jefans.com Open in urlscan Pro
91.223.82.6 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://jefans.com/
Submission: On November 11 via manual (November 11th 2021, 11:00:42 am UTC) from RO — Scanned from DE

Summary HTTP 160 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 44 IPs in 4 countries across 38 domains to perform 160 HTTP transactions. The main IP is 91.223.82.6, located in Netherlands and belongs to IWSNET, SE. The main domain is jefans.com.

This is the only time jefans.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
35	91.223.82.6 91.223.82.6	199968 (IWSNET) (IWSNET)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:394	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	172.255.6.123 172.255.6.123	7979 (SERVERS-COM) (SERVERS-COM)
5	2606:4700:303... 2606:4700:3033::ac43:90e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	35.186.193.41 35.186.193.41	15169 (GOOGLE) (GOOGLE)
3	192.243.59.13 192.243.59.13	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	192.243.59.20 192.243.59.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	139.45.197.251 139.45.197.251	9002 (RETN-AS) (RETN-AS)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700:20:... 2606:4700:20::ac43:4b09	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	35.190.41.116 35.190.41.116	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	139.45.197.234 139.45.197.234	9002 (RETN-AS) (RETN-AS)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
15	2606:4700:20:... 2606:4700:20::681a:294	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	139.45.197.237 139.45.197.237	9002 (RETN-AS) (RETN-AS)
10	139.45.197.250 139.45.197.250	9002 (RETN-AS) (RETN-AS)
6	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
4	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
3	2606:4700:303... 2606:4700:3038::6815:eb72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	139.45.197.243 139.45.197.243	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	87.245.235.49 87.245.235.49	9002 (RETN-AS) (RETN-AS)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	139.45.197.156 139.45.197.156	9002 (RETN-AS) (RETN-AS)
3	139.45.197.238 139.45.197.238	9002 (RETN-AS) (RETN-AS)
1	2600:9000:215... 2600:9000:2156:9000:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
5	188.72.201.207 188.72.201.207	35415 (WEBZILLA) (WEBZILLA)
2	2600:9000:215... 2600:9000:2156:9400:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
3	139.45.197.240 139.45.197.240	9002 (RETN-AS) (RETN-AS)
4	2606:4700:10:... 2606:4700:10::6816:1874	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.97.22 18.66.97.22	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
160	44

35 91.223.82.6 (Netherlands)

ASN199968 (IWSNET, SE)
PTR: pink.warez-host.com

jefans.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:394 (United States)

ASN13335 (CLOUDFLARENET, US)

services.bilsyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.255.6.123 (Netherlands)

ASN7979 (SERVERS-COM, US)

lambingsyddir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3033::ac43:90e8 (United States)

ASN13335 (CLOUDFLARENET, US)

acscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.193.41 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 41.193.186.35.bc.googleusercontent.com

www.linkonclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

pl15874460.topprofitablegate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.displaycontentprofit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

pl15874460.highperformancecpm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)

jouteetu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4b09 (United States)

ASN13335 (CLOUDFLARENET, US)

iclickcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.41.116 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 116.41.190.35.bc.googleusercontent.com

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.234 (United Kingdom)

ASN9002 (RETN-AS, GB)

bedrapiona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:20::681a:294 (United States)

ASN13335 (CLOUDFLARENET, US)

biltag.bilsyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.bilsyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
logs.bilsyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)

dozubatan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)

pseepsie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

toglooman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3038::6815:eb72 (United States)

ASN13335 (CLOUDFLARENET, US)

crrepo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)

onmarshtompor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.245.235.49 (United Kingdom)

ASN9002 (RETN-AS, GB)

perf.cdnads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.156 (United Kingdom)

ASN9002 (RETN-AS, GB)

static.cdnativepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.238 (United Kingdom)

ASN9002 (RETN-AS, GB)

ashoupsu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:9000:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.72.201.207 (Netherlands)

ASN35415 (WEBZILLA, NL)

interst12.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:9400:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.240 (United Kingdom)

ASN9002 (RETN-AS, GB)

propeller-tracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:1874 (United States)

ASN13335 (CLOUDFLARENET, US)

littlecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.22 (United States)

ASN16509 (AMAZON-02, US)

audit-tcfv2.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	jefans.com jefans.com	570 KB
17	bilsyndication.com services.bilsyndication.com biltag.bilsyndication.com assets.bilsyndication.com logs.bilsyndication.com	1 MB
10	pseepsie.com pseepsie.com	65 KB
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	182 KB
6	toglooman.com toglooman.com	128 KB
6	dozubatan.com dozubatan.com	29 KB
5	interst12.com interst12.com	159 KB
5	youradexchange.com youradexchange.com	4 KB
5	acscdn.com acscdn.com	35 KB
4	littlecdn.com littlecdn.com	35 KB
4	consensu.org test.quantcast.mgr.consensu.org quantcast.mgr.consensu.org audit-tcfv2.quantcast.mgr.consensu.org	161 KB
4	rtmark.net my.rtmark.net	2 KB
4	doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net	122 KB
4	onesignal.com cdn.onesignal.com onesignal.com	75 KB
3	propeller-tracking.com propeller-tracking.com	4 KB
3	ashoupsu.com ashoupsu.com	28 KB
3	crrepo.com crrepo.com	189 KB
3	jouteetu.net jouteetu.net	45 KB
3	linkonclick.com www.linkonclick.com	5 KB
2	cdnativepush.com static.cdnativepush.com	5 KB
2	google.com adservice.google.com www.google.com	2 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	gstatic.com fonts.gstatic.com	32 KB
2	wp.com stats.wp.com pixel.wp.com	3 KB
2	highperformancecpm.com pl15874460.highperformancecpm.com
2	topprofitablegate.com pl15874460.topprofitablegate.com
2	googleapis.com fonts.googleapis.com imasdk.googleapis.com	124 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	cdnads.com perf.cdnads.com	323 B
1	googletagservices.com www.googletagservices.com	27 KB
1	onmarshtompor.com onmarshtompor.com	2 KB
1	google.de adservice.google.de	792 B
1	googleadservices.com partner.googleadservices.com	636 B
1	bedrapiona.com bedrapiona.com	2 KB
1	displaycontentprofit.com www.displaycontentprofit.com
1	iclickcdn.com iclickcdn.com	23 KB
1	lambingsyddir.com lambingsyddir.com
1	googletagmanager.com www.googletagmanager.com	36 KB
160	38

	Domain	Requested by
35	jefans.com	jefans.com
13	assets.bilsyndication.com	biltag.bilsyndication.com jefans.com
10	pseepsie.com	iclickcdn.com pseepsie.com jefans.com
6	toglooman.com	iclickcdn.com toglooman.com
6	dozubatan.com	iclickcdn.com dozubatan.com
6	pagead2.googlesyndication.com	jefans.com pagead2.googlesyndication.com tpc.googlesyndication.com
5	interst12.com	toglooman.com interst12.com
5	youradexchange.com	acscdn.com jefans.com
5	acscdn.com	jefans.com acscdn.com
4	littlecdn.com	interst12.com
4	my.rtmark.net	iclickcdn.com dozubatan.com jefans.com
3	propeller-tracking.com	interst12.com propeller-tracking.com
3	ashoupsu.com	jefans.com ashoupsu.com
3	crrepo.com	www.linkonclick.com jefans.com
3	jouteetu.net	jefans.com jouteetu.net
3	www.linkonclick.com	jefans.com www.linkonclick.com
3	cdn.onesignal.com	jefans.com cdn.onesignal.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	quantcast.mgr.consensu.org	assets.bilsyndication.com
2	static.cdnativepush.com	jefans.com dozubatan.com
2	securepubads.g.doubleclick.net	www.googletagservices.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	pl15874460.highperformancecpm.com	jefans.com
2	pl15874460.topprofitablegate.com	jefans.com
2	services.bilsyndication.com	jefans.com services.bilsyndication.com
1	www.google.com	tpc.googlesyndication.com
1	audit-tcfv2.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	test.quantcast.mgr.consensu.org	assets.bilsyndication.com
1	pixel.wp.com	jefans.com
1	logs.bilsyndication.com	jefans.com
1	cdn.jsdelivr.net	assets.bilsyndication.com
1	perf.cdnads.com	jefans.com
1	imasdk.googleapis.com	biltag.bilsyndication.com
1	www.googletagservices.com	biltag.bilsyndication.com
1	onmarshtompor.com	iclickcdn.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	onesignal.com	cdn.onesignal.com
1	biltag.bilsyndication.com	services.bilsyndication.com
1	bedrapiona.com	iclickcdn.com
1	www.displaycontentprofit.com	jefans.com
1	iclickcdn.com	jefans.com
1	stats.wp.com	jefans.com
1	lambingsyddir.com	jefans.com
1	www.googletagmanager.com	jefans.com
1	fonts.googleapis.com	jefans.com
160	49

This site contains links to these domains. Also see Links.

