2FFYWEjhhe2zkVyMNYJurt6MeZ4A6Zcb%2BE1GAYLSmVo%2BbX09c9r4xzHgb8bCcr97gTVp2Wg%2BajNTMUScrwLKG%2FzDM9d5v42Y1PjsHRubPv5vc9gLV3W3yNPawYIAmWytbP25PCi9l%2FpOQg89reRia9aMcZ%2FT%2FPQgRU%2Bx%2BlYabnB2TtLPGl5nfgFtKq1BX%2FKR%2FYduj1HBjTsB0ROj8OMC6ZkeG88gRtQau6DHD6gMxm9OX%2BeZUNb%2B0KUJ%2FHgSiu7yRJ6InbyZXLmgDP9haRaSNcZ7u8lMbx0IGeKUdw%2FFarTh12SWtbiVC0H03NgjylrepcgznCc7bf011NjWWk%2BiaCwiFBYUiGTYWu1I3XS4T%2BPQQuSZMOFWYEynnkSnGKfihfm5DSY09AuF7Sqyjea6FussOoNY11%2FW9UgQ8TLDdlOVWzW0tuUAKFo3cbat5Ydg5GA959%2BfTm3tOGK7kEOmNJAU7wcQpTeaydyi7n%2BBkOvZ8XqFnEOtOZdu97oEkzZh9pzxKjJ%2BkA2QWQXKBev2bJhllX3OXH%2F5p6I2FIy1Yr1BT5Xq7jABBqMj78YRfpMrtM8mY6ZYmQGoQ%2F8HFsJs3E%2BAQ5kVElp0Cxb4vZ19Wpio6wDozS6VZLwS%2F0Z4ISxRry4%2FW95QfI2UryEJ7ef%2Bmrxls%2FMkqS048R1%2Bdf%2BivJa4V3sli3SNL5U8LQLcygghCqfFDutZOvKZGfX6T0v5i7Wy8LlyrdqrYQYaJEWCvbZNmd1ykpz5NLu0neSb3CjaAfHWZUrtQkTgmmUI2b7Fh6onuK65P2MpCCb1QBfDj3aYTV8cxgfe9RyejwElqgv8ZnDnlOst9%2BFgm45kERXV8CghxUi%2FZ99wpaJ20skp%2FTw2WOjo%2F2v8jsTaoOtcPp2DaOW%2Bkq6Rg0KrfW8IGjCj0Z3K8RApdlPyttBJTUUY1v1v5cPjFa7RFpl4254ocpvRUYnf066xCYF9mdiB2uz05wDk1wZbNQCnoMYJgKTU1qsRhAT5iOHY92SibzxKDinRDHR%2F8eJVL3LVEm9%2BZJ1I9%2F7WfZyAjQwU0GdCt20pZHZ%2B%2Fb35gTrt5K9DlUzXy5HGFTN9oZxcn3S1%2FrzRhp0FJHte5bRTmIp3p6BetqER%2FOzGpYuzEQvMMpwv72pDfgSgQCcWHGED8QAlSMGYKEdj7dIiqXnDf3edbI3jepK9weIN7LSfz8AbcAOg5gU9mdRnP%2BPYgjBnhcCTWOvGgwE%2BToO4QAwYs8BG3Koggd4BSEGeKRBm7TXcv8pXH0SldD5Ttzh%2Fdsa0wj2iL7WHOo67mO5S1CQvA1Uh8RFovBawpQXMfGDtXV3IOfx5rCdiUShVIT2v5ydaKj5uRxNcZZvljgAHv8QLUyIK5kFhYNrnazlAMBqWqg6nsx9BIDYnjGEP0YM3U48ppDJBgMD8QTRRD8ZeQOLkSI6vH4R0McLrZMIuwd8HjRRydiHB%2FQXnBoJKk5S7kdVxMBYtrYtOmA4LDaW2h0DmJ61rcYKFx1hbg9cHT%2BryU%2BOpasEPbRWdLwS%2F7r6FlGvyX1HwolCcatQ39GokuL1CAJ5AgWHCViByD%2B8%2BUAj3BNPanHyaYSxrSPP3NO4gsOcNTXBkuT1rzEzP79vqoZeH1ERbd%2FPqMzOGxvSavZpgbqLusaATIoMnm%2B1YjkpCH53CAXw&ts=1633756082&ttl=1800&v=v4.3.4 HTTP 302
https://reiz.xyz/JG747VJcGT4lrTOCg7UXdLDzwE6MIln78SU0jEk1.png

80 HTTP transactions
-2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
hebeboard.aino.pk/ 13 KB
4 KB 99ms
77ms Document
text/html 45.14.224.146
SPECTRAIP Spectra...

General

Check archive.org

Show headers Download Go to

Full URL

http://hebeboard.aino.pk/

Protocol

HTTP/1.1

Server

45.14.224.146 Amsterdam, Netherlands, ASN62068 (SPECTRAIP SpectraIP B.V., NL),

Reverse DNS

hosted-by.spectraip.net

Software

nginx /

Resource Hash

e60edfe588763b98624f9ffdeb2fe4ac194bfafb79bde9609d3b58f54ae6218e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Host: hebeboard.aino.pk
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Sat, 09 Oct 2021 05:07:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding Accept-Encoding
Set-Cookie: hebeboard_aino_pk=94e6d4e6db142269d2949778617ca98d; path=/; domain=hebeboard.aino.pk
Expires: Sat, 09 Oct 2021 05:11:33 GMT
Cache-Control: public
Pragma: no-cache
Last-Modified: Sat, 09 Oct 2021 05:01:33 GMT
Access-Control-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET
H/1.1 200
OK style.css
fastcdn.jdi5.com/css/hebeboard.aino.pk/ 0
825 B 173ms
153ms Stylesheet
text/css 172.67.156.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://fastcdn.jdi5.com/css/hebeboard.aino.pk/style.css
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: HTTP/1.1
Server: 172.67.156.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.0RC6
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 09 Oct 2021 05:07:59 GMT
content-encoding: gzip
CF-Cache-Status: EXPIRED
Last-Modified: Sat, 09 Oct 2021 00:14:14 GMT
Server: cloudflare
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.0RC6
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXLzYHyxN5WcJFv7jF4eps7t5yfQbvxvL8u7sCaRzI1sJAdfe03oXSSyqzSmLol73YRStDs6CJeVOvVRXae0qpYUqnVlS4etwaiqhQqxMk0O%2BqECCj4G5xCmw4dkfxwuvKnC"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 69b516a77d1c4137-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 403
Forbidden 924a493b70390a3b05cf6950985a02a2.js
pl15024262.performancetrustednetwork.com/92/4a/49/ 0
0 191ms
94ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pl15024262.performancetrustednetwork.com/92/4a/49/924a493b70390a3b05cf6950985a02a2.js
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: HTTP/1.1
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 09 Oct 2021 05:07:59 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK online_i.js Show response
widget.supercounters.com/ssl/ 4 KB
2 KB 45ms
27ms Script
application/javascript 104.21.66.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://widget.supercounters.com/ssl/online_i.js
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: HTTP/1.1
Server: 104.21.66.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b01052595d22238c23ad27dfb118270dc17124aa47731d3308824fbf182511b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 09 Oct 2021 05:07:59 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1538
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Last-Modified: Tue, 11 Jul 2017 06:49:04 GMT
Server: cloudflare
ETag: W/"596474e0-109e"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wxVHCTwJEYQry8itP5a8t1bRTdjHtMdw8OqiprD3KOK6kfR32pyE7ZN7GianRJ9sQjrwuZghn9nkzjTqYkMktEiTRIKkzQyalwzrFrhwsBu%2BdgUq9sJiM3yQqrLVHD5IJA4hOoFLr31uISs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
CF-RAY: 69b516a77ac1f9de-PRG

GET
H/1.1 200
OK online.js Show response
counter.jdi5.com/ 3 KB
2 KB 46ms
23ms Script
application/javascript 104.21.40.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://counter.jdi5.com/online.js
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: HTTP/1.1
Server: 104.21.40.186 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f530bfa2c38b91f1fc244604bb6db7381662a0a44f151bf368d310ced331442

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 09 Oct 2021 05:07:59 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 14600132
Cf-Polished: origSize=4463
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Last-Modified: Fri, 19 Mar 2021 16:57:56 GMT
Server: cloudflare
ETag: W/"6054d814-116f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJ8o%2Fvyvwstsu09uxepI0yOa1dWu4cVoftnacln4crL%2B7hH%2FpYpiGDQ5xCyWd4He2pYk0%2F5FEcB0U%2F5pgbxnOi4P6Ze%2FvMM1FjT8ZCLC%2FFYRHBExaYakmh8dmkJTMAOGJ8FJ"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-RAY: 69b516a78ad84108-PRG
Cf-Bgj: minify

GET
H2

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=UA-46789381-15
https://www.googletagmanager.com/gtag/js?id=UA-46789381-15

97 KB
39 KB

61ms
26ms

Script
application/javascript

142.250.186.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-15

Requested by

Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

abc2606b799fc42ee9f7c59590f0e3a7fc8f9db56c476002bcdfd3f06d0622d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 05:07:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39242
x-xss-protection: 0
last-modified: Sat, 09 Oct 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Oct 2021 05:07:59 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=UA-46789381-15
Date: Sat, 09 Oct 2021 05:07:59 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: Google Tag Manager
Content-Length: 255
X-XSS-Protection: 0
Content-Type: text/html; charset=UTF-8

