stfly.me Open in urlscan Pro
2606:4700:3037::681f:53b5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://stfly.io/VegasPro16
Effective URL:
https://stfly.me/VegasPro16
Submission: On July 24 via api (July 24th 2020, 4:11:26 am UTC) from US

Summary HTTP 49 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 21 domains to perform 49 HTTP transactions. The main IP is 2606:4700:3037::681f:53b5, located in United States and belongs to CLOUDFLARENET, US. The main domain is stfly.me.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 19th 2020. Valid for: a year.

This is the only time stfly.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3030::6812:3cad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 9	2606:4700:303... 2606:4700:3037::681f:53b5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3035::681b:b97f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.112.193 151.101.112.193	54113 (FASTLY) (FASTLY)
2	139.45.196.67 139.45.196.67	9002 (RETN-AS) (RETN-AS)
4	139.45.195.145 139.45.195.145	9002 (RETN-AS) (RETN-AS)
1	13.35.253.201 13.35.253.201	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:85e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.206.71.220 52.206.71.220	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:97b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:817::2004	15169 (GOOGLE) (GOOGLE)
5	52.222.174.108 52.222.174.108	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	52.222.174.159 52.222.174.159	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
2 2	198.134.116.29 198.134.116.29	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
49	21

1 2606:4700:3030::6812:3cad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

stfly.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3037::681f:53b5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

stfly.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::681b:b97f (United States)

ASN13335 (CLOUDFLARENET, US)

shrtfly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.196.67 (Ascension Island)

ASN9002 (RETN-AS, EU)

graizoah.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.195.145 (Ascension Island)

ASN9002 (RETN-AS, EU)

upgulpinon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.201 (Seattle, United States)

ASN16509 (AMAZON-02, US)

d36zfztxfflmqo.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.206.71.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

tabookbusines.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:97b (United States)

ASN13335 (CLOUDFLARENET, US)

static.lalaping.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:817::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.222.174.108 (Seattle, United States)

ASN16509 (AMAZON-02, US)

evatelyenu.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.174.159 (Seattle, United States)

ASN16509 (AMAZON-02, US)

edcredition.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.254 (Ascension Island)

ASN9002 (RETN-AS, EU)

o.wowreality.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.134.116.29 (Garden City, United States) 2 redirects

ASN27257 (WEBAIR-INTERNET, US)

xml.realtime-bid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

static.realtime-bid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	stfly.me 1 redirects stfly.me	229 KB
7	google.com www.google.com	35 KB
5	evatelyenu.club evatelyenu.club	3 KB
4	realtime-bid.com xml.realtime-bid.com Failed static.realtime-bid.com	49 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	171 KB
4	upgulpinon.com upgulpinon.com	123 KB
3	imgur.com i.imgur.com	183 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	graizoah.com graizoah.com	21 KB
2	shrtfly.com shrtfly.com	80 KB
1	wowreality.info o.wowreality.info	395 B
1	doubleclick.net stats.g.doubleclick.net	99 B
1	edcredition.club edcredition.club	365 B
1	googletagmanager.com www.googletagmanager.com	34 KB
1	recaptcha.net www.recaptcha.net	907 B
1	lalaping.com static.lalaping.com	32 KB
1	tabookbusines.info tabookbusines.info	24 KB
1	cloudflare.com ajax.cloudflare.com	4 KB
1	cloudfront.net d36zfztxfflmqo.cloudfront.net	82 KB
1	googleapis.com fonts.googleapis.com	590 B
1	stfly.io 1 redirects stfly.io	607 B
49	21

	Domain	Requested by
9	stfly.me	1 redirects stfly.me d36zfztxfflmqo.cloudfront.net ajax.cloudflare.com
7	www.google.com	stfly.me www.gstatic.com
5	evatelyenu.club	d36zfztxfflmqo.cloudfront.net
4	upgulpinon.com	stfly.me upgulpinon.com
3	fonts.gstatic.com	stfly.me graizoah.com
3	i.imgur.com	stfly.me
2	static.realtime-bid.com
2	xml.realtime-bid.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	graizoah.com	stfly.me graizoah.com
2	shrtfly.com	stfly.me
1	o.wowreality.info	static.lalaping.com
1	stats.g.doubleclick.net
1	www.gstatic.com	www.recaptcha.net
1	edcredition.club	stfly.me
1	www.googletagmanager.com	ajax.cloudflare.com
1	www.recaptcha.net	ajax.cloudflare.com
1	static.lalaping.com	upgulpinon.com
1	tabookbusines.info	stfly.me
1	ajax.cloudflare.com	stfly.me
1	d36zfztxfflmqo.cloudfront.net	stfly.me
1	fonts.googleapis.com	stfly.me
1	stfly.io	1 redirects
49	23

This site contains links to these domains. Also see Links.

Domain
shrtfly.com
bestcond1tions.com
www.facebook.com
twitter.com
t.me

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-19` - `2021-06-19`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2020-01-15` - `2022-03-16`	2 years	crt.sh
graizoah.com Let's Encrypt Authority X3	`2020-06-23` - `2020-09-21`	3 months	crt.sh
upgulpinon.com Let's Encrypt Authority X3	`2020-06-05` - `2020-09-03`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
cloudflare.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
tabookbusines.info Let's Encrypt Authority X3	`2020-07-16` - `2020-10-14`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
evatelyenu.club Amazon	`2020-07-13` - `2021-08-13`	a year	crt.sh
misc.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
edcredition.club Amazon	`2020-07-13` - `2021-08-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
o.wowreality.info Let's Encrypt Authority X3	`2020-05-19` - `2020-08-17`	3 months	crt.sh
*.realtime-bid.com AlphaSSL CA - SHA256 - G2	`2019-03-20` - `2021-03-20`	2 years	crt.sh

This page contains 7 frames:

Primary Page: https://stfly.me/VegasPro16
Frame ID: 9891BAC1B0AACCA6EEB30D5739FA18B1
Requests: 42 HTTP requests in this frame

Frame: https://graizoah.com/fac.php
Frame ID: 97E898FB5674097E12EDA629C17851FD
Requests: 1 HTTP requests in this frame

Frame: https://evatelyenu.club/NEI2M25VIFVeUVV/VBUbRi4LFlxyZwR1Cgd0TFUUQDpQVQJZM1kdDVgtQ1cIRi1YR0BaJ0IWXHIjYF0geBR+UF98AWNKPXcLV39cWBJUWCQMG3N5GXMWUQQpZxh5eAZ5dHtwO3MFTEsFehFBVztnC3x/XFgEVXFWRQ1ecRxiEQIFKHM2dVE6YRZ4dlsRcHBQCXkvfnAsRANcVDZ4KH9WIXYbQFAJfXFiWjcDBmILCH44YGA0cBQTASxRKVJJP2w2DnQEVxN/WQFwDWdyBFcXZ2Y4Wi5dewRTCnpZBmcYc34DehBkST9sMQFxJnoAU0oWZxhzfVhuAV5dPExvZFs2Wgx0VhRhCnxbVkELTnpecwF/VDtZEwdVA1ADU3YsDSFjZQNjO3cLL04xUFEDbXJVAygDDXQHV3IvA148TgdheCoMG1ACNAEYdGJLBgB3YD8BB1h9LHAVTnYLcQxaaituL2d0OF0QWH0sUTtVZCN2CwNjOH4peGtbWhN+Wy9SGn9wD0NkXEABWjILUil5JGB+IX9wcFQn
Frame ID: 9706AEB62146B6097AD0921106449225
Requests: 1 HTTP requests in this frame