Domain
valueimpression.com
wenthemes.com
youradexchange.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
bedrapiona.com R3	`2021-10-02` - `2021-12-31`	3 months	crt.sh
bilsyndication.com Cloudflare Inc ECC CA-3	`2021-06-08` - `2022-06-07`	a year	crt.sh
dozubatan.com R3	`2021-10-09` - `2022-01-07`	3 months	crt.sh
pseepsie.com R3	`2021-11-04` - `2022-02-02`	3 months	crt.sh
toglooman.com R3	`2021-11-06` - `2022-02-04`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
cdnativepush.com R3	`2021-10-02` - `2021-12-31`	3 months	crt.sh
quantcast.mgr.consensu.org R3	`2021-09-25` - `2021-12-24`	3 months	crt.sh
jouteetu.net R3	`2021-09-26` - `2021-12-25`	3 months	crt.sh
interst12.com R3	`2021-10-14` - `2022-01-12`	3 months	crt.sh
propeller-tracking.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-22` - `2022-11-06`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh

This page contains 9 frames:

Primary Page: http://jefans.com/
Frame ID: 5B38CE9A42A6B7BA75C51F558D85FA65
Requests: 132 HTTP requests in this frame

Frame: http://www.linkonclick.com/ad/display.php?stamat=m%257C%252Co43frYierB1dAN0dEdHP3xP.b60%252CZMkKdRAQlkuDbgTABrav5HX28Nykz1zmncZRIDrLIVnSYXbPiXC27hfR5ksw0H4pEhYV8HuM-lTGkL78EhfKDp4D0xvEe6R_onlrzgR4Z2U%252C&cbur=0.3784470095622259&cbtitle=Jefans%20%E2%80%93%20Sports%20Streams&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=
Frame ID: D3411D058FDA8C3C94D8F08FE12A3683
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20190131/zrt_lookup.html
Frame ID: 26D1A4FB3ED9E6571528BB1867AA5B67
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1506247068141695&output=html&adk=1812271804&adf=3025194257&lmt=1636628433&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fjefans.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1636628433672&bpp=10&bdt=592&idt=147&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1216004940269&frm=20&pv=2&ga_vid=1457100288.1636628434&ga_sid=1636628434&ga_hid=888364780&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063354%2C31063689%2C44748553&oid=2&pvsid=289985372373289&pem=162&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=215
Frame ID: D9A987F8D870BF1EA9042C349938D429
Requests: 1 HTTP requests in this frame

Frame: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D467860880%26z%3D4026129%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DJSmYv18Fn1oCK8VG9G4kxUQVqp-MGseSb7ZWLDaucGhXoe8V65KD8jNb7I6sv9H6PpdEBTkLJGXTk7zcnZdgmPsZhttSJSoo1oVOunh2VnHm0v4kAwijHnkhZQd0_S3mYLBMgaDREtcozlShNf2HLiSZh6edoWvqpHcEyb01QDc-SHY0TTJfOViNHglU1tTY14w0EzAaBT0Fbs-f3Cfwi6dYk-vm4471zdkVHkScYTWTjU4ztWZCWyR1TF8yXHLDMPu1aExSGob2zuN78LVjer4ej6TtH9pESJVnrw%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D839f1029-f61f-4990-8ec5-932dbc824e0f%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fjefans.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Frame ID: 65DC4AD17868225D8E6D28B11123D08C
Requests: 12 HTTP requests in this frame

Frame: data://truncated
Frame ID: 420EEA189B61F82FC38DF1A54D274CB8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: D530E413DFBE7ACCA7EA27F3B1A1AD57
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C756DEE250C8A365FDA48E6093BC9502
Requests: 2 HTTP requests in this frame

Frame: https://static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/01602088365889.png
Frame ID: 040C720FCAA92D77F4FB0E78A86DE605
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Jefans – Sports Streams

Page Statistics

160
Requests

49 %
HTTPS

51 %
IPv6

38
Domains

49
Subdomains

44
IPs

4
Countries

3434 kB
Transfer

7581 kB
Size

16
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://valueimpression.com/?ref=jefans.com

Search URL Search Domain Scan URL

URL: https://wenthemes.com/
Title: WEN Themes

Search URL Search Domain Scan URL

URL: http://youradexchange.com/ad/visit.php?al=1

Search URL Search Domain Scan URL

URL: http://youradexchange.com/do/c.php?stamat=m%257C%252C%252CQ2Ji43K2tGU3BE9GH0dEdHP3xP.be1%252ChoAVSB7OJHjcdA7aCntW-yzBANaThCvUO9nFaXBhHPBO1ohEmiUgMqzhbENkKrusp-Ij6uRHYAG5GNtIItFC913NjmhAIdatsujhipzHcChRgZSfX_COMBqjBSkeMXLlTyD8hQ0djs4bAbB-8jqQHpopoWHGUE28GJULY9f5tI3t8q4PV7d7DdG7Ia-rWIzMva61YX3tBquVI4g-Flu7rf50SeKVF6WsPTm_swfdM8yIpmhnuK-L9LpzB7r-xQLxrkQ3uzD0zUG4KaYVPpjES-x91I7FaEWGPJP1D3TZ973r5vQE8oBvaOQrjv-2YoSMDqX3FfS1a789TPkh6Af6yVvdjg46KreyVCZHz4N8E1CQ0G0akL2CiiXM01upVeUfFG_BcADRFwIrzWeGTE-0ASu0zx9GllSViOiP-SG3T4k%252C
Title: Go to website

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

160 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
jefans.com/ 190 KB
53 KB 488ms
414ms Document
text/html 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to

Full URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: b1120d33c5555905f10c16db625451efe382d21e8091a46b00a9791005f6a213

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html; charset=UTF-8
link: <http://jefans.com/wp-json/>; rel="https://api.w.org/"
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Thu, 11 Nov 2021 11:00:32 GMT
server: LiteSpeed

GET
H/1.1 200
OK style.min.css
jefans.com/wp-includes/css/dist/block-library/ 79 KB
11 KB 32ms
22ms Stylesheet
text/css 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to

Full URL: http://jefans.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.2
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 10:55:01 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 10406
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H/1.1 200
OK mediaelementplayer-legacy.min.css
jefans.com/wp-includes/js/mediaelement/ 11 KB
3 KB 34ms
23ms Stylesheet
text/css 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to

Full URL: http://jefans.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
content-encoding: gzip
last-modified: Wed, 09 Dec 2020 18:34:27 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 2573
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H/1.1 200
OK wp-mediaelement.min.css
jefans.com/wp-includes/js/mediaelement/ 4 KB
1 KB 34ms
23ms Stylesheet
text/css 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to

Full URL: http://jefans.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8.2
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
content-encoding: gzip
last-modified: Sat, 08 Jun 2019 00:15:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1145
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H/1.1 200
OK bzicons.css
jefans.com/wp-content/plugins/beezplayerpro/player/css/font/ 54 KB
8 KB 34ms
22ms Stylesheet
text/css 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to

Full URL: http://jefans.com/wp-content/plugins/beezplayerpro/player/css/font/bzicons.css?ver=5.8.2
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: e8f37268f357d88fc2074ff147ee4649fb2067921719f771537dbdc98dd614d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 08:21:29 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 8038
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H/1.1 200
OK style.css
jefans.com/wp-content/themes/magazine-plus/ 86 KB
14 KB 32ms
20ms Stylesheet
text/css 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to

Full URL: http://jefans.com/wp-content/themes/magazine-plus/style.css?ver=2.0.3
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: 6b14209e4ac3cc0145c675fdfa636c2b1823ce5b6d437d06bc3d7f6df73e24ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
content-encoding: gzip
last-modified: Wed, 19 Aug 2020 15:52:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 14423
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H/1.1 200
OK style.css
jefans.com/wp-content/themes/moto-news/ 11 KB
3 KB 51ms
14ms Stylesheet
text/css 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to

Full URL: http://jefans.com/wp-content/themes/moto-news/style.css?ver=1.0.1
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: 9f3923a90b38fb5a7be614b5a2fe30e39a30c4b78f7c059cc119fd03e10a2b47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
content-encoding: gzip
last-modified: Thu, 15 Oct 2020 12:02:01 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 3015
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H/1.1 200
OK font-awesome.min.css
jefans.com/wp-content/themes/magazine-plus/third-party/font-awesome/css/ 30 KB
7 KB 60ms
20ms Stylesheet
text/css 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to

Full URL: http://jefans.com/wp-content/themes/magazine-plus/third-party/font-awesome/css/font-awesome.min.css?ver=4.7.0
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
content-encoding: gzip
last-modified: Wed, 19 Aug 2020 15:52:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 6875
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H2 200 css
fonts.googleapis.com/ 20 KB
2 KB 62ms
19ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A300%2C300i%2C400%2C400i%2C700%2C700i%7CRoboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i&subset=latin%2Clatin-ext

Requested by

Host: jefans.com
URL: http://jefans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

db8821659f8bb147f331d30c9eecc50951e045b5e4210785a9afa9ed8afcd9b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 11:00:33 GMT
server: ESF
date: Thu, 11 Nov 2021 11:00:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Nov 2021 11:00:33 GMT