GET
H2

206

CookedLawfulBullmastiff-mobile.mp4
thumbs2.redgifs.com/
Redirect Chain

http://thumbs2.redgifs.com/CookedLawfulBullmastiff-mobile.mp4
https://thumbs2.redgifs.com/CookedLawfulBullmastiff-mobile.mp4

492 KB
492 KB

30ms
24ms

Media
video/mp4

104.18.5.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thumbs2.redgifs.com/CookedLawfulBullmastiff-mobile.mp4
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.5.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Toilet Tissue
Resource Hash: 53af4010907dde3cc86bd10a52303767c21d1f966970cbb5e6925fbc7cd0a872

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 05:07:59 GMT
cf-cache-status: HIT
server: cloudflare
age: 14589180
x-powered-by: Toilet Tissue
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: video/mp4
Content-Range: bytes 0-503431/503432
cache-control: public, max-age=31536000
cf-ray: 69b516a8eaa24e97-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 503432
expires: Sun, 09 Oct 2022 05:07:59 GMT

Redirect headers

Date: Sat, 09 Oct 2021 05:07:59 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://thumbs2.redgifs.com/CookedLawfulBullmastiff-mobile.mp4
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 69b516a8bdaa4aaf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Expires: Sat, 09 Oct 2021 06:07:59 GMT

GET
H2

206

ThirstyDeterminedGopher-mobile.mp4
thumbs2.redgifs.com/
Redirect Chain

http://thumbs2.redgifs.com/ThirstyDeterminedGopher-mobile.mp4
https://thumbs2.redgifs.com/ThirstyDeterminedGopher-mobile.mp4

3 MB
0

33ms
17ms

Media
video/mp4

104.18.5.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thumbs2.redgifs.com/ThirstyDeterminedGopher-mobile.mp4
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.5.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Toilet Tissue
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 05:07:59 GMT
cf-cache-status: HIT
server: cloudflare
age: 14577621
x-powered-by: Toilet Tissue
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: video/mp4
Content-Range: bytes 0-5741364/5741365
cache-control: public, max-age=31536000
cf-ray: 69b516a8eaa04e97-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 5741365
expires: Sun, 09 Oct 2022 05:07:59 GMT

Redirect headers

Date: Sat, 09 Oct 2021 05:07:59 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://thumbs2.redgifs.com/ThirstyDeterminedGopher-mobile.mp4
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 69b516a8bb2a4e2b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Expires: Sat, 09 Oct 2021 06:07:59 GMT

GET
H/1.1 200
OK fc.php Show response
www.supercounters.com/ 29 B
280 B 179ms
90ms Script
application/x-javascript 172.104.29.90
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://www.supercounters.com/fc.php?id=1400646&w=1&v=2&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&ref=&url=http%3A%2F%2Fhebeboard.aino.pk%2F&sw=1600&sh=1200&rand=7
Requested by: Host: widget.supercounters.com
URL: http://widget.supercounters.com/ssl/online_i.js
Protocol: HTTP/1.1
Server: 172.104.29.90 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1848-90.members.linode.com
Software: nginx/1.20.1 / PHP/7.4.13
Resource Hash: 15f7a149c6466594513c6f6943894406cba7ea783dd9d2fa64ababb9482dc1a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 09 Oct 2021 05:07:59 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Connection: keep-alive
X-Powered-By: PHP/7.4.13
Transfer-Encoding: chunked
Content-Type: application/x-javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 58ms
16ms Script
text/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: counter.jdi5.com
URL: http://counter.jdi5.com/online.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4013
date: Sat, 09 Oct 2021 04:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 09 Oct 2021 06:01:06 GMT

GET
H/1.1 200
OK fc.php Show response
counter.jdi5.com/ 49 B
761 B 98ms
98ms Script
application/x-javascript 104.21.40.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://counter.jdi5.com/fc.php?id=3f6b3baf7b59a93f71be44e4c77940b2&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&ref=&pn=http%3A%2F%2Fhebeboard.aino.pk%2F&wh=1600x1200&rand=0
Requested by: Host: counter.jdi5.com
URL: http://counter.jdi5.com/online.js
Protocol: HTTP/1.1
Server: 104.21.40.186 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 777f02f0cd48d7beef23da311bce41f5763da9805e9093eac530c96b24858d37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 09 Oct 2021 05:07:59 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2FN331RvPqE8AgYSyaAdv8vtgpFefb1jj2DgNbl%2BzDW780iRNx5188%2F5v%2Ff6axqRj8Pw6U%2BTKclq83qJ%2BK0xGIaqGFgLPF%2FSVMXaYcvXQ2OCXZ7v2fagECnbfq0x78IAGQr1"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Connection: keep-alive
CF-RAY: 69b516a8bb2e4108-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2

200

submit.php Show response
1337x2.xyz/ Frame 4302
Redirect Chain

http://ad.jetx.info/red2.php?rand=wF273383e470041b80e245db20c410fcba&id=27
https://1337x2.xyz/submit.php

345 B
741 B

94ms
38ms

Document
text/html

172.67.155.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x2.xyz/submit.php
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.155.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: e9b281d1d3a53a42aaa13f8b0e5b332da80515dd3f010481193953038d8fa7ef

Request headers

:method: GET
:authority: 1337x2.xyz
:scheme: https
:path: /submit.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://hebeboard.aino.pk/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/

Response headers

date: Sat, 09 Oct 2021 05:07:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uUkqp5JlhgWKzeVIc24hU4Nc2LIrFjFLpRODXJjdhFJ8wqt4Y1P6a80dqbEnGq4TzImfhc5MHRhjo0JJLoM1DnFxU6f%2F3HjPl9e4pwHqxCR1xfXjfUAGOP4hEA3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69b516a97d6e4125-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 09 Oct 2021 05:07:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/5.6.40
set-cookie: PHPSESSID=39oo4ons9e47p0m6jonar2tda0; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
location: https://1337x2.xyz/submit.php
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fNOwki9z54AYUy1S1kWiPuX8mahKH9MKh8gbI1I3%2BV91FHNZqQzfagFHVs39omsIi%2BPInSY92kBmk0le%2FA4zj6Q%2F%2BddHOe9tWWyER2wS9fEJBWCP4B%2BwqM11CsRRNzU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 69b516a8cdc2536a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK / Show response
hebeboard.aino.pk/ Frame 56B8 13 KB
4 KB 156ms
156ms Document
text/html 45.14.224.146
SPECTRAIP Spectra...

General

Check archive.org

Show headers Download Go to

Full URL

http://hebeboard.aino.pk/

Requested by

Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/

Protocol

HTTP/1.1

Server

45.14.224.146 Amsterdam, Netherlands, ASN62068 (SPECTRAIP SpectraIP B.V., NL),

Reverse DNS

hosted-by.spectraip.net

Software

nginx /

Resource Hash

df0784e940a1307c17c93bbaacfaea21e273f54bb9eea02ff6f7fe08465c0c1e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Host: hebeboard.aino.pk
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://hebeboard.aino.pk/
Accept-Encoding: gzip, deflate
Cookie: hebeboard_aino_pk=94e6d4e6db142269d2949778617ca98d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/

Response headers

Server: nginx
Date: Sat, 09 Oct 2021 05:07:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding Accept-Encoding
Expires: Sat, 09 Oct 2021 05:11:33 GMT
Cache-Control: public
Pragma: no-cache
Last-Modified: Sat, 09 Oct 2021 05:01:33 GMT
Access-Control-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
148 B 37ms
36ms XHR
text/plain 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=729347849&t=pageview&_s=1&dl=http%3A%2F%2Fhebeboard.aino.pk%2F&ul=en-us&de=UTF-8&dt=hebeboard.aino.pk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=809621166&gjid=1474681241&cid=1839467852.1633756080&tid=UA-46789381-10&_gid=1115146201.1633756080&_r=1&_slc=1&z=95658153

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://hebeboard.aino.pk/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Oct 2021 05:07:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://hebeboard.aino.pk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 34ms
34ms XHR
text/plain 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=729347849&t=pageview&_s=1&dl=http%3A%2F%2Fhebeboard.aino.pk%2F&ul=en-us&de=UTF-8&dt=hebeboard.aino.pk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=1400986490&gjid=396513289&cid=1839467852.1633756080&tid=UA-46789381-15&_gid=1115146201.1633756080&_r=1&gtm=2oua60&z=1713951935

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://hebeboard.aino.pk/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Oct 2021 05:07:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://hebeboard.aino.pk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 28ms
27ms Image
image/gif 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=729347849&t=event&_s=2&dl=http%3A%2F%2Fhebeboard.aino.pk%2F&ul=en-us&de=UTF-8&dt=hebeboard.aino.pk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=hebeboard.aino.pk&ea=hebeboard.aino.pk&el=hebeboard.aino.pk&_u=YEDAAUABAAAAAC~&jid=&gjid=&cid=1839467852.1633756080&tid=UA-46789381-15&_gid=1115146201.1633756080&gtm=2oua60&cg1=hebeboard.aino.pk&z=1697306229