Frame: https://evatelyenu.club/Tk51TU4vLBYgcS9zF2s7PCJIaHwIa0cLKn14Dys0OjYTKyIjPxpjLSIhACkoPCEbOWAgKwFofAgELCB2eioxKgwPCCweDDYXMhULJQ8iIX4AGjQPCwwbBi8YJgQmGjc2HzIOIioPPQh5DX0eCgYmFyMVCyUFJwwAFAkZdCgdGEUsGX93EAUmGC00CwcDGx46HQ8IOwcbHzkwGQ8qGzY6HBQPN3kWCikgFxg2KTIbDCYUJ3x/a3w3HBwUHSYqPgsLNHUBGTZEGggpDDkFDH8cOR9/CQ00PgwaDDMYHH9+PAoYJQwmKj4LGA0LBQ0lJwwcf348Hx8pdy0qYzk8MRg6BQ0eHxQLJkwYCxt2PQkYAyohCCoqKB4IAhgbMAEfJn8kFTYPKCAPFw0YMwgFBxsaBhwIHzkPCH8cNiEHBxYnKRoKGywpHCkpNw9+ISwjHCoFDR8EDxsbMAQZKTYhFTk6LzEhAAUNHh8CDzkZFwwiCD0VFnsMNnwYDA1FBCsIfz8uHDk6JwkiewY0HAwZFjADLxg5BSkLIjYUDikiCjZ8FwANJw8tGw8BKQgpaB8+ISA+SC4WJjQzKDoHFxEMPA
Frame ID: 3DC3BB1CB7BD8E002CC8B8302ECAB389
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-6TAUAAAAAKL0saU0Slb5ONwZmAbRGjyEbceW&co=aHR0cHM6Ly9zdGZseS5tZTo0NDM.&hl=en&v=r8WWNwsCvXtk22_oRSVCCZx9&size=normal&cb=iszr5lga2cjk
Frame ID: 7BD9FA7801595301B3BB5387CBDC8D54
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=r8WWNwsCvXtk22_oRSVCCZx9&k=6Ld-6TAUAAAAAKL0saU0Slb5ONwZmAbRGjyEbceW&cb=bfovj9z6lhfd
Frame ID: 45336387B583A4795D6437F42E7526C2
Requests: 1 HTTP requests in this frame

Frame: https://static.realtime-bid.com/n337/ad/300x300_dOIx9XwUt3scFXArorrf.png
Frame ID: BEE55F37BEA75F73253FE59DA87F86DB
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://stfly.io/VegasPro16 HTTP 301
http://stfly.me/VegasPro16 HTTP 301
https://stfly.me/VegasPro16 Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

49
Requests

98 %
HTTPS

55 %
IPv6

21
Domains

23
Subdomains

21
IPs

4
Countries

1089 kB
Transfer

2280 kB
Size

7
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://shrtfly.com/

Search URL Search Domain Scan URL

URL: https://shrtfly.com/payout-rates
Title: Publisher Rates

Search URL Search Domain Scan URL

URL: https://shrtfly.com/auth/signin
Title: Login

Search URL Search Domain Scan URL

URL: https://shrtfly.com/auth/signup
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://bestcond1tions.com/r/?token=2772ad7c27a44f28769d57539ed6b7a80cee7c73&q=Download-Your-File-48548

Search URL Search Domain Scan URL

URL: https://shrtfly.com/pages/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://shrtfly.com/pages/terms
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://shrtfly.com/pages/dmca
Title: DMCA

Search URL Search Domain Scan URL

URL: https://shrtfly.com/pages/faq
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/shrtflycom/

Search URL Search Domain Scan URL

URL: https://twitter.com/shrtfly

Search URL Search Domain Scan URL

URL: https://t.me/shrtfly

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://stfly.io/VegasPro16 HTTP 301
http://stfly.me/VegasPro16 HTTP 301
https://stfly.me/VegasPro16 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1786363191&t=pageview&_s=1&dl=https%3A%2F%2Fstfly.me%2FVegasPro16&ul=en-us&de=UTF-8&dt=ShrtFly&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1723611529&gjid=1856527812&cid=1031702691.1595563870&tid=UA-108199505-1&_gid=1287588839.1595563870&_r=1&gtm=2ou7f0&z=53192993 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-108199505-1&cid=1031702691.1595563870&jid=1723611529&_gid=1287588839.1595563870&gjid=1856527812&_v=j83&z=53192993

Request Chain 46

https://xml.realtime-bid.com/thumbnail?i=p6Ld5NhbaQ8_0&imgt=icon HTTP 302
https://static.realtime-bid.com/n337/ad/300x300_dOIx9XwUt3scFXArorrf.png

Request Chain 48

https://xml.realtime-bid.com/thumbnail?i=YOVE0m4C4BI_1&imgt=icon HTTP 302
https://static.realtime-bid.com/n337/ad/192x192_NOpFLsHou8g8VV0CUg5q.jpeg

49 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request VegasPro16 Show response
stfly.me/
Redirect Chain

http://stfly.io/VegasPro16
http://stfly.me/VegasPro16
https://stfly.me/VegasPro16

20 KB
9 KB

504ms
485ms

Document
text/html

2606:4700:3037::681f:53b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stfly.me/VegasPro16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:53b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5e2946ff0ae6604c6e19b9b9c7ac96afcacd0c3fd3935d22d538cfe041413f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: stfly.me
:scheme: https
:path: /VegasPro16
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 24 Jul 2020 04:11:07 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dc02eb931ce26ee0355e545cc2b2ad8841595563866; expires=Sun, 23-Aug-20 04:11:06 GMT; path=/; domain=.stfly.me; HttpOnly; SameSite=Lax; Secure lang=en_US; expires=Mon, 19-Jul-2021 04:11:07 GMT; Max-Age=31104000; path=/ AppSession=c7sjo3kubrundlei9lgapi575s; path=/; HttpOnly csrfToken=c38a518f7660b2ee6af7d30cfc0ef32b12f0bba5758b99c313bc7300e689a9f4d54d0f1fb530d319ffafcefee59e22e96795e7d363a3e90c987596aa56d8e734; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-request-id: 04209d928c0000d6ed9aa56200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5b7acb974dd1d6ed-FRA
content-encoding: br

Redirect headers

Date: Fri, 24 Jul 2020 04:11:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 24 Jul 2020 05:11:06 GMT
Location: https://stfly.me/VegasPro16
cf-request-id: 04209d926b0000177e372fd200000001
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 5b7acb971f57177e-FRA

GET
H2 200 css
fonts.googleapis.com/ 3 KB
590 B 15ms
13ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: stfly.me
URL: https://stfly.me/VegasPro16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ba110c59f4fdd97a91d83fb41f2acfa25928f830382f45c3e0b8bb1082fc06a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 24 Jul 2020 02:23:02 GMT
server: ESF
date: Fri, 24 Jul 2020 04:11:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Jul 2020 04:11:07 GMT