GET
H/1.1 200
OK jetpack.css
jefans.com/wp-content/plugins/jetpack/css/ 85 KB
17 KB 61ms
20ms Stylesheet
text/css 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to

Full URL: http://jefans.com/wp-content/plugins/jetpack/css/jetpack.css?ver=10.3
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: 41b60d2262cffca90f6cd644983a2d813336dc959558bdd6ae54b35ef06dd9fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 15:38:16 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 16683
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H/1.1 200
OK video.min.js Show response
jefans.com/wp-content/plugins/beezplayerpro/player/js/ 385 KB
107 KB 62ms
16ms Script
application/javascript 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to

Full URL: http://jefans.com/wp-content/plugins/beezplayerpro/player/js/video.min.js?ver=5.8.2
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: 7ba8765927c4784f8d3d7acc4f00a47de9a2c3e47eeceb5da74843e6efad22f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 08:21:29 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 108707
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H/1.1 200
OK flash.min.js Show response
jefans.com/wp-content/plugins/beezplayerpro/player/js/ 8 KB
3 KB 61ms
16ms Script
application/javascript 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to

Full URL: http://jefans.com/wp-content/plugins/beezplayerpro/player/js/flash.min.js?ver=5.8.2
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: 90f67af89f96997de24b69225c764611b1bca9ca4b9d2129e4626ca128097a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 08:21:29 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 3117
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H/1.1 200
OK jquery.min.js Show response
jefans.com/wp-includes/js/jquery/ 87 KB
31 KB 61ms
16ms Script
application/javascript 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to

Full URL: http://jefans.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 10:55:01 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 30900
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
jefans.com/wp-includes/js/jquery/ 11 KB
4 KB 93ms
21ms Script
application/javascript 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to

Full URL: http://jefans.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
content-encoding: gzip
last-modified: Wed, 09 Dec 2020 18:34:27 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 4165
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H/1.1 200
OK / Show response
services.bilsyndication.com/adv1/ 951 B
2 KB 189ms
171ms Script
application/javascript 2606:4700:20::681a:394
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://services.bilsyndication.com/adv1/?q=85124cb0cdb231f08ce8dde5cc59207d
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:394 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44cf1e18bda7ae6f231b4ff884f891b05cc173cae45defa98274c16a6bdc71f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 11:00:33 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
CF-RAY: 6ac7047cbf730f52-MXP
Pragma: no-cache
Last-Modified: Thu, 11 Nov 2021 11:00:33 GMT
Server: cloudflare
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=swSv9rTTae54QqTljoMkJmo7HaKlWcZ3gcDWPatinv%2Fm71n1XXWt9GHKVyU6IcUlbMeA8jNP0uvlwkbbtyL3a3rGLTfHP6SksfNfMG7tp7OwpcRARvMYmEMtpi5xoR3KPfWMSt5Cn3yJdjaUSPl6L59OTuPG81j%2BcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
Expires: on, 01 Jan 1970 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 57ms
17ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-139142569-1

Requested by

Host: jefans.com
URL: http://jefans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8de541c3a5a5779a4d58a53e72109a7916ada1b069359d87602ec98c1cf0ac1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36361
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Nov 2021 11:00:33 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 75ms
19ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa081436fdbf78060847f4dbd6cc95f88a435c2f995e03aedf16cae94bb48762

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:33 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1425
etag: W/"d24a6d0ec1286eeadae131b33275a983"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6ac7047ccf6642e1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sun, 14 Nov 2021 11:00:33 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 121ms
62ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: jefans.com
URL: http://jefans.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

822950eadfe1b0ea18ebd5550c5494e0164e8fae9fcb92b9fe61502bbf378032

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51296
x-xss-protection: 0
server: cafe
etag: 18332223740772276371
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 11 Nov 2021 11:00:33 GMT

GET
H/1.1 200
OK 42121 Show response
lambingsyddir.com/gRuiSp44JgfP1HWIq/ 0
0 67ms
23ms Script
text/html 172.255.6.123
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: http://lambingsyddir.com/gRuiSp44JgfP1HWIq/42121
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 172.255.6.123 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1 200
OK atg.js Show response
acscdn.com/script/ 18 KB
6 KB 83ms
64ms Script
text/javascript 2606:4700:3033::ac43:90e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://acscdn.com/script/atg.js
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:90e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc99da913f75c9039bf70c07a07c1c69f319f92e7fec9b6505a3adde456004fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=IANIvw==, md5=blBIuijW7MkVxn7rsha6dA==
Date: Thu, 11 Nov 2021 11:00:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2561
x-guploader-uploadid: ADPycdvi7zyM9m1g7L3IcBvJpB0AE4lboRnl6GdCOUbvG-5Aj93hpMobE4WaVPQUMS-I0pEQLBJaQ3VEUQfj-VDodgXSXL_m1Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 03 Nov 2021 12:03:38 GMT
Server: cloudflare
etag: W/"6e5048ba28d6ecc915c67eebb216ba74"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G5M0gcbqMR%2B1Deca%2FJxzV%2FpKu7v72Di2BKRgl8BgZQxXHF1FSy8FO6xoJhxVsDDrdh2i9KeO9WqbvocKvsBDeaD8iRmdi%2BXqdMSX%2F2qfISNP%2BUHfA8Dqe1wCEFF%2FDQEG532Txy%2F%2BdoNV"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635941018676545
access-control-allow-origin: *
Content-Type: text/javascript
cache-control: public, max-age=14400
Transfer-Encoding: chunked
x-goog-stored-content-length: 18281
CF-RAY: 6ac7047b7fc4f923-MXP
expires: Thu, 11 Nov 2021 10:21:16 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
jefans.com/wp-includes/js/ 18 KB
5 KB 17ms
14ms Script
application/javascript 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to

Full URL: http://jefans.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.2
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
content-encoding: gzip
last-modified: Wed, 21 Jul 2021 10:55:01 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 4890
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H/1.1 200
OK display.php Show response
www.linkonclick.com/a/ 6 KB
3 KB 166ms
129ms Script
application/javascript 35.186.193.41
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://www.linkonclick.com/a/display.php?r=2522091
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 35.186.193.41 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 41.193.186.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 6a905caad4c39cd893b070964a2f151975e82ff19852ad8510c8b45e7deccd1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Nov 2021 11:00:33 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: openresty
Via: 1.1 google
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 403
Forbidden f6bcc3d3fdc13ad2d4327c44f39d7e5b.js
pl15874460.topprofitablegate.com/f6/bc/c3/ 0
0 491ms
197ms Script
application/javascript 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pl15874460.topprofitablegate.com/f6/bc/c3/f6bcc3d3fdc13ad2d4327c44f39d7e5b.js
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Nov 2021 11:00:33 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 403
Forbidden f6bcc3d3fdc13ad2d4327c44f39d7e5b.js
pl15874460.highperformancecpm.com/f6/bc/c3/ 0
0 243ms
185ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pl15874460.highperformancecpm.com/f6/bc/c3/f6bcc3d3fdc13ad2d4327c44f39d7e5b.js
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Nov 2021 11:00:33 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK adblock.png
jefans.com/wp-content/plugins/monitor-adblock/ 61 KB
61 KB 18ms
15ms Image
image/png 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jefans.com/wp-content/plugins/monitor-adblock/adblock.png
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: 400f47b94ac4b3fea4a1e1551cf2f87847fdd9aa75b58bf3a8404048cd2553f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
last-modified: Sat, 20 Jun 2020 19:02:05 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 61964
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H/1.1 200
OK ntfc.php Show response
jouteetu.net/ 15 KB
6 KB 48ms
13ms Script
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://jouteetu.net/ntfc.php?p=3008391
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: d9dd92d5c8e808e7d6e44ea23104f3fd299da48f1c926968ab4336bd8188e737

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 11:00:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Nov 2021 14:40:12 GMT
Server: nginx
ETag: W/"61829f4c-3b43"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK skip-link-focus-fix.min.js Show response
jefans.com/wp-content/themes/magazine-plus/js/ 557 B
693 B 15ms
14ms Script
application/javascript 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to

Full URL: http://jefans.com/wp-content/themes/magazine-plus/js/skip-link-focus-fix.min.js?ver=20130115
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: 818266fe4b7bbf0fe187b6190933c99af05829f70c2d6023acab03f8af5a59b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
content-encoding: gzip
last-modified: Wed, 19 Aug 2020 15:52:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 309
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H/1.1 200
OK navigation.min.js Show response
jefans.com/wp-content/themes/magazine-plus/js/ 6 KB
2 KB 15ms
15ms Script
application/javascript 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to

Full URL: http://jefans.com/wp-content/themes/magazine-plus/js/navigation.min.js?ver=20200527
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: efe96b925aac113eab9c6cdc355ef07ee9a832442ac638961f025f814c55833b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
content-encoding: gzip
last-modified: Wed, 19 Aug 2020 15:52:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1249
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H/1.1 200
OK jquery.easytabs.min.js Show response
jefans.com/wp-content/themes/magazine-plus/third-party/easytabs/js/ 9 KB
3 KB 15ms
15ms Script
application/javascript 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to