Requested by

Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Oct 2021 08:46:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73265
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK FF0000.png
imgcdn1.jdi5.com/img/ 128 B
960 B 57ms
23ms Image
image/png 172.67.156.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://imgcdn1.jdi5.com/img/FF0000.png
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: HTTP/1.1
Server: 172.67.156.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: f55305c1eb95d27c0b58235590a184a11b5093f7481b48862645b2dc45d458cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 09 Oct 2021 05:07:59 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 14592768
X-Powered-By: PHP/5.6.40
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 128
Last-Modified: Fri, 23 Apr 2021 07:35:11 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L5YmAR7zscpUyNsvlZzM6oab3h9Dr0jnSgEJDiSVOcWxh%2Bqe%2F1foxi%2FD9uIv0m0iUx7N9GHfKlcD%2FKgroju%2FlMcjBfYX5iFeHTSF3tSUHipB3FytMFY0GfwbKBiOSclCHOm1"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 69b516a9894ff9e2-PRG
Expires: Sat, 23 Apr 2022 07:35:11 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
462 B 56ms
14ms XHR
text/plain 66.102.1.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-46789381-10&cid=1839467852.1633756080&jid=809621166&gjid=1474681241&_gid=1115146201.1633756080&_u=IEBAAEAAAAAAAC~&z=778815123

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://hebeboard.aino.pk/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 09 Oct 2021 05:07:59 GMT
content-type: text/plain
access-control-allow-origin: http://hebeboard.aino.pk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
68 B 55ms
15ms XHR
text/plain 66.102.1.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-46789381-15&cid=1839467852.1633756080&jid=1400986490&gjid=396513289&_gid=1115146201.1633756080&_u=YEDAAUABAAAAAC~&z=1058968310

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://hebeboard.aino.pk/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 09 Oct 2021 05:07:59 GMT
content-type: text/plain
access-control-allow-origin: http://hebeboard.aino.pk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK style.css
fastcdn.jdi5.com/css/hebeboard.aino.pk/ Frame 56B8 0
849 B 16ms
16ms Stylesheet
text/css 172.67.156.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://fastcdn.jdi5.com/css/hebeboard.aino.pk/style.css
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: HTTP/1.1
Server: 172.67.156.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.0RC6
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 09 Oct 2021 05:07:59 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 0
x-powered-by: PHP/7.4.0RC6
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Last-Modified: Sat, 09 Oct 2021 05:07:59 GMT
Server: cloudflare
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PBNI2BhWlInaiF%2FDaZ0ipS3X3keYXqJQK7C7N9IipT1rVZuML%2Fei4IQlehzQqaGy0fFLssebCxIJIwgYb1rYkIhkKpPDC1L09JwrFoOiWcoord3IVpqjRF%2BQnbnUvdAtn6Ag"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=14400
CF-RAY: 69b516a9ddde4137-PRG
Cf-Bgj: minify

GET
H/1.1 403
Forbidden 924a493b70390a3b05cf6950985a02a2.js
pl15024262.performancetrustednetwork.com/92/4a/49/ Frame 56B8 0
0 94ms
92ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pl15024262.performancetrustednetwork.com/92/4a/49/924a493b70390a3b05cf6950985a02a2.js
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: HTTP/1.1
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 09 Oct 2021 05:07:59 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK online_i.js Show response
widget.supercounters.com/ssl/ Frame 56B8 4 KB
2 KB 26ms
23ms Script
application/javascript 104.21.66.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://widget.supercounters.com/ssl/online_i.js
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: HTTP/1.1
Server: 104.21.66.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b01052595d22238c23ad27dfb118270dc17124aa47731d3308824fbf182511b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 09 Oct 2021 05:07:59 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1538
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Last-Modified: Tue, 11 Jul 2017 06:49:04 GMT
Server: cloudflare
ETag: W/"596474e0-109e"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XinTszOGSs08el2w5LhsSry1RS%2BSSwBEJETT2wpBRpcC2VPpY9KHCThFBvcaJ6f7uokXNVENCleuSqDi57%2Ftic6ctQuj%2Bcg8sWMrsulMhCere0tNb%2FfHfGxwz0auKr8TuSt7VLoTCpHMkSA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
CF-RAY: 69b516a9db62f9de-PRG

GET
H/1.1 200
OK online.js Show response
counter.jdi5.com/ Frame 56B8 3 KB
2 KB 22ms
19ms Script
application/javascript 104.21.40.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://counter.jdi5.com/online.js
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: HTTP/1.1
Server: 104.21.40.186 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f530bfa2c38b91f1fc244604bb6db7381662a0a44f151bf368d310ced331442

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 09 Oct 2021 05:07:59 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 14600132
Cf-Polished: origSize=4463
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Last-Modified: Fri, 19 Mar 2021 16:57:56 GMT
Server: cloudflare
ETag: W/"6054d814-116f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W0BnP2Z1z97suP5IoGarkiOZpcM3q%2BbcImZnQdz80blFTNPWyvsv1Nepl%2By%2FVCilWi%2FFJyKElRw9GAWX5zEqcH%2Bl%2FeZm8hEBydvLnxp0W4%2FakUcQZ2peUCjQ4R7QG%2F1%2B4J2Y"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-RAY: 69b516a9db8f4108-PRG
Cf-Bgj: minify

GET
H3

200

js Show response
www.googletagmanager.com/gtag/ Frame 56B8
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=UA-46789381-15
https://www.googletagmanager.com/gtag/js?id=UA-46789381-15

97 KB
38 KB

50ms
28ms

Script
application/javascript

142.250.186.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-15

Requested by

Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

10f63d560df0ca2ba18d7497ad646f89a77746cfedca4ebf44feaea51df75597

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 05:07:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39244
x-xss-protection: 0
last-modified: Sat, 09 Oct 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Oct 2021 05:07:59 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=UA-46789381-15
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK e61c1c.png
widget.supercounters.com/images/online/ 568 B
1 KB 35ms
21ms Image
image/png 104.21.66.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://widget.supercounters.com/images/online/e61c1c.png
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: HTTP/1.1
Server: 104.21.66.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 946f17cbf7585ff68bf58c1ef9d340c59760d3b1a7ab4a264590ae10cc1b2294

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 09 Oct 2021 05:07:59 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 4965
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 568
last-modified: Fri, 27 Aug 2021 14:45:52 GMT
Server: cloudflare
etag: "6128faa0-238"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMHyw6qmYiIvAW4saFBl1pgz3zvu8vbrgJUhkeBd4tfGuDwKdMKbNLOYQO4nDNi0Wu6zuGbgyUw5c3orC2cw%2Fk%2Fv4lDF9SdLnXU6a9FW%2BAm28A7mW7Y1BpSr0NfZrBUAlsTb5Kpt8BPrzbs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 69b516a9e98827bc-PRG

POST
H3 200 / Show response
1337x2.xyz/ Frame 4302 355 B
825 B 61ms
42ms Document
text/html 172.67.155.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x2.xyz/
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.155.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: f4074ef5314004473b39b8a5cd9c10c4885bda81e9a72d62d2d192f91d166299

Request headers

:method: POST
:authority: 1337x2.xyz
:scheme: https
:path: /
content-length: 24
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://1337x2.xyz
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1337x2.xyz/submit.php
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://1337x2.xyz
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/submit.php

Response headers

date: Sat, 09 Oct 2021 05:07:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
set-cookie: sam=sam; expires=Mon, 08-Nov-2021 05:07:59 GMT; Max-Age=2592000; path=/; domain=1337x2.xyz
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BSpem61CtkgnjCIfQj0%2Fe9EWyznLMual%2B5N9hgorG5Io8447xHy%2FjNa%2FWkApjIRPcswBdcios6%2FgL%2B7vNuhmu88UuROS%2F073UMC7UF5fnIOoZ3RpgPtq7%2FhaPAtb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69b516a9fc794120-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 40ms
17ms Image
image/gif 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-46789381-10&cid=1839467852.1633756080&jid=809621166&_u=IEBAAEAAAAAAAC~&z=1083475314

Requested by

Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Oct 2021 05:07:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 39ms
17ms Image
image/gif 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-46789381-15&cid=1839467852.1633756080&jid=1400986490&_u=YEDAAUABAAAAAC~&z=9081680

Requested by

Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Oct 2021 05:07:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
1337x2.xyz/sub/54/0/ Frame 4302 3 KB
2 KB 41ms
41ms Document
text/html 172.67.155.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x2.xyz/sub/54/0/
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.155.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: fa469415cc9cb639690cf06ebe39f20974dc55518193087ece799355248087ac

Request headers

:method: POST
:authority: 1337x2.xyz
:scheme: https
:path: /sub/54/0/
content-length: 30
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://1337x2.xyz
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1337x2.xyz/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://1337x2.xyz
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/

Response headers

date: Sat, 09 Oct 2021 05:07:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
set-cookie: sam=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=1337x2.xyz
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O82D5%2Fc5E59sFggPNkJG63pdyktSOEoSBSX03MJqWVyNqvl%2FoJYE1jjkYUy1HKHms2pRgJkKdnZswothjRU3AnXXHa80qxrI8dGrLXWVb0EbILP0%2BguJaJYxRkw6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69b516aa4c9f4120-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3

206

CookedLawfulBullmastiff-mobile.mp4
thumbs2.redgifs.com/ Frame 56B8
Redirect Chain

http://thumbs2.redgifs.com/CookedLawfulBullmastiff-mobile.mp4
https://thumbs2.redgifs.com/CookedLawfulBullmastiff-mobile.mp4

492 KB
492 KB

52ms
43ms

Media
video/mp4

104.18.5.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thumbs2.redgifs.com/CookedLawfulBullmastiff-mobile.mp4
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.5.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Toilet Tissue
Resource Hash: 53af4010907dde3cc86bd10a52303767c21d1f966970cbb5e6925fbc7cd0a872

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 05:07:59 GMT
cf-cache-status: HIT
server: cloudflare
age: 14589180
x-powered-by: Toilet Tissue
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: video/mp4
Content-Range: bytes 0-503431/503432
cache-control: public, max-age=31536000
cf-ray: 69b516aa8b4f4a68-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 503432
expires: Sun, 09 Oct 2022 05:07:59 GMT