GET
H2 200 styles.min.css
stfly.me/cloud_theme/build/css/ 189 KB
31 KB 21ms
19ms Stylesheet
text/css 2606:4700:3037::681f:53b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stfly.me/cloud_theme/build/css/styles.min.css?ver=6.4.0

Requested by

Host: stfly.me
URL: https://stfly.me/VegasPro16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:53b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c59ab44d281e304245d6aaf1699661931145b1e31d11e3222c6a1dacf4e5ea63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 04:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1256272
status: 200
vary: Accept-Encoding,User-Agent
cf-request-id: 04209d94770000d6ed9aa82200000001
last-modified: Fri, 24 Apr 2020 12:49:40 GMT
server: cloudflare
etag: W/"2f202-5a408cc6de100-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cf-ray: 5b7acb9a5a5dd6ed-FRA
expires: Sat, 08 Aug 2020 15:13:15 GMT

GET
H2 200 logo.png
shrtfly.com/img/ 10 KB
11 KB 60ms
13ms Image
image/png 2606:4700:3035::681b:b97f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shrtfly.com/img/logo.png

Requested by

Host: stfly.me
URL: https://stfly.me/VegasPro16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681b:b97f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed26d7c4fc56c6f4e28024665daff8015fc9c0a7ec450f2b858f88d0591f0a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 04:11:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5263918
status: 200
content-length: 10621
cf-request-id: 04209d94a500001f4dfa192200000001
last-modified: Fri, 15 May 2020 19:29:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "297d-5a5b4d4767ce4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5b7acb9aaf7e1f4d-FRA
expires: Mon, 24 May 2021 05:59:08 GMT

GET
H2 200 XMJuk0H.png
i.imgur.com/ 29 KB
29 KB 162ms
52ms Image
image/png 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/XMJuk0H.png

Requested by

Host: stfly.me
URL: https://stfly.me/VegasPro16

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

55c8a115544d308e12907ffb8e012af90c4fd8b570f7fe739819e3cc3a565f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 04:11:07 GMT
x-content-type-options: nosniff
age: 11075100
x-cache: MISS, HIT
status: 200
content-length: 29637
x-served-by: cache-bwi5121-BWI, cache-hhn4064-HHN
last-modified: Tue, 10 Dec 2019 20:04:54 GMT
server: cat factory 1.0
x-timer: S1595563867.393393,VS0,VE0
etag: "7ba1b1af934a9f22446b9ccb2e3c08f3"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 8

GET
H2 200 service-worker.js Show response
stfly.me/ 93 KB
34 KB 18ms
16ms Script
application/javascript 2606:4700:3037::681f:53b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stfly.me/service-worker.js

Requested by

Host: stfly.me
URL: https://stfly.me/VegasPro16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:53b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b07896066a93d42080d1e46f1258421a2b89a91be490e4a53d33aa86604f8329

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 04:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1256272
cf-polished: origSize=95651
status: 200
cf-request-id: 04209d94780000d6ed9aa83200000001
expires: Sat, 08 Aug 2020 15:13:15 GMT
last-modified: Sat, 25 Apr 2020 13:55:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"175a3-5a41dd5d3fd00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cf-ray: 5b7acb9a5a62d6ed-FRA
cf-bgj: minify

GET
H/1.1 200
OK apu.php Show response
graizoah.com/ 58 KB
21 KB 256ms
88ms Script
application/javascript 139.45.196.67
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://graizoah.com/apu.php?zoneid=3381289

Requested by

Host: stfly.me
URL: https://stfly.me/VegasPro16

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.67 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

5b41b976c2376e4d5626e69295ff0156369e66a82a49877a979d74ea192ebf03

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 24 Jul 2020 04:11:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: dc9b987091452810c4b73a6c1888273a
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 1 Show response
upgulpinon.com/ 7 KB
4 KB 164ms
54ms Script
text/javascript 139.45.195.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://upgulpinon.com/1?z=3381275
Requested by: Host: stfly.me
URL: https://stfly.me/VegasPro16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.145 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: 459e6ccc3540a3c58eb3a0b70e3b8612f22332430791139de446bc1db0b75a5c

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jul 2020 04:11:07 GMT
content-encoding: gzip
x-sc: JYKbwOEkW0tSptnFzxDdym_J-BzO-N2t6fVMqDuD6Sz1fZA67cmKTcecJNUOULxE2nt-_JEu3f_cz-0zYEPRIuiOkJQ=
server: nginx
status: 200
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
d36zfztxfflmqo.cloudfront.net/ 246 KB
82 KB 358ms
227ms Script
text/plain 13.35.253.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d36zfztxfflmqo.cloudfront.net/?tzfzd=881745
Requested by: Host: stfly.me
URL: https://stfly.me/VegasPro16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.201 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d1277d5d5fad7fd40a7ad08ac251304d4c4db03607b152a6b99489837911afd

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jul 2020 04:11:07 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
status: 200
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 83209
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70f.cloudfront.net (CloudFront)
x-amz-cf-id: G7fsOG9NgYcsa6K5FcAoz8Bdzh90dQLpvu4UA1qMWsYM3gxQXiLIqQ==

GET
H2 200 fvnk6Rk.png
i.imgur.com/ 3 KB
4 KB 198ms
88ms Image
image/png 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/fvnk6Rk.png

Requested by

Host: stfly.me
URL: https://stfly.me/VegasPro16

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

bcd3623b2be5c416ac406ce48aa552622b1f3a088423d2f57bea8bc5dc2ef5af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 04:11:07 GMT
x-content-type-options: nosniff
age: 3684144
x-cache: HIT, HIT
status: 200
content-length: 3525
x-served-by: cache-bwi5132-BWI, cache-hhn4064-HHN
last-modified: Thu, 05 Sep 2019 21:35:27 GMT
server: cat factory 1.0
x-timer: S1595563867.393617,VS0,VE0
etag: "47b042d50e1c1d9f1170b59cbadfac99"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 8

GET
H2 200 cMAxDsS.png
i.imgur.com/ 150 KB
150 KB 201ms
92ms Image
image/png 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/cMAxDsS.png

Requested by

Host: stfly.me
URL: https://stfly.me/VegasPro16

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

90a3da07bde6febf9a630f2d00a543f3a9513df59a7262bd70bfe8d69f61a68b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 04:11:07 GMT
x-content-type-options: nosniff
age: 4907077
x-cache: HIT, HIT
status: 200
content-length: 153245
x-served-by: cache-bwi5147-BWI, cache-hhn4064-HHN
last-modified: Fri, 04 Oct 2019 22:52:48 GMT
server: cat factory 1.0
x-timer: S1595563867.393601,VS0,VE1
etag: "ef7618d20e94eb86f05211a19d37a265"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-storage-class: STANDARD_IA
x-cache-hits: 1, 1

GET
H2 200 email-decode.min.js Show response
stfly.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
859 B 9ms
8ms Script
application/javascript 2606:4700:3037::681f:53b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stfly.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: stfly.me
URL: https://stfly.me/VegasPro16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:53b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 04:11:07 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 21 Jul 2020 12:06:26 GMT
server: cloudflare
etag: W/"5f16da42-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
cf-ray: 5b7acb9a5a63d6ed-FRA
cf-request-id: 04209d94780000d6ed9aa84200000001
expires: Sun, 26 Jul 2020 04:11:07 GMT