Full URL: http://jefans.com/wp-content/themes/magazine-plus/third-party/easytabs/js/jquery.easytabs.min.js?ver=3.2.0
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: 731c982fe2f526eb1cfc47130b9d84b74c1a1038a4a518bcaf70f83ddac162a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
content-encoding: gzip
last-modified: Wed, 19 Aug 2020 15:52:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 3017
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H/1.1 200
OK jquery.cycle2.min.js Show response
jefans.com/wp-content/themes/magazine-plus/third-party/cycle2/js/ 22 KB
7 KB 15ms
15ms Script
application/javascript 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to

Full URL: http://jefans.com/wp-content/themes/magazine-plus/third-party/cycle2/js/jquery.cycle2.min.js?ver=2.1.6
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: 87a1a7e65f6ceed57d27b07cac22836a7682617932fc9d4376887b0ae1754a35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
content-encoding: gzip
last-modified: Wed, 19 Aug 2020 15:52:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 7091
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H/1.1 200
OK jquery.easy-ticker.min.js Show response
jefans.com/wp-content/themes/magazine-plus/third-party/ticker/ 3 KB
2 KB 15ms
15ms Script
application/javascript 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to

Full URL: http://jefans.com/wp-content/themes/magazine-plus/third-party/ticker/jquery.easy-ticker.min.js?ver=2.0
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: e708fe12174d8be13093cdb95f27dbb23e1c1f5ecf15cf06d18af852679acee7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
content-encoding: gzip
last-modified: Wed, 19 Aug 2020 15:52:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1161
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H/1.1 200
OK custom.min.js Show response
jefans.com/wp-content/themes/magazine-plus/js/ 551 B
756 B 15ms
14ms Script
application/javascript 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to

Full URL: http://jefans.com/wp-content/themes/magazine-plus/js/custom.min.js?ver=1.0.4
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: 75a320b2b64363aa196daa7260f22679b2efc3f9be2c58cf0e8448ac111a962e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
content-encoding: gzip
last-modified: Wed, 19 Aug 2020 15:52:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 372
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
jefans.com/wp-includes/js/ 1 KB
1 KB 17ms
14ms Script
application/javascript 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to

Full URL: http://jefans.com/wp-includes/js/wp-embed.min.js?ver=5.8.2
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 07:10:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 769
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 52ms
13ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.2
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa081436fdbf78060847f4dbd6cc95f88a435c2f995e03aedf16cae94bb48762

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:33 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2723
etag: W/"d24a6d0ec1286eeadae131b33275a983"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6ac7047ccf6d42e1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sun, 14 Nov 2021 11:00:33 GMT

GET
H2 200 e-202145.js Show response
stats.wp.com/ 9 KB
3 KB 49ms
5ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202145.js
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT hhn
date: Thu, 11 Nov 2021 11:00:33 GMT
content-encoding: br
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Thu, 10 Nov 2022 15:18:57 GMT

GET
BLOB 200
OK c7a90142-e7ce-4c59-a9bb-2fa4b76e656a
http://jefans.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://jefans.com/c7a90142-e7ce-4c59-a9bb-2fa4b76e656a
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 tag.min.js Show response
iclickcdn.com/ 64 KB
23 KB 62ms
21ms Script
text/javascript 2606:4700:20::ac43:4b09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iclickcdn.com/tag.min.js
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09caef499825d621b4d50291fb2bd9333c915ebad77c1ee6a859345c9046cfc0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
age: 72545
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
x-trace-id: c7ed50852e17b7f4f21dc5ae8c6391e4
pragma: no-cache
last-modified: Mon, 08 Nov 2021 15:10:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MqEWv6%2BGJoHulH4aIFHMCFUbUDLY0Ox7Ex0aCmnzzs1Q5%2FLpRc9aBguc3rTzhR1BX6l%2BFiWy29%2FHmDpzIsAI64vxY7STloDlT51OVe%2BFN7l3oyQFZuhAVt1HU1MUuiyWSra5Z3Exiy%2BydWI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 6ac7047cfdde6964-FRA
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Thu, 11 Nov 2021 14:51:28 GMT

GET
H/1.1 200
OK ut.js Show response
acscdn.com/script/ 15 KB
6 KB 47ms
38ms Script
text/javascript 2606:4700:3033::ac43:90e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://acscdn.com/script/ut.js?cb=1636628433323
Requested by: Host: acscdn.com
URL: http://acscdn.com/script/atg.js
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:90e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e2778d4aa6e69d5502e588c3ee022d8b4fcd5be1c43321e8b0d7d7d70353d25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=pSNYBg==, md5=kgSAZFBHwrKCoEisuF+d8w==
Date: Thu, 11 Nov 2021 11:00:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 867
x-guploader-uploadid: ADPycdtrF9RGmSSckpvZ2jV5iJodlmefyR3VtQXGJ_eGG4mcf8jpfuyWN09TjhK8MyDjUE7tmLq4oLIRlocklR5hjEKqi8ABQg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 28 Oct 2021 10:36:11 GMT
Server: cloudflare
etag: W/"920480645047c2b282a048acb85f9df3"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xwMmU67WHSmDdXb6Ck2OjB3qkEYM%2FQFy%2F3DZU6lz%2BZVO%2FcfVd99rv6ytZv56v9T4VE%2BN%2F2hSyRHbsDjAXFNeUzeGqqKDdyqPNMXVVkUVMNuxo75e4OYIVUd2E%2Bl5V80Fb19vwIIbqLD0"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635417371100027
access-control-allow-origin: *
Content-Type: text/javascript
cache-control: public, max-age=14400
Transfer-Encoding: chunked
x-goog-stored-content-length: 15242
CF-RAY: 6ac7047cda12f923-MXP
expires: Thu, 11 Nov 2021 11:33:42 GMT

GET
H/1.1 200
OK czcf.php Show response
youradexchange.com/ad/ 555 B
527 B 145ms
125ms Fetch
text/html 35.190.41.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://youradexchange.com/ad/czcf.php?cz=df56bb62
Requested by: Host: acscdn.com
URL: http://acscdn.com/script/atg.js
Protocol: HTTP/1.1
Server: 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.41.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 281b20888c1f572bb33bc373680d2c10cd185f3d842dcdc7b9fa8253ec6dcf58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Nov 2021 11:00:33 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: openresty
Via: 1.1 google
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK fontawesome-webfont.woff2
jefans.com/wp-content/themes/magazine-plus/third-party/font-awesome/fonts/ 75 KB
76 KB 16ms
14ms Font
font/woff2 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to

Full URL: http://jefans.com/wp-content/themes/magazine-plus/third-party/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: jefans.com
URL: http://jefans.com/wp-content/themes/magazine-plus/third-party/font-awesome/css/font-awesome.min.css?ver=4.7.0
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: http://jefans.com/wp-content/themes/magazine-plus/third-party/font-awesome/css/font-awesome.min.css?ver=4.7.0
Origin: http://jefans.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
last-modified: Wed, 19 Aug 2020 15:52:06 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 77160
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 47ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C300i%2C400%2C400i%2C700%2C700i%7CRoboto%3A300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://jefans.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 21:11:56 GMT
x-content-type-options: nosniff
age: 222517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 08 Nov 2022 21:11:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 53ms
11ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://jefans.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 01:55:14 GMT
x-content-type-options: nosniff
age: 551119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 05 Nov 2022 01:55:14 GMT

GET
H/1.1 200
OK maxresdefault-300x169.jpg
jefans.com/wp-content/uploads/2021/01/ 13 KB
14 KB 18ms
16ms Image
image/jpeg 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jefans.com/wp-content/uploads/2021/01/maxresdefault-300x169.jpg
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: 73e373f0c89d23183bc0097f19292c7833eb5d0ed607b9d0d0c4349470d3de2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
last-modified: Thu, 07 Jan 2021 23:11:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 13792
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H/1.1 200
OK Large-300x169.jpg
jefans.com/wp-content/uploads/2021/01/ 18 KB
18 KB 16ms
15ms Image
image/jpeg 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jefans.com/wp-content/uploads/2021/01/Large-300x169.jpg
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: 68f79d350d5ce1e71fef983cb9c933c5162fa3b55e08c9701cc0786519048a2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
last-modified: Tue, 05 Jan 2021 17:53:49 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 18560
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H/1.1 200
OK DPLVZFSX4AAuTRU-300x200.jpg
jefans.com/wp-content/uploads/2021/01/ 16 KB
16 KB 17ms
16ms Image
image/jpeg 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jefans.com/wp-content/uploads/2021/01/DPLVZFSX4AAuTRU-300x200.jpg
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: 0a4a6606857c657e2f659e917ee0c6daf4fa1554a722ac83d7f04807c10fe336