Redirect headers

Date: Sat, 09 Oct 2021 05:07:59 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://thumbs2.redgifs.com/CookedLawfulBullmastiff-mobile.mp4
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 69b516aa6f7c4aaf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Expires: Sat, 09 Oct 2021 06:07:59 GMT

GET
H3

206

ThirstyDeterminedGopher-mobile.mp4
thumbs2.redgifs.com/ Frame 56B8
Redirect Chain

http://thumbs2.redgifs.com/ThirstyDeterminedGopher-mobile.mp4
https://thumbs2.redgifs.com/ThirstyDeterminedGopher-mobile.mp4

3 MB
0

26ms
18ms

Media
video/mp4

104.18.5.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thumbs2.redgifs.com/ThirstyDeterminedGopher-mobile.mp4
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.5.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Toilet Tissue
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 05:07:59 GMT
cf-cache-status: HIT
server: cloudflare
age: 14577621
x-powered-by: Toilet Tissue
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: video/mp4
Content-Range: bytes 0-5741364/5741365
cache-control: public, max-age=31536000
cf-ray: 69b516aa8b514a68-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 5741365
expires: Sun, 09 Oct 2022 05:07:59 GMT

Redirect headers

Date: Sat, 09 Oct 2021 05:07:59 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://thumbs2.redgifs.com/ThirstyDeterminedGopher-mobile.mp4
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 69b516aa6d0c4e2b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Expires: Sat, 09 Oct 2021 06:07:59 GMT

GET
H/1.1 200
OK fc.php Show response
www.supercounters.com/ Frame 56B8 29 B
280 B 86ms
86ms Script
application/x-javascript 172.104.29.90
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://www.supercounters.com/fc.php?id=1400646&w=1&v=2&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&ref=http%3A%2F%2Fhebeboard.aino.pk%2F&url=http%3A%2F%2Fhebeboard.aino.pk%2F%23&sw=1600&sh=1200&rand=42
Requested by: Host: widget.supercounters.com
URL: http://widget.supercounters.com/ssl/online_i.js
Protocol: HTTP/1.1
Server: 172.104.29.90 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1848-90.members.linode.com
Software: nginx/1.20.1 / PHP/7.4.13
Resource Hash: 15f7a149c6466594513c6f6943894406cba7ea783dd9d2fa64ababb9482dc1a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 09 Oct 2021 05:07:59 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Connection: keep-alive
X-Powered-By: PHP/7.4.13
Transfer-Encoding: chunked
Content-Type: application/x-javascript

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 56B8 48 KB
19 KB 7ms
7ms Script
text/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: counter.jdi5.com
URL: http://counter.jdi5.com/online.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4013
date: Sat, 09 Oct 2021 04:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 09 Oct 2021 06:01:06 GMT

GET
H/1.1 200
OK fc.php Show response
counter.jdi5.com/ Frame 56B8 49 B
753 B 59ms
59ms Script
application/x-javascript 104.21.40.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://counter.jdi5.com/fc.php?id=3f6b3baf7b59a93f71be44e4c77940b2&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&ref=http%3A%2F%2Fhebeboard.aino.pk%2F&pn=http%3A%2F%2Fhebeboard.aino.pk%2F%23&wh=1600x1200&rand=24
Requested by: Host: counter.jdi5.com
URL: http://counter.jdi5.com/online.js
Protocol: HTTP/1.1
Server: 104.21.40.186 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 777f02f0cd48d7beef23da311bce41f5763da9805e9093eac530c96b24858d37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 09 Oct 2021 05:07:59 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BubUEvvZFBXlEAbpsczm%2BMp4OEwIJCVfS4wfyEqvAcrj1oLt2MdLgtVgte8mN%2BNTxnTVDd2NHysYD5LPBpexN8yVHpw7iMgLWZBkjaaHjHaC5FTATMJTeAqlBC62wfy0ydGT"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Connection: keep-alive
CF-RAY: 69b516aa7be44108-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3

200

submit.php Show response
1337x2.xyz/ Frame 7CE9
Redirect Chain

http://ad.jetx.info/red2.php?rand=wF273383e470041b80e245db20c410fcba&id=27
https://1337x2.xyz/submit.php

345 B
700 B

41ms
41ms

Document
text/html

172.67.155.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x2.xyz/submit.php
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.155.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: e9b281d1d3a53a42aaa13f8b0e5b332da80515dd3f010481193953038d8fa7ef

Request headers

:method: GET
:authority: 1337x2.xyz
:scheme: https
:path: /submit.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://hebeboard.aino.pk/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/

Response headers

date: Sat, 09 Oct 2021 05:07:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aRz7b90PQTX6erEmqAPdyytpjQrosHOg8HgKX1xiufiCXJB46ebJyHqLwOZf5dCbqhMMQnbTMRUyJ79iX1V1keC1FY7Wduty1GQ6q0Fs7L5C%2B39HGveTnzEUVY3s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69b516aaacf04120-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 09 Oct 2021 05:07:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/5.6.40
set-cookie: PHPSESSID=og45e7m9hmkn5vl4cd4l53sr66; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
location: https://1337x2.xyz/submit.php
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=melTFT2juzfoRw%2FmeEEyNrA9%2Bt8846dlzioCLCkXViTZ6RaddlIYkdWCD%2BQ%2BJV5iiSAWCNJspRfwWx9yXZlHvG2rgYaDOrnGN6E%2F6LPIN60LtsBSAQvAM1LbSqbGDyo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 69b516aa6fa1536a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 56B8 2 B
22 B 13ms
13ms XHR
text/plain 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1289318385&t=pageview&_s=1&dl=http%3A%2F%2Fhebeboard.aino.pk%2F&ul=en-us&de=UTF-8&dt=hebeboard.aino.pk&sd=24-bit&sr=1600x1200&vp=&je=0&_u=AACAAEABAAAAAC~&jid=&gjid=&cid=1839467852.1633756080&tid=UA-46789381-10&_gid=1115146201.1633756080&_slc=1&z=1035623618

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://hebeboard.aino.pk/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Oct 2021 05:07:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://hebeboard.aino.pk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 56B8 35 B
55 B 7ms
6ms Image
image/gif 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1289318385&t=pageview&_s=1&dl=http%3A%2F%2Fhebeboard.aino.pk%2F&ul=en-us&de=UTF-8&dt=hebeboard.aino.pk&sd=24-bit&sr=1600x1200&vp=&je=0&_u=QACAAUABAAAAAC~&jid=&gjid=&cid=1839467852.1633756080&tid=UA-46789381-15&_gid=1115146201.1633756080&gtm=2oua60&z=651174420

Requested by

Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Oct 2021 10:58:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 65342
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 56B8 35 B
55 B 7ms
7ms Image
image/gif 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1289318385&t=event&_s=2&dl=http%3A%2F%2Fhebeboard.aino.pk%2F&ul=en-us&de=UTF-8&dt=hebeboard.aino.pk&sd=24-bit&sr=1600x1200&vp=&je=0&ec=hebeboard.aino.pk&ea=hebeboard.aino.pk&el=hebeboard.aino.pk&_u=QACAAUABAAAAAC~&jid=&gjid=&cid=1839467852.1633756080&tid=UA-46789381-15&_gid=1115146201.1633756080&gtm=2oua60&cg1=hebeboard.aino.pk&z=1968627815

Requested by

Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Oct 2021 10:58:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 65342
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 4302 97 KB
38 KB 31ms
31ms Script
application/javascript 142.250.186.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-59

Requested by

Host: 1337x2.xyz
URL: https://1337x2.xyz/sub/54/0/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8b5a43190d9ea5b0ace924eb9241583e01735a1c1544a01fd15016d2b19fd81f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 05:07:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39245
x-xss-protection: 0
last-modified: Sat, 09 Oct 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Oct 2021 05:07:59 GMT

GET
H2 200 waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNTQwMjksInNyYyI6Mn0=eyJ.js Show response
msgose.com/pw/ Frame 4302 146 KB
56 KB 47ms
19ms Script
application/javascript 104.21.48.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://msgose.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNTQwMjksInNyYyI6Mn0=eyJ.js
Requested by: Host: 1337x2.xyz
URL: https://1337x2.xyz/sub/54/0/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.48.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5280a16ad1d4adda987d3325c2c2bc292439d8d907967bcc0642c2df7f0c17b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 05:07:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
e-tag: b281d2c737282f5b9611da1abf4d6e7c
age: 6904
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 09 Oct 2021 03:12:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pb8GN7uUuVZl83LnE6eXCIcD%2Fl%2F7h80JCg6QZGZcN8W%2Fqm%2F%2FO4NJ0sjwterHb8mj2zN92IodKHzXx%2FJXMvtt8p2OOzU6PTkX0Y1ezPIHrHNnFbwSgPHSQeTh6YWH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://1337x2.xyz
cache-control: max-age=14400
cf-ray: 69b516aadce45c85-FRA

GET
H2 200 lazysizes.min.js Show response
afarkas.github.io/lazysizes/ Frame 4302 8 KB
4 KB 28ms
6ms Script
application/javascript 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://afarkas.github.io/lazysizes/lazysizes.min.js
Requested by: Host: 1337x2.xyz
URL: https://1337x2.xyz/sub/54/0/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: 3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: 27925a618e2b8f7a666985a5ee63cd457f24c555
date: Sat, 09 Oct 2021 05:08:00 GMT
content-encoding: gzip
age: 571
x-cache: HIT
content-length: 3497
x-served-by: cache-fra19130-FRA
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 09:28:46 GMT
server: GitHub.com
x-github-request-id: 6BB0:8B17:21954D:2560B1:614BCB05
x-timer: S1633756080.274045,VS0,VE0
etag: W/"60a2374e-1ed1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Thu, 23 Sep 2021 00:37:41 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-proxy-cache: HIT
x-cache-hits: 4