GET
H2 200 ads.js Show response
stfly.me/js/ 190 B
319 B 12ms
10ms Script
application/javascript 2606:4700:3037::681f:53b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stfly.me/js/ads.js

Requested by

Host: stfly.me
URL: https://stfly.me/VegasPro16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:53b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d807c16e2160c2660ffd43bf8b8bc54eb39ecd044e823209c0ade70db965d5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 04:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1256272
cf-polished: origSize=191
status: 200
cf-request-id: 04209d94790000d6ed9aa85200000001
expires: Sat, 08 Aug 2020 15:13:15 GMT
last-modified: Mon, 02 Sep 2019 23:24:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"bf-5919a4731f240-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cf-ray: 5b7acb9a5a65d6ed-FRA
cf-bgj: minify

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 9ms
8ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: stfly.me
URL: https://stfly.me/VegasPro16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 04:11:07 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 21 Jul 2020 12:06:26 GMT
server: cloudflare
etag: W/"5f16da42-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 5b7acb9a5a5697a2-FRA
cf-request-id: 04209d9478000097a2998f5200000001
expires: Sun, 26 Jul 2020 04:11:07 GMT

GET
H2 200 VE1Fb0wvbzYYEyE%2FKU12diUxGzwnd2pAPyArKRZiOShqHCkmOywMKXk6Kh0nMT9rBT92YWccITJvf15gdjkkCBM9KWdVbmx%2FcVx8ZG9pTT8hLxoGKGZvf015NnghVnlgdWgJfGMuaFt%2FZnloVygxf2hfdDB%2Bclt%2BYSkmDn12MA Show response
tabookbusines.info/ 58 KB
24 KB 429ms
141ms Script
application/javascript 52.206.71.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tabookbusines.info/VE1Fb0wvbzYYEyE%2FKU12diUxGzwnd2pAPyArKRZiOShqHCkmOywMKXk6Kh0nMT9rBT92YWccITJvf15gdjkkCBM9KWdVbmx%2FcVx8ZG9pTT8hLxoGKGZvf015NnghVnlgdWgJfGMuaFt%2FZnloVygxf2hfdDB%2Bclt%2BYSkmDn12MA
Requested by: Host: stfly.me
URL: https://stfly.me/service-worker.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.206.71.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: 64665ef4a9700943c28eeca576aa9c333f9a88d893ef8157325ccb4188e968ab

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
etag: W/"e73b-EMyju09cSUE2HgjDG1G5sHgBIoo"
status: 200
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 header.jpg
shrtfly.com/ 69 KB
69 KB 20ms
15ms Image
image/jpeg 2606:4700:3035::681b:b97f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shrtfly.com/header.jpg

Requested by

Host: stfly.me
URL: https://stfly.me/VegasPro16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681b:b97f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad46bcc373832fe59626351343266f4c10a625c99ba868bfcd6f8b0f2eb69b0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 04:11:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1434913
status: 200
content-length: 70376
cf-request-id: 04209d94a500001f4dfa193200000001
last-modified: Fri, 24 Apr 2020 04:18:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "112e8-5a401a8b65f00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5b7acb9aaf7f1f4d-FRA
expires: Wed, 07 Jul 2021 13:35:54 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: stfly.me
URL: https://stfly.me/VegasPro16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Origin: https://stfly.me

Response headers

date: Wed, 08 Jul 2020 23:44:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:54 GMT
server: sffe
age: 1312000
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14176
x-xss-protection: 0
expires: Thu, 08 Jul 2021 23:44:27 GMT

GET
H2 200 fontawesome-webfont.woff2
stfly.me/cloud_theme/build/fonts/ 75 KB
76 KB 15ms
15ms Font
font/woff2 2606:4700:3037::681f:53b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stfly.me/cloud_theme/build/fonts/fontawesome-webfont.woff2

Requested by

Host: stfly.me
URL: https://stfly.me/VegasPro16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:53b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://stfly.me/cloud_theme/build/css/styles.min.css?ver=6.4.0
Origin: https://stfly.me

Response headers

date: Fri, 24 Jul 2020 04:11:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6441
status: 200
cf-request-id: 04209d94a20000d6ed9aa8d200000001
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"12d68-5919a47413480-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: font/woff2
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-ray: 5b7acb9a9ab8d6ed-FRA

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: stfly.me
URL: https://stfly.me/VegasPro16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Origin: https://stfly.me

Response headers

date: Thu, 23 Jul 2020 00:25:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 99961
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Fri, 23 Jul 2021 00:25:06 GMT

GET
H2 200 743ba6fe8261e2e825d3f04c576e6571 Show response
upgulpinon.com/27/ 360 KB
118 KB 81ms
80ms Script
application/javascript 139.45.195.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://upgulpinon.com/27/743ba6fe8261e2e825d3f04c576e6571

Requested by

Host: upgulpinon.com
URL: https://upgulpinon.com/1?z=3381275

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.145 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

f77be9ed5e29dcb25d3a3aca4d9dcba7d1168359e9c5f58ba186a59e72c64b86

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 04:11:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 13 Jul 2020 05:30:51 GMT
server: nginx
status: 200
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
cache-control: max-age:290304000, public
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 12 Aug 2080 05:30:51 GMT

GET
H2 200 38 Show response
upgulpinon.com/42/ 0
461 B 129ms
128ms Script
text/plain 139.45.195.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://upgulpinon.com/42/38?z=3381275
Requested by: Host: upgulpinon.com
URL: https://upgulpinon.com/1?z=3381275
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.145 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jul 2020 04:11:07 GMT
server: nginx
status: 200
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fac.php
graizoah.com/ Frame 97E8 0
0 59ms
58ms Document
text/html 139.45.196.67
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://graizoah.com/fac.php

Requested by

Host: graizoah.com
URL: https://graizoah.com/apu.php?zoneid=3381289

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.67 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Host: graizoah.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://stfly.me/VegasPro16
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: OAID=4b9cbae140f14517a4c28ad1cf4a44cc; oaidts=1595563867
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://stfly.me/VegasPro16

Response headers

Server: nginx
Date: Fri, 24 Jul 2020 04:11:07 GMT
Content-Type: text/html; charset=utf8
Content-Length: 203
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: * *
X-Trace-Id: e4fdf9b66568a49d8a85177cce8adeaa
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET
H2 200 online.js Show response
static.lalaping.com/ 81 KB
32 KB 31ms
15ms Script
application/javascript 2606:4700:20::681a:97b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lalaping.com/online.js?ver=2.0.0
Requested by: Host: upgulpinon.com
URL: https://upgulpinon.com/27/743ba6fe8261e2e825d3f04c576e6571
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:97b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d4c1a5cb08881bd2e504662656c8b2007d4fd18b3ed716dee3a7ef9aec5e2c4

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 04:11:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Jul 2020 11:58:43 GMT
server: cloudflare
age: 2960
etag: W/"5f05b4f3-14294"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5b7acb9ccf4905e4-FRA
cf-request-id: 04209d95fe000005e4d9967200000001