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
last-modified: Tue, 05 Jan 2021 17:41:21 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 16303
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H/1.1 200
OK Guardiola.Manchester.City_.2018.19.maglione.1400x840-300x180.jpg
jefans.com/wp-content/uploads/2021/01/ 10 KB
10 KB 17ms
16ms Image
image/jpeg 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jefans.com/wp-content/uploads/2021/01/Guardiola.Manchester.City_.2018.19.maglione.1400x840-300x180.jpg
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: 3e07628a0bff02eeff9e768fd55d47c23e11d0fffd2cf928afb31fcc0369f829

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
last-modified: Tue, 05 Jan 2021 17:17:32 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 9747
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H/1.1 200
OK adee347a1840257edf38d23072c18ea9-300x169.jpg
jefans.com/wp-content/uploads/2020/11/ 12 KB
12 KB 17ms
16ms Image
image/jpeg 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jefans.com/wp-content/uploads/2020/11/adee347a1840257edf38d23072c18ea9-300x169.jpg
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: a229d87ea219a11f4e8fdc066ae4a5a38c674001759fa779d82394cf1d1566b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
last-modified: Mon, 02 Nov 2020 10:20:48 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 12370
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H/1.1 200
OK 0_Roy-Keane-300x200.jpg
jefans.com/wp-content/uploads/2020/11/ 13 KB
14 KB 18ms
17ms Image
image/jpeg 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jefans.com/wp-content/uploads/2020/11/0_Roy-Keane-300x200.jpg
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: e045b801b25884d661e4b57f517777b263868e7e27d61bb966f7de69a0597f6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
last-modified: Mon, 02 Nov 2020 09:48:28 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 13719
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H/1.1 200
OK 0_ArsenalBlog-300x158.jpg
jefans.com/wp-content/uploads/2020/10/ 15 KB
16 KB 18ms
14ms Image
image/jpeg 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jefans.com/wp-content/uploads/2020/10/0_ArsenalBlog-300x158.jpg
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: f2b8f0d67e553a0dd5b8fc45cef1c3e39c6a1d8c4e60050e1df5fa6c582f0068

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
last-modified: Thu, 01 Oct 2020 18:20:45 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 15851
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H/1.1 200
OK 33405640-0-image-a-6_1600624844271-e1600688656850-300x190.jpg
jefans.com/wp-content/uploads/2020/09/ 11 KB
11 KB 19ms
16ms Image
image/jpeg 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jefans.com/wp-content/uploads/2020/09/33405640-0-image-a-6_1600624844271-e1600688656850-300x190.jpg
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: b229ce92870ce24154c3dd5cb3666bd3b86c35963ab0a924fb5db1378422b591

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
last-modified: Mon, 21 Sep 2020 11:44:16 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 10927
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H/1.1 200
OK download-1-300x213.jpg
jefans.com/wp-content/uploads/2020/09/ 15 KB
15 KB 23ms
20ms Image
image/jpeg 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jefans.com/wp-content/uploads/2020/09/download-1-300x213.jpg
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: 5070ac3b366acec9800e3c40c4e1d8284bfb14347e004267715669bdff54ae86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
last-modified: Fri, 11 Sep 2020 10:09:33 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 15508
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H/1.1 200
OK 2020-Cup-Final-Overview-300x177.jpg
jefans.com/wp-content/uploads/2020/09/ 22 KB
23 KB 23ms
20ms Image
image/jpeg 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://jefans.com/wp-content/uploads/2020/09/2020-Cup-Final-Overview-300x177.jpg
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: 8707636ac96ec7ca9f79e8807aa7f8f0f6d9698cb5d8766b451f45218663880f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:32 GMT
last-modified: Sat, 19 Sep 2020 21:03:50 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 22816
expires: Thu, 18 Nov 2021 11:00:32 GMT

GET
H/1.1 200
OK display.php Show response
www.linkonclick.com/ad/ Frame D341 3 KB
2 KB 156ms
152ms Document
text/html 35.186.193.41
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://www.linkonclick.com/ad/display.php?stamat=m%257C%252Co43frYierB1dAN0dEdHP3xP.b60%252CZMkKdRAQlkuDbgTABrav5HX28Nykz1zmncZRIDrLIVnSYXbPiXC27hfR5ksw0H4pEhYV8HuM-lTGkL78EhfKDp4D0xvEe6R_onlrzgR4Z2U%252C&cbur=0.3784470095622259&cbtitle=Jefans%20%E2%80%93%20Sports%20Streams&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=
Requested by: Host: www.linkonclick.com
URL: http://www.linkonclick.com/a/display.php?r=2522091
Protocol: HTTP/1.1
Server: 35.186.193.41 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 41.193.186.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 903af7cda9a9f3e6e55071dc51ab2eee44296a534e46378820cb167b4b597910

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/

Response headers

Server: openresty
Date: Thu, 11 Nov 2021 11:00:33 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Link: <//www.linkonclick.com>; rel=dns-prefetch,<//www.linkonclick.com>; rel=preconnect,<//warthunder.com>; rel=dns-prefetch,<//warthunder.com>; rel=preconnect
Content-Encoding: gzip
Via: 1.1 google

GET
H/1.1 403
Forbidden invoke.js
www.displaycontentprofit.com/3031353533313232303161363165636232333030333566383838376535303335/ 0
0 322ms
189ms Script
text/html 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.displaycontentprofit.com/3031353533313232303161363165636232333030333566383838376535303335/invoke.js
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: http://jefans.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Thu, 11 Nov 2021 11:00:33 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: text/html
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 15ms
14ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151509
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0be76c911338a04a147d23494fe0bba1e96cb78a4c6efce737b072466c8a346

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:33 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 652
etag: W/"f5b476c39d3850a1e9c745df927a7adc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6ac7047e0ac742e1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sun, 14 Nov 2021 11:00:33 GMT

GET
H2 200 / Show response
bedrapiona.com/5/4026131/ 3 KB
2 KB 103ms
25ms XHR
application/json 139.45.197.234
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bedrapiona.com/5/4026131/?oo=1&js_build=2
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 299b8e76b97667f71e96658e21de2b2aa690510277ae7ae2226cad7660cd2b20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-trace-id: 74bbf66b0e78ec09cc956999cfa525e7
pragma: no-cache, no-cache
date: Thu, 11 Nov 2021 11:00:33 GMT
content-encoding: gzip
server: nginx
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://lukomol.com>; rel="preconnect dns-prefetch"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: http://jefans.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/ 267 KB
96 KB 46ms
33ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1506247068141695&plah=jefans.com&bust=31063689

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f18dfd43166392d53482502d316b91e27215abe16343b0dbc17110becf467d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98309
x-xss-protection: 0
server: cafe
etag: 7939618294436661980
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 11 Nov 2021 11:00:33 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211108/r20190131/ Frame 26D1 11 KB
5 KB 54ms
7ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211108/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b84d38d0eab1b3f6cf6491ab4bb7ec35341f6664c10465a617bcfa7f69b6a74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 11 Nov 2021 00:54:40 GMT
expires: Thu, 25 Nov 2021 00:54:40 GMT
content-type: text/html; charset=UTF-8
etag: 4704609575283140419
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4891
x-xss-protection: 0
age: 36353
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK ippg.js Show response
acscdn.com/script/ 19 KB
6 KB 37ms
31ms Script
text/javascript 2606:4700:3033::ac43:90e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://acscdn.com/script/ippg.js
Requested by: Host: acscdn.com
URL: http://acscdn.com/script/atg.js
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:90e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83573fe4e1639117194a0c506ca6f041356b29cfdf87ebe2fda19780f289bdb1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=3go0+g==, md5=lsOxQ8PttTp+XTUNq7Rnsw==
Date: Thu, 11 Nov 2021 11:00:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2325
x-guploader-uploadid: ADPycds-Qqk5Mb3GFNR7OXFQkOh18PsOar7miqgUjeOewpvw4FW1khkkL43zZuZDA29S0nfhI-8mDoAhhaNp5Kdbrsp7MKzxdw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 28 Oct 2021 10:36:10 GMT
Server: cloudflare
etag: W/"96c3b143c3edb53a7e5d350dabb467b3"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56CssFOKEaSWvuD4ygA7FlRfKjG%2BOj2IGgTXJ1GJPQcB91mqMKmgjDDHgG0Fjw54H5pys8UjcvVAfVhrS4yxr54g2TQzn3qZ26%2BjBnseQCYkt0N6ZpcgHXe5B8nZUTJJj%2BMYVqaoO1f4"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635417370288203
access-control-allow-origin: *
Content-Type: text/javascript
cache-control: public, max-age=14400
Transfer-Encoding: chunked
x-goog-stored-content-length: 19757
CF-RAY: 6ac7047eed10f923-MXP
expires: Thu, 11 Nov 2021 10:37:29 GMT