GET
H/1.1 200
OK FF0000.png
imgcdn1.jdi5.com/img/ Frame 56B8 128 B
956 B 18ms
17ms Image
image/png 172.67.156.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://imgcdn1.jdi5.com/img/FF0000.png
Requested by: Host: counter.jdi5.com
URL: http://counter.jdi5.com/online.js
Protocol: HTTP/1.1
Server: 172.67.156.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: f55305c1eb95d27c0b58235590a184a11b5093f7481b48862645b2dc45d458cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 09 Oct 2021 05:07:59 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 14592768
X-Powered-By: PHP/5.6.40
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 128
Last-Modified: Fri, 23 Apr 2021 07:35:11 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d6neOUipdNTjM4SnHXnra5Fe0JHIcvjXZRd1iSnsI2PZDsFlAXpPh9y%2F6KujXrDNXLb7wgwoUqZ%2BtH6IhI4X9XzsLMza2%2BZ7SvujRSaKTxuAR2sltrL6nz67tziPwpiAffcx"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 69b516aad997f9e2-PRG
Expires: Sat, 23 Apr 2022 07:35:11 GMT

GET
H2 200 submit.php Show response
1337x1.site/ Frame DBF8 345 B
730 B 578ms
521ms Document
text/html 172.67.193.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x1.site/submit.php
Requested by: Host: afarkas.github.io
URL: https://afarkas.github.io/lazysizes/lazysizes.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.193.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.0RC3
Resource Hash: e9b281d1d3a53a42aaa13f8b0e5b332da80515dd3f010481193953038d8fa7ef

Request headers

:method: GET
:authority: 1337x1.site
:scheme: https
:path: /submit.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1337x2.xyz/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/

Response headers

date: Sat, 09 Oct 2021 05:08:00 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.1.0RC3
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z7gBFiXtt%2FftkpuKbMdYi8OpZV6MZIwklXxkjKGhDZESOurspN6jUCg2g9nRDAgJOs7OEdcUPV151WpmtYpZ0EVwMDBzx08Z5EW%2F6zAxtdDZyui4uLZGdS6IDvpPWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69b516ab4eff412c-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK e61c1c.png
widget.supercounters.com/images/online/ Frame 56B8 568 B
1 KB 23ms
22ms Image
image/png 104.21.66.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://widget.supercounters.com/images/online/e61c1c.png
Requested by: Host: widget.supercounters.com
URL: http://widget.supercounters.com/ssl/online_i.js
Protocol: HTTP/1.1
Server: 104.21.66.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 946f17cbf7585ff68bf58c1ef9d340c59760d3b1a7ab4a264590ae10cc1b2294

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://hebeboard.aino.pk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 09 Oct 2021 05:07:59 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 4965
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 568
last-modified: Fri, 27 Aug 2021 14:45:52 GMT
Server: cloudflare
etag: "6128faa0-238"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jShB2J%2BKH040OZE3LC20ypr10TayCrRlnDfQH6dd9rgiQnA8O7WQ0PfM82v9hjWwhQcDfxFp4csdQyN%2Fvqpr%2Bl4wlTQIwA0z6zDh9PGECpXC%2BdGQrWXgYdmv%2F3w1WN3NJkrtqTMDzUJV59k%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 69b516ab09f727bc-PRG

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 4302 48 KB
19 KB 7ms
7ms Script
text/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-59

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4013
date: Sat, 09 Oct 2021 04:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 09 Oct 2021 06:01:06 GMT

POST
H3 200 / Show response
1337x2.xyz/ Frame 7CE9 433 B
851 B 41ms
41ms Document
text/html 172.67.155.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x2.xyz/
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.155.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 4ead34ae7afa2b0f1a7dd912b8579c75cc716fae44cfdf2845aaab852854b3fb

Request headers

:method: POST
:authority: 1337x2.xyz
:scheme: https
:path: /
content-length: 24
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://1337x2.xyz
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1337x2.xyz/submit.php
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://1337x2.xyz
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/submit.php

Response headers

date: Sat, 09 Oct 2021 05:07:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
set-cookie: sam=sam; expires=Mon, 08-Nov-2021 05:07:59 GMT; Max-Age=2592000; path=/; domain=1337x2.xyz
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iYRxnOb2L6CETOTPy8XFk%2BZUf%2B1gEjxjUqEi2WM0yZnbMGQJn0BG7wF9G5vMXtgYU8dTJNP%2B0DOm6rokjMk4a66EY0uSQSX9bMVOuMA8eKgWnb5GyHwzPVZtkcJ6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69b516ab2d484120-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 wnload Show response
yfetyg.com/ Frame 4302 384 B
479 B 252ms
215ms Fetch
application/javascript 185.162.85.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://yfetyg.com/wnload?a=1&e=aeyJwaWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNTQwMjksImQiOiIxMzM3eDIueHl6IiwibGkiOjF9&tz=0&if=1
Requested by: Host: msgose.com
URL: https://msgose.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNTQwMjksInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.162.85.2 , United Kingdom, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 19aec6eea673392896d110e918323a1adccaa3647b1a3e0b9f909263e77d478b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 09 Oct 2021 05:08:00 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 trace Show response
cloudflare.com/cdn-cgi/ Frame 4302 277 B
426 B 30ms
13ms Fetch
text/plain 104.16.133.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflare.com/cdn-cgi/trace

Requested by

Host: msgose.com
URL: https://msgose.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNTQwMjksInNyYyI6Mn0=eyJ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.229 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34fd2da324c86e1b17d7db4aca6cfd7475e84c4c7f1e1696af1f8f98f928297e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 05:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 69b516acf9465b44-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
BLOB 200
OK 5d304bcc-8d6a-4de7-8824-eef0f6bf978e
https://1337x2.xyz/ Frame 4302 91 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://1337x2.xyz/5d304bcc-8d6a-4de7-8824-eef0f6bf978e
Requested by: Host: 1337x2.xyz
URL: https://1337x2.xyz/sub/54/0/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 91
Content-Type: application/javascript

POST
H3 200 / Show response
1337x2.xyz/torrent/5008602/The-Debt-Collector-Il-Ritorno-2020-iTA-ENG-Bluray-1080p-x264-CYBER-mkv/ Frame 7CE9 3 KB
2 KB 43ms
42ms Document
text/html 172.67.155.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x2.xyz/torrent/5008602/The-Debt-Collector-Il-Ritorno-2020-iTA-ENG-Bluray-1080p-x264-CYBER-mkv/
Requested by: Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.155.236 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: cccdbac079db3798f71396881f21a3007f32ab7b99bbc9de6ce7ee636188839e

Request headers

:method: POST
:authority: 1337x2.xyz
:scheme: https
:path: /torrent/5008602/The-Debt-Collector-Il-Ritorno-2020-iTA-ENG-Bluray-1080p-x264-CYBER-mkv/
content-length: 30
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://1337x2.xyz
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1337x2.xyz/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://1337x2.xyz
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/

Response headers

date: Sat, 09 Oct 2021 05:08:00 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
set-cookie: sam=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=1337x2.xyz
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYJV0szCzNbUJ1SiBRTNWq084TLYk0MmclUwJE5aRwTGN4yhO7E%2Bjd3vPs5%2BQtkeK7virt5KkSISPRvkJFU0XkSnIkxosUBcge2Q9pVUUPT0Gh9PdZLwuK9CfI98"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69b516acfdd64120-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 204 oZjAwMDZZUlVDUwINCQIBUwgA Show response
d1esebcdm6wx7j.cloudfront.net/ Frame 4302 0
300 B 42ms
11ms Script
text/plain 13.224.194.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1esebcdm6wx7j.cloudfront.net/oZjAwMDZZUlVDUwINCQIBUwgA
Requested by: Host: msgose.com
URL: https://msgose.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNTQwMjksInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-159.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Oct 2021 03:41:49 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
age: 5171
x-cache: Hit from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: DiFuiOT9bGbyn5xqg7X06jkUP9rBA-0RTF_dd1cSxCxoXAjLXbLC6A==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 7CE9 97 KB
38 KB 28ms
26ms Script
application/javascript 142.250.186.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-59

Requested by

Host: 1337x2.xyz
URL: https://1337x2.xyz/torrent/5008602/The-Debt-Collector-Il-Ritorno-2020-iTA-ENG-Bluray-1080p-x264-CYBER-mkv/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

81ede6a9e8ec3799021e98f701dc6a467bb88336e3515a7d875440528bd0e9ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 05:08:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39245
x-xss-protection: 0
last-modified: Sat, 09 Oct 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Oct 2021 05:08:00 GMT

GET
H3 200 waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNTQwMjksInNyYyI6Mn0=eyJ.js Show response
msgose.com/pw/ Frame 7CE9 146 KB
56 KB 41ms
23ms Script
application/javascript 104.21.48.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://msgose.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNTQwMjksInNyYyI6Mn0=eyJ.js
Requested by: Host: 1337x2.xyz
URL: https://1337x2.xyz/torrent/5008602/The-Debt-Collector-Il-Ritorno-2020-iTA-ENG-Bluray-1080p-x264-CYBER-mkv/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.48.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5280a16ad1d4adda987d3325c2c2bc292439d8d907967bcc0642c2df7f0c17b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 05:08:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
e-tag: b281d2c737282f5b9611da1abf4d6e7c
age: 6905
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 09 Oct 2021 03:12:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJFUdd9fr1dn2pJ7iU6RWNSJHEHyT0H%2B4wtSyrAeIpfOfe3Os9o1CoiEg6iHe1hm0E2Oa1ALLpZcx3KjsDZE5%2BxsBEaxee36qp9KOdBwOqclIGmGEXvdkX2YJDbQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://1337x2.xyz
cache-control: max-age=14400
cf-ray: 69b516ad6a535b2c-FRA