POST
H2 204 9 Show response
upgulpinon.com/ 0
470 B 56ms
55ms XHR
text/plain 139.45.195.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://upgulpinon.com/9?z=3381275&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fstfly.me%2FVegasPro16&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&sah=1200&drf=&hil=2&ist=0
Requested by: Host: upgulpinon.com
URL: https://upgulpinon.com/27/743ba6fe8261e2e825d3f04c576e6571
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.145 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 24 Jul 2020 04:11:07 GMT
server: nginx
status: 204
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://stfly.me
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 5 KB
5 KB 17ms
16ms Image
image/png 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png

Requested by

Host: stfly.me
URL: https://stfly.me/VegasPro16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 04:11:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
status: 200
cache-control: private, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5087
x-xss-protection: 0
expires: Fri, 24 Jul 2020 04:11:07 GMT

GET
H2 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 6 KB
6 KB 16ms
15ms Image
image/png 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

Requested by

Host: stfly.me
URL: https://stfly.me/VegasPro16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 04:11:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
status: 200
cache-control: private, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5969
x-xss-protection: 0
expires: Fri, 24 Jul 2020 04:11:07 GMT

GET
H2 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 13 KB
13 KB 16ms
15ms Image
image/png 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png

Requested by

Host: stfly.me
URL: https://stfly.me/VegasPro16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 04:11:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
status: 200
cache-control: private, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13504
x-xss-protection: 0
expires: Fri, 24 Jul 2020 04:11:07 GMT

GET
H2 200 googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 7 KB
7 KB 18ms
17ms Image
image/png 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png

Requested by

Host: stfly.me
URL: https://stfly.me/VegasPro16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 04:11:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
status: 200
cache-control: private, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7048
x-xss-protection: 0
expires: Fri, 24 Jul 2020 04:11:07 GMT

GET
H2 200 googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 4 KB
4 KB 17ms
16ms Image
image/png 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png

Requested by

Host: stfly.me
URL: https://stfly.me/VegasPro16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 04:11:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
status: 200
cache-control: private, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3934
x-xss-protection: 0
expires: Fri, 24 Jul 2020 04:11:07 GMT

GET
H2 204 utx Show response
evatelyenu.club/ 0
406 B 245ms
138ms XHR
text/plain 52.222.174.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://evatelyenu.club/utx?cb=PJO1AGuZxnyj&top=stfly.me&tid=881745
Requested by: Host: d36zfztxfflmqo.cloudfront.net
URL: https://d36zfztxfflmqo.cloudfront.net/?tzfzd=881745
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.174.108 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jul 2020 04:11:08 GMT
via: 1.1 d12467f4c051603df707c4dfa0fee85d.cloudfront.net (CloudFront)
server: openresty/1.15.8.2
x-amz-cf-pop: FRA54
status: 204
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://stfly.me
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: 9e18oqQ3hAiaVBcrh4q8Z6a0BSSoRixOfc8eOjPHTuS6UttFPU4RaQ==

GET
H2 200 VDtZEwdVA1ADU3YsDSFjZQNjO3cLL04xUFEDbXJVAygDDXQHV3IvA148TgdheCoMG1ACNAEYdGJLBgB3YD8BB1h9LHAVTnYLcQxaaituL2d0OF0QWH0sUTtVZCN2CwNjOH4peGtbWhN+Wy9SGn9wD0NkXEABWjILUil5JGB+IX9wcFQn
evatelyenu.club/NEI2M25VIFVeUVV/VBUbRi4LFlxyZwR1Cgd0TFUUQDpQVQJZM1kdDVgtQ1cIRi1YR0BaJ0IWXHIjYF0geBR+UF98AWNKPXcLV39cWBJUWCQMG3N5GXMWUQQpZxh5eAZ5dHtwO3MFTEsFehFBVztnC3x/XFgEVXFWRQ1ecRxiEQIFKHM2dVE6Y... Frame 9706 0
0 228ms
139ms Document
text/html 52.222.174.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://evatelyenu.club/NEI2M25VIFVeUVV/VBUbRi4LFlxyZwR1Cgd0TFUUQDpQVQJZM1kdDVgtQ1cIRi1YR0BaJ0IWXHIjYF0geBR+UF98AWNKPXcLV39cWBJUWCQMG3N5GXMWUQQpZxh5eAZ5dHtwO3MFTEsFehFBVztnC3x/XFgEVXFWRQ1ecRxiEQIFKHM2dVE6YRZ4dlsRcHBQCXkvfnAsRANcVDZ4KH9WIXYbQFAJfXFiWjcDBmILCH44YGA0cBQTASxRKVJJP2w2DnQEVxN/WQFwDWdyBFcXZ2Y4Wi5dewRTCnpZBmcYc34DehBkST9sMQFxJnoAU0oWZxhzfVhuAV5dPExvZFs2Wgx0VhRhCnxbVkELTnpecwF/VDtZEwdVA1ADU3YsDSFjZQNjO3cLL04xUFEDbXJVAygDDXQHV3IvA148TgdheCoMG1ACNAEYdGJLBgB3YD8BB1h9LHAVTnYLcQxaaituL2d0OF0QWH0sUTtVZCN2CwNjOH4peGtbWhN+Wy9SGn9wD0NkXEABWjILUil5JGB+IX9wcFQn
Requested by: Host: d36zfztxfflmqo.cloudfront.net
URL: https://d36zfztxfflmqo.cloudfront.net/?tzfzd=881745
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.174.108 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash

Request headers

:method: GET
:authority: evatelyenu.club
:scheme: https
:path: /NEI2M25VIFVeUVV/VBUbRi4LFlxyZwR1Cgd0TFUUQDpQVQJZM1kdDVgtQ1cIRi1YR0BaJ0IWXHIjYF0geBR+UF98AWNKPXcLV39cWBJUWCQMG3N5GXMWUQQpZxh5eAZ5dHtwO3MFTEsFehFBVztnC3x/XFgEVXFWRQ1ecRxiEQIFKHM2dVE6YRZ4dlsRcHBQCXkvfnAsRANcVDZ4KH9WIXYbQFAJfXFiWjcDBmILCH44YGA0cBQTASxRKVJJP2w2DnQEVxN/WQFwDWdyBFcXZ2Y4Wi5dewRTCnpZBmcYc34DehBkST9sMQFxJnoAU0oWZxhzfVhuAV5dPExvZFs2Wgx0VhRhCnxbVkELTnpecwF/VDtZEwdVA1ADU3YsDSFjZQNjO3cLL04xUFEDbXJVAygDDXQHV3IvA148TgdheCoMG1ACNAEYdGJLBgB3YD8BB1h9LHAVTnYLcQxaaituL2d0OF0QWH0sUTtVZCN2CwNjOH4peGtbWhN+Wy9SGn9wD0NkXEABWjILUil5JGB+IX9wcFQn
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://stfly.me/VegasPro16
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://stfly.me/VegasPro16

Response headers

status: 200
content-type: text/html
content-length: 1235
date: Fri, 24 Jul 2020 04:11:08 GMT
server: openresty/1.15.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 d12467f4c051603df707c4dfa0fee85d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA54
x-amz-cf-id: bFLtYU-qIfI32gEuXJkFa2LkSWsF6Dk7l8fkvKg5RkX7S8hYozU1dA==