GET
H/1.1 200
OK intrf.js Show response
acscdn.com/script/ 28 KB
9 KB 34ms
22ms Script
text/javascript 2606:4700:3033::ac43:90e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://acscdn.com/script/intrf.js
Requested by: Host: acscdn.com
URL: http://acscdn.com/script/atg.js
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:90e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9acf0ffd3ec7320876a9a857c2a2c35e4a8d7985e3de01680d1fcd5f4e7dab7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=oG3aPg==, md5=PmznahJBQM5Ebv7oKPIPzw==
Date: Thu, 11 Nov 2021 11:00:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1270
x-guploader-uploadid: ADPycdv2nYzzEoEsSvzwTfNwDWuwuZ8G0PeRkfnqAKPy7U6SeOalII7FKBPXw5yYdKS-DYl8UKOzRKHz6s0oj5Dvhw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 28 Oct 2021 10:36:09 GMT
Server: cloudflare
etag: W/"3e6ce76a124140ce446efee828f20fcf"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OrU6z76cIL0oidhy3kDBaerV891sve969yrIbDJ81vI2yFzlQxkfHtmf5uPL9gDVvgt1qIbKx12zvPXCkpW%2FsFPGi7QDRTClpx9fNhgsbwZGJcHZUGbq2m0FL5Pj6T90x2IYIIHSNQuh"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635417369565297
access-control-allow-origin: *
Content-Type: text/javascript
cache-control: public, max-age=14400
Transfer-Encoding: chunked
x-goog-stored-content-length: 28164
CF-RAY: 6ac7047ee8514ecd-FRA
expires: Thu, 11 Nov 2021 11:10:17 GMT

GET
H/1.1 200
OK suv4r.js Show response
acscdn.com/script/ 22 KB
8 KB 61ms
45ms Script
text/javascript 2606:4700:3033::ac43:90e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://acscdn.com/script/suv4r.js
Requested by: Host: acscdn.com
URL: http://acscdn.com/script/atg.js
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:90e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 972603cbd460c6d48db6fd9c590b417b949090411cde625c32c62863ed5c8514

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=Vio+bg==, md5=0b3HlXA1UkHyknjsxWiAmw==
Date: Thu, 11 Nov 2021 11:00:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 144
x-guploader-uploadid: ADPycdus1wHSeEyPsr-oM6qAwpHbfhMQaS7yXYe0hxcN7BBQqKuanf2UrgxWhiUFnyq7JpEhCkbD7ofSyRvOnfOXlq4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 28 Oct 2021 10:36:11 GMT
Server: cloudflare
etag: W/"d1bdc79570355241f29278ecc568809b"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4WWOypBgiNQZIr6IRHk8SIhiEBJ4BszBYhbojq2Pagr%2BB2OTXgtSc8WxOzg%2F%2F2eAA8EIOBo6YXxkO%2BWAUOynyMJsBB1T35IajjPhdXa%2F20EKbcrPtep9FtACaOSzqxTuOUkZkn89QzY6"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635417371105046
access-control-allow-origin: *
Content-Type: text/javascript
cache-control: public, max-age=14400
Transfer-Encoding: chunked
x-goog-stored-content-length: 22444
CF-RAY: 6ac7047f1f6359d7-MXP
expires: Thu, 11 Nov 2021 11:05:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 40ms
8ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-139142569-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3567
date: Thu, 11 Nov 2021 10:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 11 Nov 2021 12:01:06 GMT

GET
H2 200 / Show response
services.bilsyndication.com/uv/ 13 B
759 B 294ms
271ms XHR
application/json 2606:4700:20::681a:394
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.bilsyndication.com/uv/?page_url=http%3A%2F%2Fjefans.com%2F&mtk=2232
Requested by: Host: services.bilsyndication.com
URL: http://services.bilsyndication.com/adv1/?q=85124cb0cdb231f08ce8dde5cc59207d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:394 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ac7047f3fc4c2a9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13
pragma: no-cache
last-modified: Thu, 11 Nov 2021 11:00:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F7mT8Ao%2Bmucgba6z%2BFtkv0EwLK3sEVfWLQyeZs%2FKzlVGQr2ngYdKpAqXm6IYreNp3j04dUfpWe3KCJt4FJz%2BLGE83iA8tnAZAqqX3d8L7lcK2FLpBSaXBRJH7bGNz%2Bhbha3aZlaA%2BOAsgvzgGtUVhyfl7Sgh%2BeBmVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: http://jefans.com
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 85124cb0cdb231f08ce8dde5cc59207d.js Show response
biltag.bilsyndication.com/v1/1636625527/ 495 KB
158 KB 558ms
536ms Script
application/javascript 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://biltag.bilsyndication.com/v1/1636625527/85124cb0cdb231f08ce8dde5cc59207d.js
Requested by: Host: services.bilsyndication.com
URL: http://services.bilsyndication.com/adv1/?q=85124cb0cdb231f08ce8dde5cc59207d
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 825b428dc12357fdb556fb57435465ccfed97f4ef79f41e75425bda2b7a94d23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 11:00:34 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Thu, 11 Nov 2021 11:00:34 GMT
Server: cloudflare
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Robots-Tag: noindex, nofollow, noarchive, nosnippet
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JzeopOInkZ3K3BY6gMKUSIMUbYqy0vFIoSMlhgyGX08WEyJvMH0vcRaBKVNcPy9B1ymT3xn4J9%2FfTxGkVC8mCbTFbnwe%2Fs6Gz1nkqp1SfvfSt70gRDEWuY5WtzbQw0VYJErYImTN99Npwv6pQt0soOr553lxa5I%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=31536000, immutable
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6ac7047f5d98f937-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 4026128 Show response
dozubatan.com/400/ 66 KB
25 KB 86ms
33ms Script
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dozubatan.com/400/4026128

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

605ed4d2465e152732b687ef85a17e252a1569bfb09cae6730c533de07a49cb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-trace-id: 0316cb49cd4dd856e26d897c7a61de48
pragma: no-cache
date: Thu, 11 Nov 2021 11:00:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 tag.min.js Show response
pseepsie.com/pfe/current/ 15 KB
6 KB 57ms
13ms Script
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pseepsie.com/pfe/current/tag.min.js?z=4026130
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 2470cb47586fda36c627d32ff037101917f0817709853aa471a28faeb030fcf6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 11:00:33 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 14:40:12 GMT
server: nginx
etag: W/"61829f4c-3c1d"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 1 Show response
toglooman.com/ 6 KB
4 KB 94ms
50ms Script
text/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/1?z=4026129
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 1b59f925c75f5294cb4d911771f3edde59c8e6abdb5abb3af8e7a66083633b1c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 11:00:33 GMT
content-encoding: gzip
x-sc: MV08sQ5KqyAksjC_SRyvheFJQcQ_ysYCBI2PpmW_hI98pPdDijBhbJ9nGB1JI1Nj_RAxe1WMklggEakADNFWHNZB8nw=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
540 B 53ms
13ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=c745f587d3ce49c09ef0969d2c47bfef

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e807be593be98816e59ef3be737e6f234361d0b47e0d2a136e13ce812eba2b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:33 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: http://jefans.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 web Show response
onesignal.com/api/v1/sync/2fef114e-c31d-4e92-ac62-1e0daab47769/ 84 B
530 B 2157ms
2139ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/2fef114e-c31d-4e92-ac62-1e0daab47769/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151509

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9ca101c49b57a4d46b3c5b79996f564a8b611bed284217cde2361f6e7b4b3bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=88
status: 200 OK
x-envoy-upstream-service-time: 13
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 786ea970-32e5-4240-8be9-74371bf4fffb
x-runtime: 0.010507
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"32bc6b1f215fcc4ceb52589795fed297"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6ac7047f6e6342e1-FRA
access-control-allow-headers: SDK-Version
expires: Thu, 11 Nov 2021 12:00:35 GMT

GET
H/1.1 200
OK f41161178156c618ea8fd4e29221df2b_5477.jpg
crrepo.com/extban/274079820/creatives/23351338/ Frame D341 46 KB
38 KB 214ms
177ms Image
image/jpeg 2606:4700:3038::6815:eb72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://crrepo.com/extban/274079820/creatives/23351338/f41161178156c618ea8fd4e29221df2b_5477.jpg
Requested by: Host: www.linkonclick.com
URL: http://www.linkonclick.com/ad/display.php?stamat=m%257C%252Co43frYierB1dAN0dEdHP3xP.b60%252CZMkKdRAQlkuDbgTABrav5HX28Nykz1zmncZRIDrLIVnSYXbPiXC27hfR5ksw0H4pEhYV8HuM-lTGkL78EhfKDp4D0xvEe6R_onlrzgR4Z2U%252C&cbur=0.3784470095622259&cbtitle=Jefans%20%E2%80%93%20Sports%20Streams&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=
Protocol: HTTP/1.1
Server: 2606:4700:3038::6815:eb72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9540aa956bceb42282fffdb23eba7f2118dec72f74baa0650ceaf1a0ed090d90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.linkonclick.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 11:00:34 GMT
via: 1.1 google
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 24 Sep 2021 12:01:36 GMT
Server: cloudflare
etag: W/"614dbe20-b70d"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpaG2qeiZ2ohTfCWEUA086iWNvnw4ji0YGe9ieA9G8sOqHsaXtMwB1it%2BHojDIS01V6WAIz5Y50DyNJ1HZ5Iqvx7rffSYBcYYYaRDYQNFzHZaPLVFBgLwuk%2Bd2z78Ty9y5w3ONmYVDaK"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
CF-RAY: 6ac7047fbf5859b3-MXP