GET
H2 200 lazysizes.min.js Show response
afarkas.github.io/lazysizes/ Frame 7CE9 8 KB
4 KB 6ms
6ms Script
application/javascript 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://afarkas.github.io/lazysizes/lazysizes.min.js
Requested by: Host: 1337x2.xyz
URL: https://1337x2.xyz/torrent/5008602/The-Debt-Collector-Il-Ritorno-2020-iTA-ENG-Bluray-1080p-x264-CYBER-mkv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: 3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: bbe80edd1b77b35b0f1c1269e6e4f72b126584ba
date: Sat, 09 Oct 2021 05:08:00 GMT
content-encoding: gzip
age: 571
x-cache: HIT
content-length: 3497
x-served-by: cache-fra19130-FRA
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 09:28:46 GMT
server: GitHub.com
x-github-request-id: 6BB0:8B17:21954D:2560B1:614BCB05
x-timer: S1633756081.677460,VS0,VE0
etag: W/"60a2374e-1ed1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Thu, 23 Sep 2021 00:37:41 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-proxy-cache: HIT
x-cache-hits: 5

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 7CE9 48 KB
19 KB 7ms
6ms Script
text/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-59

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4014
date: Sat, 09 Oct 2021 04:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 09 Oct 2021 06:01:06 GMT

GET
H2 200 wnload Show response
yfetyg.com/ Frame 7CE9 356 B
464 B 217ms
212ms Fetch
application/javascript 185.162.85.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://yfetyg.com/wnload?a=1&e=aeyJwaWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNTQwMjksImQiOiIxMzM3eDIueHl6IiwibGkiOjF9&tz=0&if=1
Requested by: Host: msgose.com
URL: https://msgose.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNTQwMjksInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.162.85.2 , United Kingdom, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: a5f5993c6537f1daf749a20ef9fc875e01a2932054a3817b48afce44f959d6d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 09 Oct 2021 05:08:00 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 trace Show response
cloudflare.com/cdn-cgi/ Frame 7CE9 277 B
303 B 15ms
15ms Fetch
text/plain 104.16.133.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflare.com/cdn-cgi/trace

Requested by

Host: msgose.com
URL: https://msgose.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNTQwMjksInNyYyI6Mn0=eyJ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.229 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c8bee4fcc792cf8fef5c0d08358f120d04856513e0b8691fb81b9cafd3bb3ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 05:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 69b516af8cd45b44-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
BLOB 200
OK 73285972-425e-4f93-88d8-7467760b2b30
https://1337x2.xyz/ Frame 7CE9 91 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://1337x2.xyz/73285972-425e-4f93-88d8-7467760b2b30
Requested by: Host: 1337x2.xyz
URL: https://1337x2.xyz/torrent/5008602/The-Debt-Collector-Il-Ritorno-2020-iTA-ENG-Bluray-1080p-x264-CYBER-mkv/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 91
Content-Type: application/javascript

GET a-ads.php
ipldekho.cyou/ Frame D3F6 0
0

GET
H2 200 wnrw
yfetyg.com/ Frame 4302 0
0 13ms
13ms Fetch 185.162.85.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://yfetyg.com/wnrw?aid=14087917815609839501&a=1
Requested by: Host: msgose.com
URL: https://msgose.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNTQwMjksInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.162.85.2 , United Kingdom, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: https://1337x2.xyz
date: Sat, 09 Oct 2021 05:08:00 GMT
server: nginx/1.18.0
content-length: 0

GET
H2 200 aCkBwp_Dl2g-vP-b0VELhQ6ispQm5f1Y.png
i.wmgtr.com/cic/ Frame A8AB 16 KB
16 KB 23ms
8ms Image
image/png 213.174.135.33
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.wmgtr.com/cic/aCkBwp_Dl2g-vP-b0VELhQ6ispQm5f1Y.png

Requested by

Host: 1337x2.xyz
URL: https://1337x2.xyz/sub/54/0/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.174.135.33 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

f87374afac4597ddfd708721e08d0afc0256c247fa910304619ac2f4ccaabd00

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 05:08:00 GMT
content-encoding: gzip
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
expires: Sat, 09 Oct 2021 17:08:00 GMT
cache-control: max-age=43200
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

POST
H3 200 / Show response
1337x1.site/ Frame DBF8 417 B
866 B 562ms
543ms Document
text/html 172.67.193.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x1.site/
Requested by: Host: 1337x2.xyz
URL: https://1337x2.xyz/sub/54/0/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.193.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.0RC3
Resource Hash: 745a564aff9a9127baf5dcc2add83751d8f7eedece0c0cf897e1e0c1d91f7684

Request headers

:method: POST
:authority: 1337x1.site
:scheme: https
:path: /
content-length: 24
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://1337x1.site
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1337x1.site/submit.php
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://1337x1.site
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1337x1.site/submit.php

Response headers

date: Sat, 09 Oct 2021 05:08:01 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.1.0RC3
set-cookie: sam=sam; expires=Mon, 08-Nov-2021 05:08:01 GMT; Max-Age=2592000; path=/; domain=1337x1.site
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=by9EfeEY17BJeCV71JlPjxzfoIg1D1HMaiHSGQYMit1CXTg59kPCanG8m3O5h1ECIIAky1sTWjEIvOunWVYVYbz1L%2FLVkjMf%2B8RewDYj4M6bECrQJihpW1o1UqnP3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69b516b07a5b4131-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 adManager.js Show response
js.wpadmngr.com/static/ Frame 7CE9 217 B
429 B 22ms
7ms Script
application/javascript 213.174.135.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.js
Requested by: Host: msgose.com
URL: https://msgose.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNTQwMjksInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 80de47821654fdda2f463506ec525ef1e5f3788e5aa8638793034fe79162935e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 05:08:00 GMT
content-encoding: gzip
last-modified: Thu, 02 Sep 2021 08:45:08 GMT
server: nginx/1.18.0
etag: W/"61308f14-d9"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 09 Oct 2021 06:08:00 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 adManager.m.js Show response
js.wpadmngr.com/static/ Frame 7CE9 64 KB
25 KB 19ms
6ms Script
application/javascript 213.174.135.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 850a5427b601f5d72a7b54a033c7240d48a406c19a4c445a9cc52ad36d88cc35

Request headers

Referer: https://1337x2.xyz/
Origin: https://1337x2.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 05:08:00 GMT
content-encoding: gzip
last-modified: Fri, 01 Oct 2021 15:35:33 GMT
server: nginx/1.18.0
etag: W/"61572ac5-fef5"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 09 Oct 2021 06:08:00 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 5380 Show response
na.nawpush.com/tags/ Frame 7CE9 264 B
379 B 21ms
6ms XHR
text/plain 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/5380
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 52bf59c630dd2da60a6a9e7ecf66eedae0f00bcd435ec6f1d855f3b4c17898b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 09 Oct 2021 05:08:00 GMT
cache-control: max-age=300, public
content-type: text/plain; charset=utf-8
server: nginx/1.18.0
content-encoding: gzip
x-proxy-cache: HIT

GET
H2 200 wp-banners.js Show response
js.wpadmngr.com/npc/sdk/ Frame 7CE9 0
238 B 6ms
5ms Script
application/javascript 213.174.135.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 05:08:00 GMT
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
server: nginx/1.18.0
etag: "611fc6d7-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 09 Oct 2021 06:08:00 GMT
cache-control: max-age=3600
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

GET
H2 200 wnrw
yfetyg.com/ Frame 7CE9 0
0 14ms
13ms Fetch 185.162.85.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://yfetyg.com/wnrw?aid=7381844620601935168&a=1
Requested by: Host: msgose.com
URL: https://msgose.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNTQwMjksInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.162.85.2 , United Kingdom, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: https://1337x2.xyz
date: Sat, 09 Oct 2021 05:08:00 GMT
server: nginx/1.18.0
content-length: 0

GET
H2 200 tJjoCJVW2JLBdXDs41YjhyvpauvC5iY8.png
i.wmgtr.com/cic/ Frame BB3B 18 KB
18 KB 7ms
7ms Image
image/png 213.174.135.33
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.wmgtr.com/cic/tJjoCJVW2JLBdXDs41YjhyvpauvC5iY8.png

Requested by

Host: hebeboard.aino.pk
URL: http://hebeboard.aino.pk/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.174.135.33 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

8757a7eabd86dc59525cebb08fc8c75d94a89112bd9c2a4523fd442c674c8e08

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 05:08:00 GMT
content-encoding: gzip
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
expires: Sat, 09 Oct 2021 17:08:00 GMT
cache-control: max-age=43200
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

GET
H2 200 csub.js Show response
js.wpushsdk.com/npc/sdk/wpu/ Frame 7CE9 8 KB
3 KB 20ms
6ms Script
application/javascript 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 4e6e557e3330ec122ad4205be0aa8f4c5fbc5fdd77990d49eb16c802c9ef9b57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 05:08:00 GMT
content-encoding: gzip
last-modified: Mon, 23 Aug 2021 06:06:24 GMT
server: nginx/1.18.0
etag: W/"61233ae0-1e8b"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 09 Oct 2021 06:08:00 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