GET
H2 204 utx Show response
evatelyenu.club/ 0
406 B 224ms
224ms XHR
text/plain 52.222.174.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://evatelyenu.club/utx?cb=6vkDHAvDKOG9&top=stfly.me&tid=882588
Requested by: Host: d36zfztxfflmqo.cloudfront.net
URL: https://d36zfztxfflmqo.cloudfront.net/?tzfzd=881745
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.174.108 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jul 2020 04:11:09 GMT
via: 1.1 d12467f4c051603df707c4dfa0fee85d.cloudfront.net (CloudFront)
server: openresty/1.15.8.2
x-amz-cf-pop: FRA54
status: 204
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://stfly.me
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: 82VKzmK00oWTfvs_17hyrfxa59hMSM_hjF-ZRLbAmrLf1kkdIi-0Ug==

GET
H2 200 CQ00PgwaDDMYHH9+PAoYJQwmKj4LGA0LBQ0lJwwcf348Hx8pdy0qYzk8MRg6BQ0eHxQLJkwYCxt2PQkYAyohCCoqKB4IAhgbMAEfJn8kFTYPKCAPFw0YMwgFBxsaBhwIHzkPCH8cNiEHBxYnKRoKGywpHCkpNw9+ISwjHCoFDR8EDxsbMAQZKTYhFTk6LzEhAAUNH...
evatelyenu.club/Tk51TU4vLBYgcS9zF2s7PCJIaHwIa0cLKn14Dys0OjYTKyIjPxpjLSIhACkoPCEbOWAgKwFofAgELCB2eioxKgwPCCweDDYXMhULJQ8iIX4AGjQPCwwbBi8YJgQmGjc2HzIOIioPPQh5DX0eCgYmFyMVCyUFJwwAFAkZdCgdGEUsGX93EAUmG... Frame 3DC3 0
0 223ms
223ms Document
text/html 52.222.174.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://evatelyenu.club/Tk51TU4vLBYgcS9zF2s7PCJIaHwIa0cLKn14Dys0OjYTKyIjPxpjLSIhACkoPCEbOWAgKwFofAgELCB2eioxKgwPCCweDDYXMhULJQ8iIX4AGjQPCwwbBi8YJgQmGjc2HzIOIioPPQh5DX0eCgYmFyMVCyUFJwwAFAkZdCgdGEUsGX93EAUmGC00CwcDGx46HQ8IOwcbHzkwGQ8qGzY6HBQPN3kWCikgFxg2KTIbDCYUJ3x/a3w3HBwUHSYqPgsLNHUBGTZEGggpDDkFDH8cOR9/CQ00PgwaDDMYHH9+PAoYJQwmKj4LGA0LBQ0lJwwcf348Hx8pdy0qYzk8MRg6BQ0eHxQLJkwYCxt2PQkYAyohCCoqKB4IAhgbMAEfJn8kFTYPKCAPFw0YMwgFBxsaBhwIHzkPCH8cNiEHBxYnKRoKGywpHCkpNw9+ISwjHCoFDR8EDxsbMAQZKTYhFTk6LzEhAAUNHh8CDzkZFwwiCD0VFnsMNnwYDA1FBCsIfz8uHDk6JwkiewY0HAwZFjADLxg5BSkLIjYUDikiCjZ8FwANJw8tGw8BKQgpaB8+ISA+SC4WJjQzKDoHFxEMPA
Requested by: Host: d36zfztxfflmqo.cloudfront.net
URL: https://d36zfztxfflmqo.cloudfront.net/?tzfzd=881745
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.174.108 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash

Request headers

:method: GET
:authority: evatelyenu.club
:scheme: https
:path: /Tk51TU4vLBYgcS9zF2s7PCJIaHwIa0cLKn14Dys0OjYTKyIjPxpjLSIhACkoPCEbOWAgKwFofAgELCB2eioxKgwPCCweDDYXMhULJQ8iIX4AGjQPCwwbBi8YJgQmGjc2HzIOIioPPQh5DX0eCgYmFyMVCyUFJwwAFAkZdCgdGEUsGX93EAUmGC00CwcDGx46HQ8IOwcbHzkwGQ8qGzY6HBQPN3kWCikgFxg2KTIbDCYUJ3x/a3w3HBwUHSYqPgsLNHUBGTZEGggpDDkFDH8cOR9/CQ00PgwaDDMYHH9+PAoYJQwmKj4LGA0LBQ0lJwwcf348Hx8pdy0qYzk8MRg6BQ0eHxQLJkwYCxt2PQkYAyohCCoqKB4IAhgbMAEfJn8kFTYPKCAPFw0YMwgFBxsaBhwIHzkPCH8cNiEHBxYnKRoKGywpHCkpNw9+ISwjHCoFDR8EDxsbMAQZKTYhFTk6LzEhAAUNHh8CDzkZFwwiCD0VFnsMNnwYDA1FBCsIfz8uHDk6JwkiewY0HAwZFjADLxg5BSkLIjYUDikiCjZ8FwANJw8tGw8BKQgpaB8+ISA+SC4WJjQzKDoHFxEMPA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://stfly.me/VegasPro16
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ut=x
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://stfly.me/VegasPro16

Response headers

status: 200
content-type: text/html
content-length: 1262
date: Fri, 24 Jul 2020 04:11:09 GMT
server: openresty/1.15.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 d12467f4c051603df707c4dfa0fee85d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA54
x-amz-cf-id: qNgK1IQ_GIMfI7qUmN8r_1mnLZOiVhcp5FV_cxL0zBRnVADzwd74bA==

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2

Requested by

Host: graizoah.com
URL: https://graizoah.com/apu.php?zoneid=3381289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Origin: https://stfly.me

Response headers

date: Tue, 14 Jul 2020 13:19:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:45 GMT
server: sffe
age: 831091
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13732
x-xss-protection: 0
expires: Wed, 14 Jul 2021 13:19:38 GMT

GET
H2 200 footer.jpg
stfly.me/cloud_theme/build/img/ 20 KB
20 KB 10ms
10ms Image
image/jpeg 2606:4700:3037::681f:53b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stfly.me/cloud_theme/build/img/footer.jpg

Requested by

Host: d36zfztxfflmqo.cloudfront.net
URL: https://d36zfztxfflmqo.cloudfront.net/?tzfzd=881745

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:53b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ab8db1a3831ba9c9d8b3400271ec0f0c54c4c9eb560ff0fc318dba077521209

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stfly.me/cloud_theme/build/css/styles.min.css?ver=6.4.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 04:11:09 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1256271
status: 200
content-length: 20644
cf-request-id: 04209d9c190000d6ed9ab02200000001
last-modified: Sat, 09 May 2020 01:24:25 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "50a4-5a52cf97581b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5b7acba68b50d6ed-FRA
expires: Fri, 09 Jul 2021 15:13:18 GMT

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 742 B
907 B 58ms
15ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8ef8c1badab58d7d913f20bb41d9941190f3afd6bc7041734366b48098f492ae

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 04:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 471
x-xss-protection: 1; mode=block
expires: Fri, 24 Jul 2020 04:11:09 GMT

GET
H2 200 script.min.js Show response
stfly.me/cloud_theme/build/js/ 202 KB
57 KB 23ms
23ms Script
application/javascript 2606:4700:3037::681f:53b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stfly.me/cloud_theme/build/js/script.min.js?ver=6.4.0