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 200 B
636 B 957ms
32ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=jefans.com&callback=_gfp_s_&client=ca-pub-1506247068141695

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1506247068141695&plah=jefans.com&bust=31063689

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

0500b44b265d89e4c22ebed71192119b312f10077ba82cdc5c12d85aa695f220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 938ms
30ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=jefans.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Nov 2021 11:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 940ms
25ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=jefans.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Nov 2021 11:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D9A9 603 B
248 B 49ms
48ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1506247068141695&output=html&adk=1812271804&adf=3025194257&lmt=1636628433&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fjefans.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1636628433672&bpp=10&bdt=592&idt=147&shv=r20211108&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1216004940269&frm=20&pv=2&ga_vid=1457100288.1636628434&ga_sid=1636628434&ga_hid=888364780&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063354%2C31063689%2C44748553&oid=2&pvsid=289985372373289&pem=162&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=215

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 11 Nov 2021 11:00:34 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 11 Nov 2021 11:00:34 GMT
cache-control: private

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
202 B 15ms
14ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=888364780&t=pageview&_s=1&dl=http%3A%2F%2Fjefans.com%2F&ul=en-us&de=UTF-8&dt=Jefans%20%E2%80%93%20Sports%20Streams&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1583203918&gjid=470899324&cid=1457100288.1636628434&tid=UA-139142569-1&_gid=2115133054.1636628434&_r=1&gtm=2oub80&z=383994064

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://jefans.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 11:00:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://jefans.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 403
Forbidden f6bcc3d3fdc13ad2d4327c44f39d7e5b.js
pl15874460.topprofitablegate.com/f6/bc/c3/ 0
0 103ms
103ms Script
application/javascript 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pl15874460.topprofitablegate.com/f6/bc/c3/f6bcc3d3fdc13ad2d4327c44f39d7e5b.js
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Nov 2021 11:00:34 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK / Show response
onmarshtompor.com/ 2 KB
2 KB 41ms
26ms Fetch
application/json 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://onmarshtompor.com/?rb=RFffvunrh7Oyrl3L9HDi9wzSK9w0cv60aV_wOyYZJ156OhbZ9AlViSzlYXvTnhHV7-2N0V3EDxtkykLT72d_rnMtmjMr0AVpL5vB7Q-lOzXftzbhaXG9O-smK9ji3BrdprYxu1TJvgoVABjF4IzDfDkPdvnGRscGVLgvA4C5UVNNWA7ZPeoNBkAiBODGkBpbPk7PD7IRUm0y7WscER5Jn33q9EqDMXxb4cImd4jgE1kTR7iLO0t3aRHdfhipV4gykdrytLlOXrw5EGAj&zoneid=4026131&request_ab2=0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=http%3A%2F%2Fjefans.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=2&bs=dea1b7ec-8e89-4cd3-94b7-78bb11b53321&userId=c745f587d3ce49c09ef0969d2c47bfef&m=link

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

HTTP/1.1

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

2b7c7b7cba96de196fe5273dcf4a1f2394ce2185a83930c39d82574a5e2abf7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 11:00:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Connection: keep-alive
X-Trace-Id: a348a13f087dcfaf43b26fdfd474679e
Pragma: no-cache
Server: nginx
Access-Control-Max-Age: 86400
Strict-Transport-Security: max-age=1
Content-Type: application/json
Access-Control-Allow-Origin: http://jefans.com
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 zone Show response
pseepsie.com/ 665 B
948 B 15ms
14ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pseepsie.com/zone?pub=0&zone_id=4026130&is_mobile=false&domain=jefans.com&var=&ymid=&var_3=

Requested by

Host: pseepsie.com
URL: https://pseepsie.com/pfe/current/tag.min.js?z=4026130

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ef643095f5b431c2f246009061dbbed79be1f2a3fbf7b96ec550bf3021b508db

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-trace-id: c4c1321f4045b7976839e1bfeb30fbb0
date: Thu, 11 Nov 2021 11:00:34 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: http://jefans.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 665

GET
H2 200 universal.min.js Show response
pseepsie.com/pfe/current/ 105 KB
38 KB 56ms
23ms Fetch
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pseepsie.com/pfe/current/universal.min.js?v=3.1.339
Requested by: Host: pseepsie.com
URL: https://pseepsie.com/pfe/current/tag.min.js?z=4026130
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 1a982c82df2d09c6629d76ae5c83bbf9719dfeff2bdda1e51d42a469555dd2f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 11:00:34 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 14:40:12 GMT
server: nginx
etag: W/"61829f4c-1a2a9"
content-type: application/javascript
access-control-allow-origin: http://jefans.com
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 f42d5f543e173540f12b4b2a0915dcdc Show response
toglooman.com/27/ 372 KB
122 KB 21ms
21ms Script
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://toglooman.com/27/f42d5f543e173540f12b4b2a0915dcdc

Requested by

Host: toglooman.com
URL: https://toglooman.com/1?z=4026129

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

fdf4726321914d65ac988b2a5c33e048421c8369fa40d987321c1a602f798b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Nov 2021 06:47:50 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
cache-control: max-age:290304000, public
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Wed, 03 Dec 2081 06:47:50 GMT

GET
H2 200 38 Show response
toglooman.com/42/ 0
495 B 37ms
36ms Script
text/plain 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/42/38?z=4026129
Requested by: Host: toglooman.com
URL: https://toglooman.com/1?z=4026129
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 11:00:34 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
539 B 13ms
13ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: dozubatan.com
URL: https://dozubatan.com/400/4026128

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e807be593be98816e59ef3be737e6f234361d0b47e0d2a136e13ce812eba2b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:34 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: http://jefans.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 cmp-v2.0.1.js Show response
assets.bilsyndication.com/plugins/cmptcf2/ 267 KB
72 KB 106ms
37ms Script
application/javascript 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js

Requested by

Host: biltag.bilsyndication.com
URL: http://biltag.bilsyndication.com/v1/1636625527/85124cb0cdb231f08ce8dde5cc59207d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1956237
cf-polished: origSize=489839
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Tue, 29 Dec 2020 02:18:12 GMT
server: cloudflare
etag: W/"5fea91e4-7796f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EsSMtxtDv1NCvSg4iPqkMXxIg8s%2B6vMOjuI4CmzuAKyapyLskMLcFVnY0PTEgZ7KfS%2Bvp6sP2w0bHXDSwl7P2KhPvYpG7sk3fR487DVYPFi75KTpGFEaF5nvKNRpebeOu%2FRdH2ZCKLklMpOZpFqefjtei61lxRc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 6ac70485af4159dd-MXP
expires: Tue, 19 Oct 2021 20:06:37 GMT

GET
H/1.1 200
OK prebid-6.0.0.js Show response
assets.bilsyndication.com/prebid/default/ 497 KB
150 KB 68ms
50ms Script
application/javascript 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.bilsyndication.com/prebid/default/prebid-6.0.0.js

Requested by

Host: biltag.bilsyndication.com
URL: http://biltag.bilsyndication.com/v1/1636625527/85124cb0cdb231f08ce8dde5cc59207d.js

Protocol

HTTP/1.1

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f6a6368fd81d4fa55197df50d59b03087be809f44363c59a28de55797b8b614

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 11:00:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 184006
Cf-Polished: origSize=509467
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 09 Nov 2021 07:53:35 GMT
Server: cloudflare
ETag: W/"618a28ff-7c61b"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tE6676PifEYXLVzxU396BROg%2B6Bkkq0dCcW8Wb3%2FKS9BRikxQQSGtTKzQSiq%2F3hhaZrnMkSP8NuDLPkK7gublXJjsgu21JqzobPyZr7K7%2BIsbOwyZplmLbSUOKh8brYqPdiQCefqzIGhSb0KVsC7DXSs1GWEG24%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Expires: Tue, 09 Nov 2021 08:23:48 GMT
Cache-Control: max-age=16070400
CF-RAY: 6ac70485699de8f3-MXP
Cf-Bgj: minify

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 23ms
17ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: biltag.bilsyndication.com
URL: http://biltag.bilsyndication.com/v1/1636625527/85124cb0cdb231f08ce8dde5cc59207d.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d48cf0ca8285fdf0160f5e0dc1d6cca870efa9305835d0668fb389eb38b38ddc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 11:00:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1040 / 667 of 1000 / last-modified: 1636623815"
Vary: Accept-Encoding
Report-To: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 26835
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="ads-gpt-scs"
Expires: Thu, 11 Nov 2021 11:00:34 GMT

GET
H/1.1 200
OK ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 368 KB
123 KB 30ms
17ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: biltag.bilsyndication.com
URL: http://biltag.bilsyndication.com/v1/1636625527/85124cb0cdb231f08ce8dde5cc59207d.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