POST
H3 200 / Show response
1337x1.site/torrent/5010184/The-Manor-2021-1080p-AMZN-WEB-DL-DDP5-1-H-264-CMRG-TGx/ Frame DBF8 3 KB
2 KB 281ms
281ms Document
text/html 172.67.193.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x1.site/torrent/5010184/The-Manor-2021-1080p-AMZN-WEB-DL-DDP5-1-H-264-CMRG-TGx/
Requested by: Host: 1337x2.xyz
URL: https://1337x2.xyz/sub/54/0/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.193.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.0RC3
Resource Hash: 30eb6c13e40c38675c89b2767d8558ecee94b3da3e942532858a5d86743e52bb

Request headers

:method: POST
:authority: 1337x1.site
:scheme: https
:path: /torrent/5010184/The-Manor-2021-1080p-AMZN-WEB-DL-DDP5-1-H-264-CMRG-TGx/
content-length: 30
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://1337x1.site
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1337x1.site/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://1337x1.site
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1337x1.site/

Response headers

date: Sat, 09 Oct 2021 05:08:01 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/8.1.0RC3
set-cookie: sam=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=1337x1.site
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YqWFNtwLSR%2Fpk6ZIcQcWB5%2B9N7eZFprTJCuIINO5NwaMrr7JVNJaTEQefQ4%2FbiOtRnYwu6bZaH7F0jfMq3AJehomUISfMwSxR5%2FulhEATxedWKKbe1Fj3b5ZyE9TVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69b516b3fb9b4131-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame DBF8 97 KB
38 KB 26ms
25ms Script
application/javascript 142.250.186.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-49

Requested by

Host: 1337x1.site
URL: https://1337x1.site/torrent/5010184/The-Manor-2021-1080p-AMZN-WEB-DL-DDP5-1-H-264-CMRG-TGx/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4c3fd5ec7ad0afef9f99bd0aab9febd86927cde968da4232cee7a2ebd127088c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x1.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 05:08:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39244
x-xss-protection: 0
last-modified: Sat, 09 Oct 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Oct 2021 05:08:01 GMT

GET
H/1.1 200
OK script.js Show response
js.cdnspace.io/1/ Frame DBF8 92 KB
28 KB 64ms
29ms Script
application/javascript 109.206.162.211
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.cdnspace.io/1/script.js?t=2021995
Requested by: Host: 1337x1.site
URL: https://1337x1.site/torrent/5010184/The-Manor-2021-1080p-AMZN-WEB-DL-DDP5-1-H-264-CMRG-TGx/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 109.206.162.211 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 211.162.serverel.net
Software: nginx /
Resource Hash: d189678eb66906db36aa3c3b4fd57bb1f4ca34b9fbed949c9bfec71f1b764e10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x1.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 09 Oct 2021 05:08:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Aug 2021 16:33:18 GMT
Server: nginx
ETag: W/"611d364e-16f0e"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1800, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 09 Oct 2021 05:38:01 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame DBF8 48 KB
19 KB 7ms
7ms Script
text/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-49

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x1.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4015
date: Sat, 09 Oct 2021 04:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 09 Oct 2021 06:01:06 GMT

GET
H2 200 w.js Show response
jscdn.cloud/ Frame DBF8 28 KB
29 KB 295ms
258ms Script
text/javascript 109.206.168.5
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jscdn.cloud/w.js?isr=1&wtoken=18bdbc31-55ab-4f10-b621-9b377aa4165b&u=731700&userid=null&t=2044&sid=1337x1.site&r=0.8275477299823017
Requested by: Host: js.cdnspace.io
URL: https://js.cdnspace.io/1/script.js?t=2021995
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.206.168.5 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 109.206.168.5.serverel.net
Software: binder-v4.3.4 /
Resource Hash: 7530465b872b6b71051a1023f5871b5399f656581b6523e0187dee18d0c2c58b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x1.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 09 Oct 2021 05:08:02 GMT
server: binder-v4.3.4
x-response-code: 20200
content-length: 29063
access-control-allow-methods: GET, POST
content-type: text/javascript

GET
H2

200

614075c9eeea5t1631614409r9619.jpg
i.cdnkimg.com/auto/192/image/vk/4074/74/ Frame A6F9
Redirect Chain

https://wideliv.com/b2/l/i/icon?cid=1&eid=10592&n=a29094e2b9ccb4c51188b373&nid=1&sid=%2FZTO0fBhL2z4LZBg6RxDKo5BqRv1ioVlkXBBkJDXJfLScDpkaKe2gztYOac8zIrCBlHBcXVAbe8%2Bltl1%2FnXFrQpKr8NiOlp5AwQJA%2FCY...
https://s.viitgb.com/nurl/590/nnme43dhbf7v4adhlvgfiycnmbra67lrwolvy26ax7vk5kohw2lm2v37j5mvqke2kzqfccmqwtsil7mjyduhiuh3v23n2sj34g2plec7icqg5ocxdzbzx3gmkzfcm6djgjla7kq3erdrzoz7gbutevspjnq2ar6ukm44c2b...
https://i.cdnkimg.com/auto/192/image/vk/4074/74/614075c9eeea5t1631614409r9619.jpg

15 KB
15 KB

34ms
7ms

Image
image/jpeg

213.174.135.37
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.cdnkimg.com/auto/192/image/vk/4074/74/614075c9eeea5t1631614409r9619.jpg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.37 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: ee0801f5ebae2b8f3a546f47229ca18784525bb883caf4440b960a5c7c715070

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x1.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 05:08:03 GMT
server: nginx/1.18.0
x-cache-status: MISS
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 23 Oct 2021 05:08:03 GMT
cache-control: max-age=1209600
content-length: 15093
x-proxy-cache: HIT

Redirect headers

location: https://i.cdnkimg.com/auto/192/image/vk/4074/74/614075c9eeea5t1631614409r9619.jpg
date: Sat, 09 Oct 2021 05:08:03 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

8xCM9hXcvvfS0AuoKBMCo8RJBdDgjbo3HxMijDjj.png
reiz.xyz/ Frame A6F9
Redirect Chain

https://wideliv.com/b2/l/i/icon?cid=1&eid=10592&n=4759a1b9c0f93abed932ce09&nid=1&sid=54QnkA4kuag9hnjNwxv5EYHJagZ9YMy%2Ftch%2BEcELevhNCkDQdRTym1uARpxxS1UTjX9AhnY5Ttd5Zjumh%2FRLHXv3ez3Pmq1K7YspjoYfuT...
https://reiz.xyz/8xCM9hXcvvfS0AuoKBMCo8RJBdDgjbo3HxMijDjj.png

18 KB
19 KB

165ms
124ms

Image
image/webp

172.67.195.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://reiz.xyz/8xCM9hXcvvfS0AuoKBMCo8RJBdDgjbo3HxMijDjj.png

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.195.8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c688b910213dde65696a7c0419d6d94bdf3bb78f9b1ef1a30f9e12d94d2dfe3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x1.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 05:08:03 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18938
x-hw: 1633753486.dop245.am5.shc,1633753486.dop245.am5.t,1633753486.cds112.am5.c
last-modified: Thu, 07 Oct 2021 11:08:24 GMT
server: cloudflare
cache-control: public, max-age=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0v2d3ECLnbIXEW1%2BFIIP5TQc8hAJqwge3pMfZEB08xXo8R%2FRXmyWg2pe6ENoa71m833LpJ5S8rBeS040izV6hN6kZLfjk1H21Obi62Sg0HhUIdhLmvte0YnFkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 69b516c378e527c0-PRG
expires: Sun, 10 Oct 2021 05:08:03 GMT

Redirect headers

location: https://reiz.xyz/8xCM9hXcvvfS0AuoKBMCo8RJBdDgjbo3HxMijDjj.png
date: Sat, 09 Oct 2021 05:08:03 GMT
server: dspclick-v3.6.6
content-length: 0

GET
H2

200

XML8zou80R17SOGE81z0h5Ahl8DiPoM5oshCv09i.png
reiz.xyz/ Frame A6F9
Redirect Chain

https://wideliv.com/b2/l/i/icon?cid=1&eid=10592&n=ee22632627bcb829820cd418&nid=1&sid=FnoxTdFNi3ZetY%2F6jdH1%2ByRYRKFvSzuemJWOPVnRcjxUES3oNOAfuGU2diTvk7KDNhJOK%2F84qyVD9dyBetuYhIL6y099%2FYf9ezmklt4C...
https://reiz.xyz/XML8zou80R17SOGE81z0h5Ahl8DiPoM5oshCv09i.png

9 KB
10 KB

58ms
17ms

Image
image/webp

172.67.195.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://reiz.xyz/XML8zou80R17SOGE81z0h5Ahl8DiPoM5oshCv09i.png

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.195.8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d82129b1e1482f9625d5a204b8f82432f01c0815493dd79450078dc91856bb31

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x1.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 05:08:03 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24887
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9442
x-hw: 1633609572.dop128.am5.shc,1633609572.dop128.am5.t,1633609572.cds084.am5.c
last-modified: Fri, 08 Oct 2021 22:13:16 GMT
server: cloudflare
cache-control: public, max-age=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yrVAR3uNSevIgJjppEti4GXkITtHiERzl6sHS87yCRvCewIjbpcF9W2OtZJreyeQ9u8saQwDXCYwdolWKW4PPcBPmw0pxq05SErL4bGKY30%2B%2FrbkYlfDAncnmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 69b516c378e627c0-PRG
expires: Sat, 09 Oct 2021 22:13:16 GMT