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::681f:53b5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 04:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1256271
status: 200
vary: Accept-Encoding,User-Agent
cf-request-id: 04209d9c260000d6ed9ab03200000001
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
etag: W/"32956-5919a47413480-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cf-ray: 5b7acba6ab7ad6ed-FRA
expires: Sat, 08 Aug 2020 15:13:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 85 KB
34 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-108199505-1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed5b6b5b97c44b8880afa3bee23f529e4aa4b8a23664ec1eba7904010bc051e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 04:11:09 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34212
x-xss-protection: 0
last-modified: Fri, 24 Jul 2020 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Jul 2020 04:11:09 GMT

GET
H2 200 popunder.gif
edcredition.club/ 35 B
365 B 239ms
139ms Image
image/gif 52.222.174.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edcredition.club/popunder.gif
Requested by: Host: stfly.me
URL: https://stfly.me/VegasPro16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.174.159 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Fri, 24 Jul 2020 04:11:09 GMT
content-encoding: gzip
x-amz-cf-pop: FRA54
status: 200
x-cache: Miss from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
content-length: 58
via: 1.1 7419ebe6dc61a036c7f081375facfd52.cloudfront.net (CloudFront)
x-amz-cf-id: UoiAPDXgsLIxhgRpvqXRYhgdQEsox91rhpsidTjKI2VjvAKHY8xrgA==

GET
H2 200 floater Show response
evatelyenu.club/ 4 KB
3 KB 651ms
650ms XHR
text/plain 52.222.174.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://evatelyenu.club/floater?tid=881745&red=1&cs=c0hYQ0ZCfmp3f0ctanZ%2BR347enZD&abt=0&v=0.5.40.3&sm=83&k=free%20your%20website%20highest%20shrtfly%20best%20links%20link%20short%20paid%20earn%20money%20shortener&sts=0&prn=0&emb=0&fs=1&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fstfly.me%2FVegasPro16&jst=0&enr=0&lcua=mozilla%2F5.0%20(macintosh%3B%20intel%20mac%20os%20x%2010_14_5)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F83.0.4103.61%20safari%2F537.36&tzd=2&uloc=&if=0&_5BHn=1595563869805&crc=1
Requested by: Host: d36zfztxfflmqo.cloudfront.net
URL: https://d36zfztxfflmqo.cloudfront.net/?tzfzd=881745
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.174.108 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: c069bb92573e9ff7e95e5979a976a313c29859ebb98991b899a109eda9c2ef16

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jul 2020 04:11:10 GMT
content-encoding: gzip
server: openresty/1.15.8.2
x-amz-cf-pop: FRA54
status: 200
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://stfly.me
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
content-type: text/plain
content-length: 2079
via: 1.1 d12467f4c051603df707c4dfa0fee85d.cloudfront.net (CloudFront)
x-amz-cf-id: xNCEhofsJsw0UPTtuiP660nuqLV0k30RYWpK6qFX_bUtcRsYdSgwFw==

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/r8WWNwsCvXtk22_oRSVCCZx9/ 330 KB
130 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/r8WWNwsCvXtk22_oRSVCCZx9/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61394e856497a7705a004cb627296445fe074d1f78b10ab81071915059b5a926

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 20 Jul 2020 16:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 Jul 2020 04:04:52 GMT
server: sffe
age: 300709
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133183
x-xss-protection: 0
expires: Tue, 20 Jul 2021 16:39:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-108199505-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 6930
date: Fri, 24 Jul 2020 02:15:39 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Fri, 24 Jul 2020 04:15:39 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1786363191&t=pageview&_s=1&dl=https%3A%2F%2Fstfly.me%2FVegasPro16&ul=en-us&de=UTF-8&dt=ShrtFly&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IE...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-108199505-1&cid=1031702691.1595563870&jid=1723611529&_gid=1287588839.1595563870&gjid=1856527812&_v=j83&z=53192993

35 B
99 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-108199505-1&cid=1031702691.1595563870&jid=1723611529&_gid=1287588839.1595563870&gjid=1856527812&_v=j83&z=53192993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 24 Jul 2020 04:11:09 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Jul 2020 04:11:09 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-108199505-1&cid=1031702691.1595563870&jid=1723611529&_gid=1287588839.1595563870&gjid=1856527812&_v=j83&z=53192993
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 419
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 7BD9 0
0 25ms
25ms Document
text/html 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld-6TAUAAAAAKL0saU0Slb5ONwZmAbRGjyEbceW&co=aHR0cHM6Ly9zdGZseS5tZTo0NDM.&hl=en&v=r8WWNwsCvXtk22_oRSVCCZx9&size=normal&cb=iszr5lga2cjk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/r8WWNwsCvXtk22_oRSVCCZx9/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IdqsxKkCF93OhlKt9+GDaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Ld-6TAUAAAAAKL0saU0Slb5ONwZmAbRGjyEbceW&co=aHR0cHM6Ly9zdGZseS5tZTo0NDM.&hl=en&v=r8WWNwsCvXtk22_oRSVCCZx9&size=normal&cb=iszr5lga2cjk
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://stfly.me/VegasPro16
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://stfly.me/VegasPro16

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 24 Jul 2020 04:11:09 GMT
content-security-policy: script-src 'report-sample' 'nonce-IdqsxKkCF93OhlKt9+GDaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10283
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK add Show response
o.wowreality.info/api/log/ 0
395 B 193ms
85ms XHR
text/plain 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Requested by: Host: static.lalaping.com
URL: https://static.lalaping.com/online.js?ver=2.0.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stfly.me/VegasPro16
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

Date: Fri, 24 Jul 2020 04:11:10 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://stfly.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Content-Length: 0

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame 4533 0
0 16ms
16ms Document
text/html 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=r8WWNwsCvXtk22_oRSVCCZx9&k=6Ld-6TAUAAAAAKL0saU0Slb5ONwZmAbRGjyEbceW&cb=bfovj9z6lhfd

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/r8WWNwsCvXtk22_oRSVCCZx9/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Zjy5HW184EW8uGzu86mTSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=r8WWNwsCvXtk22_oRSVCCZx9&k=6Ld-6TAUAAAAAKL0saU0Slb5ONwZmAbRGjyEbceW&cb=bfovj9z6lhfd
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://stfly.me/VegasPro16
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://stfly.me/VegasPro16

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 24 Jul 2020 04:11:10 GMT
content-security-policy: script-src 'report-sample' 'nonce-Zjy5HW184EW8uGzu86mTSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1177
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET thumbnail
xml.realtime-bid.com/ 0
0

GET
H2

200

300x300_dOIx9XwUt3scFXArorrf.png
static.realtime-bid.com/n337/ad/ Frame BEE5
Redirect Chain

https://xml.realtime-bid.com/thumbnail?i=p6Ld5NhbaQ8_0&imgt=icon
https://static.realtime-bid.com/n337/ad/300x300_dOIx9XwUt3scFXArorrf.png