Redirect headers

location: https://reiz.xyz/XML8zou80R17SOGE81z0h5Ahl8DiPoM5oshCv09i.png
date: Sat, 09 Oct 2021 05:08:03 GMT
server: dspclick-v3.6.6
content-length: 0

GET
H2

200

JG747VJcGT4lrTOCg7UXdLDzwE6MIln78SU0jEk1.png
reiz.xyz/ Frame A6F9
Redirect Chain

https://wideliv.com/b2/l/i/icon?cid=1&eid=10592&n=07384d981006519efd6f47cc&nid=1&sid=UoGOLayNsXndD%2BgTM6JPFbjfsT%2FJGF3CJkEqnQpla294R62u%2BMzCQXT%2FpkqfFxW2rCFr%2BDCi59WlQH8RgkIQAUJNKqxY54vx2up7g3...
https://reiz.xyz/JG747VJcGT4lrTOCg7UXdLDzwE6MIln78SU0jEk1.png

11 KB
11 KB

123ms
88ms

Image
image/webp

172.67.195.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://reiz.xyz/JG747VJcGT4lrTOCg7UXdLDzwE6MIln78SU0jEk1.png

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.195.8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe7d96154b44d67bb1c4d4d2ae386d0efd680435dbbe27ad8227b5af0064c2d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x1.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 05:08:03 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10810
x-hw: 1633753386.dop135.am5.shc,1633753386.dop135.am5.t,1633753386.cds111.am5.c
last-modified: Thu, 07 Oct 2021 23:42:25 GMT
server: cloudflare
cache-control: public, max-age=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zZi46zXKGvo2IraCW%2Ftu48H%2FWtHMSPByG3JFrzwhtTtLL2NOW5CfoL%2BNQVFZeQmvTG4DDPtFtqiZd03JAlomFNxzW5R%2FycZTezUIOAsglleFJumN1zyiZO3YLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 69b516c378e727c0-PRG
expires: Sun, 10 Oct 2021 05:08:03 GMT

Redirect headers

location: https://reiz.xyz/JG747VJcGT4lrTOCg7UXdLDzwE6MIln78SU0jEk1.png
date: Sat, 09 Oct 2021 05:08:03 GMT
server: dspclick-v3.6.6
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ipldekho.cyou
URL: https://ipldekho.cyou/a-ads.php

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hebeboard.aino.pk/	1969-12-31 23:59:59	Name: hebeboard_aino_pk Value: 94e6d4e6db142269d2949778617ca98d
.aino.pk/	1970-01-20 15:20:28	Name: _ga Value: GA1.2.1839467852.1633756080
.aino.pk/	1970-01-19 21:50:42	Name: _gid Value: GA1.2.1115146201.1633756080
.aino.pk/	1970-01-19 21:49:16	Name: _gat Value: 1
.aino.pk/	1970-01-19 21:49:16	Name: _gat_gtag_UA_46789381_15 Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://pl15024262.performancetrustednetwork.com/92/4a/49/924a493b70390a3b05cf6950985a02a2.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://pl15024262.performancetrustednetwork.com/92/4a/49/924a493b70390a3b05cf6950985a02a2.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
security	error	URL: https://afarkas.github.io/lazysizes/lazysizes.min.js(Line 2) Message: Mixed Content: The page at 'https://1337x2.xyz/sub/54/0/' was loaded over HTTPS, but requested an insecure frame 'http://ipldekho.fun/a-ads.php'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1337x1.site
1337x2.xyz
ad.jetx.info
afarkas.github.io
cloudflare.com
counter.jdi5.com
d1esebcdm6wx7j.cloudfront.net
fastcdn.jdi5.com
hebeboard.aino.pk
i.cdnkimg.com
i.wmgtr.com
imgcdn1.jdi5.com
ipldekho.cyou
js.cdnspace.io
js.wpadmngr.com
js.wpushsdk.com
jscdn.cloud
msgose.com
na.nawpush.com
pl15024262.performancetrustednetwork.com
reiz.xyz
s.viitgb.com
stats.g.doubleclick.net
thumbs2.redgifs.com
wideliv.com
widget.supercounters.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.supercounters.com
yfetyg.com
ipldekho.cyou
104.16.133.229
104.18.5.207
104.21.23.173
104.21.40.186
104.21.48.29
104.21.66.8
109.206.162.211
109.206.168.5
13.224.194.159
142.250.185.132
142.250.186.72
142.250.186.78
172.104.29.90
172.67.155.236
172.67.156.75
172.67.193.218
172.67.195.8
185.162.85.2
185.199.109.153
192.243.59.20
213.174.135.24
213.174.135.25
213.174.135.33
213.174.135.37
31.220.27.135
45.14.224.146
66.102.1.157
10f63d560df0ca2ba18d7497ad646f89a77746cfedca4ebf44feaea51df75597
15f7a149c6466594513c6f6943894406cba7ea783dd9d2fa64ababb9482dc1a0
19aec6eea673392896d110e918323a1adccaa3647b1a3e0b9f909263e77d478b
2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384
30eb6c13e40c38675c89b2767d8558ecee94b3da3e942532858a5d86743e52bb
34fd2da324c86e1b17d7db4aca6cfd7475e84c4c7f1e1696af1f8f98f928297e
3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b
4c3fd5ec7ad0afef9f99bd0aab9febd86927cde968da4232cee7a2ebd127088c
4c8bee4fcc792cf8fef5c0d08358f120d04856513e0b8691fb81b9cafd3bb3ee
4e6e557e3330ec122ad4205be0aa8f4c5fbc5fdd77990d49eb16c802c9ef9b57
4ead34ae7afa2b0f1a7dd912b8579c75cc716fae44cfdf2845aaab852854b3fb
5280a16ad1d4adda987d3325c2c2bc292439d8d907967bcc0642c2df7f0c17b4
52bf59c630dd2da60a6a9e7ecf66eedae0f00bcd435ec6f1d855f3b4c17898b2
53af4010907dde3cc86bd10a52303767c21d1f966970cbb5e6925fbc7cd0a872
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
62f16b707726f6f4ea198776fc897629b4086202b788a1e1f5c502abe7437e75
745a564aff9a9127baf5dcc2add83751d8f7eedece0c0cf897e1e0c1d91f7684
7530465b872b6b71051a1023f5871b5399f656581b6523e0187dee18d0c2c58b
777f02f0cd48d7beef23da311bce41f5763da9805e9093eac530c96b24858d37
80de47821654fdda2f463506ec525ef1e5f3788e5aa8638793034fe79162935e
81ede6a9e8ec3799021e98f701dc6a467bb88336e3515a7d875440528bd0e9ff
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
850a5427b601f5d72a7b54a033c7240d48a406c19a4c445a9cc52ad36d88cc35
8757a7eabd86dc59525cebb08fc8c75d94a89112bd9c2a4523fd442c674c8e08
8b5a43190d9ea5b0ace924eb9241583e01735a1c1544a01fd15016d2b19fd81f
8f530bfa2c38b91f1fc244604bb6db7381662a0a44f151bf368d310ced331442
946f17cbf7585ff68bf58c1ef9d340c59760d3b1a7ab4a264590ae10cc1b2294
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a5f5993c6537f1daf749a20ef9fc875e01a2932054a3817b48afce44f959d6d1
abc2606b799fc42ee9f7c59590f0e3a7fc8f9db56c476002bcdfd3f06d0622d7
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b01052595d22238c23ad27dfb118270dc17124aa47731d3308824fbf182511b6
c688b910213dde65696a7c0419d6d94bdf3bb78f9b1ef1a30f9e12d94d2dfe3f
cccdbac079db3798f71396881f21a3007f32ab7b99bbc9de6ce7ee636188839e
d189678eb66906db36aa3c3b4fd57bb1f4ca34b9fbed949c9bfec71f1b764e10
d82129b1e1482f9625d5a204b8f82432f01c0815493dd79450078dc91856bb31
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df0784e940a1307c17c93bbaacfaea21e273f54bb9eea02ff6f7fe08465c0c1e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60edfe588763b98624f9ffdeb2fe4ac194bfafb79bde9609d3b58f54ae6218e
e9b281d1d3a53a42aaa13f8b0e5b332da80515dd3f010481193953038d8fa7ef
ee0801f5ebae2b8f3a546f47229ca18784525bb883caf4440b960a5c7c715070
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4074ef5314004473b39b8a5cd9c10c4885bda81e9a72d62d2d192f91d166299
f55305c1eb95d27c0b58235590a184a11b5093f7481b48862645b2dc45d458cf
f87374afac4597ddfd708721e08d0afc0256c247fa910304619ac2f4ccaabd00
fa469415cc9cb639690cf06ebe39f20974dc55518193087ece799355248087ac
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe7d96154b44d67bb1c4d4d2ae386d0efd680435dbbe27ad8227b5af0064c2d0

hebeboard.aino.pk Open in urlscan Pro 45.14.224.146 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

80 Requests

71 %HTTPS

0 %IPv6

28 Domains

31 Subdomains

26 IPs

4 Countries

1641 kBTransfer

9209 kBSize

5 Cookies

13 Outgoing links

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hebeboard.aino.pk Open in urlscan Pro
45.14.224.146 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

71 %
HTTPS

0 %
IPv6

28
Domains

31
Subdomains

26
IPs

4
Countries

1641 kB
Transfer

9209 kB
Size

5
Cookies

80 HTTP transactions
-2 data transactions