46 KB
46 KB

108ms
31ms

Image
image/png

151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.realtime-bid.com/n337/ad/300x300_dOIx9XwUt3scFXArorrf.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: e54c92c0bee7583c4b5a696efa35c36e857f45e7f36282e263ffa04814cdf8ff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 04:11:12 GMT
last-modified: Sat, 18 Jul 2020 14:22:57 GMT
server: nginx
etag: "5f1305c1-b8c9"
status: 200
x-hw: 1595563872.cds071.sk1.hn,1595563872.cds032.sk1.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 47305

Redirect headers

Location: https://static.realtime-bid.com/n337/ad/300x300_dOIx9XwUt3scFXArorrf.png
Date: Fri, 24 Jul 2020 04:11:12 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
DATA 200
OK truncated
/ Frame BEE5 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63a428de16700f13f745cca888ee6d19b8c9470c623116b647c2a0cb431549a0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

192x192_NOpFLsHou8g8VV0CUg5q.jpeg
static.realtime-bid.com/n337/ad/ Frame BEE5
Redirect Chain

https://xml.realtime-bid.com/thumbnail?i=YOVE0m4C4BI_1&imgt=icon
https://static.realtime-bid.com/n337/ad/192x192_NOpFLsHou8g8VV0CUg5q.jpeg

3 KB
3 KB

32ms
31ms

Image
image/jpeg

151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.realtime-bid.com/n337/ad/192x192_NOpFLsHou8g8VV0CUg5q.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: d79e32546f6c4dff63c31b09b489194519bf07d36ab5bf893212ee6d49e02535

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 24 Jul 2020 04:11:15 GMT
last-modified: Wed, 22 Jul 2020 21:55:00 GMT
server: nginx
etag: "5f18b5b4-a04"
status: 200
x-hw: 1595563875.cds071.sk1.hn,1595563875.cds054.sk1.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2564

Redirect headers

Location: https://static.realtime-bid.com/n337/ad/192x192_NOpFLsHou8g8VV0CUg5q.jpeg
Date: Fri, 24 Jul 2020 04:11:15 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: xml.realtime-bid.com
URL: https://xml.realtime-bid.com/thumbnail?i=p6Ld5NhbaQ8_0&imgt=icon

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
evatelyenu.club/	1970-01-19 11:12:43	Name: ut Value: x
graizoah.com/	1970-01-19 19:58:19	Name: oaidts Value: 1595563867
stfly.me/	1970-01-19 19:51:07	Name: lang Value: en_US
stfly.me/	1969-12-31 23:59:59	Name: csrfToken Value: c38a518f7660b2ee6af7d30cfc0ef32b12f0bba5758b99c313bc7300e689a9f4d54d0f1fb530d319ffafcefee59e22e96795e7d363a3e90c987596aa56d8e734
graizoah.com/	1970-01-19 19:58:19	Name: OAID Value: 4b9cbae140f14517a4c28ad1cf4a44cc
stfly.me/	1969-12-31 23:59:59	Name: AppSession Value: c7sjo3kubrundlei9lgapi575s
.stfly.me/	1970-01-19 11:55:55	Name: __cfduid Value: dc02eb931ce26ee0355e545cc2b2ad8841595563866

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
d36zfztxfflmqo.cloudfront.net
edcredition.club
evatelyenu.club
fonts.googleapis.com
fonts.gstatic.com
graizoah.com
i.imgur.com
o.wowreality.info
shrtfly.com
static.lalaping.com
static.realtime-bid.com
stats.g.doubleclick.net
stfly.io
stfly.me
tabookbusines.info
upgulpinon.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
xml.realtime-bid.com
xml.realtime-bid.com
13.35.253.201
139.45.195.145
139.45.195.254
139.45.196.67
151.101.112.193
151.139.128.11
198.134.116.29
2606:4700:20::681a:97b
2606:4700:3030::6812:3cad
2606:4700:3035::681b:b97f
2606:4700:3037::681f:53b5
2606:4700::6810:85e5
2a00:1450:4001:800::200a
2a00:1450:4001:806::2003
2a00:1450:4001:806::2008
2a00:1450:4001:816::200e
2a00:1450:4001:817::2004
2a00:1450:4001:818::2003
2a00:1450:400c:c00::9b
52.206.71.220
52.222.174.108
52.222.174.159
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3ba110c59f4fdd97a91d83fb41f2acfa25928f830382f45c3e0b8bb1082fc06a
459e6ccc3540a3c58eb3a0b70e3b8612f22332430791139de446bc1db0b75a5c
4ab8db1a3831ba9c9d8b3400271ec0f0c54c4c9eb560ff0fc318dba077521209
55c8a115544d308e12907ffb8e012af90c4fd8b570f7fe739819e3cc3a565f8e
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
5b41b976c2376e4d5626e69295ff0156369e66a82a49877a979d74ea192ebf03
61394e856497a7705a004cb627296445fe074d1f78b10ab81071915059b5a926
63a428de16700f13f745cca888ee6d19b8c9470c623116b647c2a0cb431549a0
64665ef4a9700943c28eeca576aa9c333f9a88d893ef8157325ccb4188e968ab
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
8d1277d5d5fad7fd40a7ad08ac251304d4c4db03607b152a6b99489837911afd
8d4c1a5cb08881bd2e504662656c8b2007d4fd18b3ed716dee3a7ef9aec5e2c4
8ef8c1badab58d7d913f20bb41d9941190f3afd6bc7041734366b48098f492ae
90a3da07bde6febf9a630f2d00a543f3a9513df59a7262bd70bfe8d69f61a68b
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9d807c16e2160c2660ffd43bf8b8bc54eb39ecd044e823209c0ade70db965d5a
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
ad46bcc373832fe59626351343266f4c10a625c99ba868bfcd6f8b0f2eb69b0a
b07896066a93d42080d1e46f1258421a2b89a91be490e4a53d33aa86604f8329
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
bcd3623b2be5c416ac406ce48aa552622b1f3a088423d2f57bea8bc5dc2ef5af
c069bb92573e9ff7e95e5979a976a313c29859ebb98991b899a109eda9c2ef16
c59ab44d281e304245d6aaf1699661931145b1e31d11e3222c6a1dacf4e5ea63
d79e32546f6c4dff63c31b09b489194519bf07d36ab5bf893212ee6d49e02535
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54c92c0bee7583c4b5a696efa35c36e857f45e7f36282e263ffa04814cdf8ff
ed26d7c4fc56c6f4e28024665daff8015fc9c0a7ec450f2b858f88d0591f0a4f
ed5b6b5b97c44b8880afa3bee23f529e4aa4b8a23664ec1eba7904010bc051e0
f5e2946ff0ae6604c6e19b9b9c7ac96afcacd0c3fd3935d22d538cfe041413f8
f77be9ed5e29dcb25d3a3aca4d9dcba7d1168359e9c5f58ba186a59e72c64b86
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

stfly.me Open in urlscan Pro 2606:4700:3037::681f:53b5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

98 %HTTPS

55 %IPv6

21 Domains

23 Subdomains

21 IPs

4 Countries

1089 kBTransfer

2280 kBSize

7 Cookies

12 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

stfly.me Open in urlscan Pro
2606:4700:3037::681f:53b5 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

98 %
HTTPS

55 %
IPv6

21
Domains

23
Subdomains

21
IPs

4
Countries

1089 kB
Transfer

2280 kB
Size

7
Cookies

49 HTTP transactions
1 data transactions