013642abc6eb7dace2707aec3f8dae8d884cc284951ace55bb737bfde43f687a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 11:00:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="ads-doubleclick-instream-static"
Vary: Accept-Encoding
Report-To: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Length: 125099
X-XSS-Protection: 0
Expires: Thu, 11 Nov 2021 11:00:34 GMT

GET
H/1.1 200
OK sf_host.min.js Show response
assets.bilsyndication.com/plugins/safeframe/src/js/ 38 KB
19 KB 65ms
48ms Script
application/javascript 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://assets.bilsyndication.com/plugins/safeframe/src/js/sf_host.min.js

Requested by

Host: biltag.bilsyndication.com
URL: http://biltag.bilsyndication.com/v1/1636625527/85124cb0cdb231f08ce8dde5cc59207d.js

Protocol

HTTP/1.1

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 11:00:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1407244
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 01 Nov 2019 05:04:50 GMT
Server: cloudflare
ETag: W/"5dbbbcf2-9806"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zl1QLKbZAaLvbWkGtlan%2FNBHIjvCRs9Q980P1rxtSo8GiKdUCsrW4hLfbG1BIjiDTrZ0XwR6Q8AUk1%2BhPelrLqobbdUPbglsIVcD2M702Uo0G5EjdyJ781ACG1iahJhpadkXwm22cI53ELSe%2F3JMavP2pi8ejMk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=16070400
CF-RAY: 6ac704856f27374e-MXP
Expires: Tue, 26 Oct 2021 04:36:30 GMT

GET
H/1.1 200
OK perf.gif
perf.cdnads.com/ 43 B
323 B 67ms
26ms Image
image/gif 87.245.235.49
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://perf.cdnads.com/perf.gif
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 87.245.235.49 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 11:00:33 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=86400
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Fri, 12 Nov 2021 11:00:33 GMT

GET
H/1.1 403
Forbidden f6bcc3d3fdc13ad2d4327c44f39d7e5b.js
pl15874460.highperformancecpm.com/f6/bc/c3/ 0
0 95ms
94ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pl15874460.highperformancecpm.com/f6/bc/c3/f6bcc3d3fdc13ad2d4327c44f39d7e5b.js
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Nov 2021 11:00:34 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 4026128 Show response
dozubatan.com/500/ 1 KB
1 KB 19ms
18ms XHR
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dozubatan.com/500/4026128?excludes=&oaid=c745f587d3ce49c09ef0969d2c47bfef&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&pl=http%3A%2F%2Fjefans.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: dozubatan.com
URL: https://dozubatan.com/400/4026128

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

72374edaa409bc39b31238dad3166fbddc8cb00a473c1c02cce87bb0b32108b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://jefans.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: ea8d4222a6b0927c3c6650ffe2703f9d
pragma: no-cache
date: Thu, 11 Nov 2021 11:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: http://jefans.com
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H2 200 4026128
dozubatan.com/500/ Frame 0
0 40ms
12ms Preflight 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: http://jefans.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 11 Nov 2021 11:00:34 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: http://jefans.com
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 pubads_impl_2021111001.js Show response
securepubads.g.doubleclick.net/gpt/ 342 KB
116 KB 51ms
26ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

10149e81621b3a46836cd42ffe55748208254e3054a3013cbd6dc6b9d593521d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117754
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 09:34:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 11 Nov 2021 11:00:34 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 29 B
681 B 42ms
18ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=jefans.com

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

62faf54be09baa50aa7250184e0ca445fae9e79bbc1a2ed17e13bf88a475e0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Nov 2021 11:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45
x-xss-protection: 0
expires: Thu, 11 Nov 2021 11:00:34 GMT

POST
H2 200 9 Show response
toglooman.com/ 4 KB
2 KB 17ms
17ms XHR
application/json 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/9?z=4026129&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Fjefans.com%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&sah=1200&drf=&hil=1&ist=0
Requested by: Host: toglooman.com
URL: https://toglooman.com/27/f42d5f543e173540f12b4b2a0915dcdc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: eaea8f3fa5400c00d704fc63645650765408f30fa7e72c66b13c1036fb6d7e02

Request headers

Referer: http://jefans.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 11:00:35 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: http://jefans.com
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 204 9
toglooman.com/ Frame 0
0 45ms
14ms Preflight 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/9?z=4026129&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Fjefans.com%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&sah=1200&drf=&hil=1&ist=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://jefans.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 11 Nov 2021 11:00:34 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://jefans.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 69ms
25ms XHR
application/json 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211111

Requested by

Host: assets.bilsyndication.com
URL: http://assets.bilsyndication.com/prebid/default/prebid-6.0.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9716fc326a5af52ade7e33aae3e17a008fc0d16c9f9158de9ef0963fac2af00d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://jefans.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Nov 2021 11:00:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 28775
x-jsd-version: 1.0.1157
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19148-FRA, cache-mxp6940-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"69d-gPAqkjTqtCClM0TVv2P3PC/+GTg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6ac704871b4f3751-MXP

GET
H/1.1 200
OK 1596163502.jpg
assets.bilsyndication.com/widget/2020/07/30/ 104 KB
105 KB 27ms
26ms Image
image/webp 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://assets.bilsyndication.com/widget/2020/07/30/1596163502.jpg

Requested by

Host: jefans.com
URL: http://jefans.com/

Protocol

HTTP/1.1

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 11:00:35 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 222719
Cf-Polished: qual=85, origFmt=jpeg, origSize=140376
Content-Disposition: inline; filename="1596163502.webp"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 106784
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 31 Jul 2020 02:45:02 GMT
Server: cloudflare
ETag: "5f2385ae-22458"
X-Robots-Tag: noindex, nofollow
Vary: Accept
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ETARwBm6uKhnCdiKSaIf5LrMt5HtMzpEOGBNWE1EdBxx%2BhBHX6hesGRNFWeMP6Yxxf1GPGB%2Fyr38qMvwmDTOpvekDXzTmjnxJidoDmA11CfOz3TdDwUfFvmvc8bQ2wNh2%2B5ug%2FKo0OX%2FV0Y8LQo%2FjyS5eNGhCik%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/webp
Expires: Mon, 08 Nov 2021 21:38:36 GMT
Cache-Control: max-age=16070400
Accept-Ranges: bytes
CF-RAY: 6ac70486fcc1e8f3-MXP
Cf-Bgj: imgq:85,h2pri

GET
H/1.1 200
OK 1572962870.jpg
assets.bilsyndication.com/widget/2019/11/05/ 107 KB
108 KB 25ms
25ms Image
image/webp 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://assets.bilsyndication.com/widget/2019/11/05/1572962870.jpg

Requested by

Host: jefans.com
URL: http://jefans.com/

Protocol

HTTP/1.1

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 11:00:35 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 495331
Cf-Polished: qual=85, origFmt=jpeg, origSize=151033
Content-Disposition: inline; filename="1572962870.webp"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 109336
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 05 Nov 2019 14:07:50 GMT
Server: cloudflare
ETag: "5dc18236-24df9"
X-Robots-Tag: noindex, nofollow
Vary: Accept
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5OlQcB7AkKxdCnTf%2BfYO7TmDT91gMHr1zEN0nz4Y1vUuJZBEX8CFcA45hxiVdKqRUpHjyDtpk%2BxgHqoq1J%2B%2FO%2BK5cQ8086A4pTZe3SMu1A1s7QvBwzpm07UwQufTWDu8JjZYDN81D%2FIs5QJzQZbkvoYJVGY5p4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/webp
Expires: Fri, 05 Nov 2021 17:55:03 GMT
Cache-Control: max-age=16070400
Accept-Ranges: bytes
CF-RAY: 6ac70486fae7374e-MXP
Cf-Bgj: imgq:85,h2pri

GET
H/1.1 200
OK 1635932236.jpg
assets.bilsyndication.com/widget/2021/11/03/ 21 KB
22 KB 51ms
44ms Image
image/webp 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://assets.bilsyndication.com/widget/2021/11/03/1635932236.jpg

Requested by

Host: jefans.com
URL: http://jefans.com/

Protocol

HTTP/1.1

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f68fc51c836d43534035beeab690e3eb581cab3b2fe7d160e8dd6b614dfad63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 11:00:35 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 222753
Cf-Polished: qual=85, origFmt=jpeg, origSize=29806
Content-Disposition: inline; filename="1635932236.webp"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 21794
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Nov 2021 09:37:16 GMT
Server: cloudflare
ETag: "6182584c-746e"
X-Robots-Tag: noindex, nofollow
Vary: Accept
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qawBRH5Hc%2FcSvQm71a%2FrQ2ZKWSuEm5x9AibHiExAhUqypJIdNozQim%2BOyVmHMC8RuXU0fSMm7gWFQjMxeBqHttlSolZi8LttXKgKy%2B%2FDP8Hn%2FpcHJy9zSgzSZDyL%2FUsNAO9PshVcGX2tntCWJXcJghir5Qx7Jeo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/webp
Expires: Mon, 08 Nov 2021 21:38:02 GMT
Cache-Control: max-age=16070400
Accept-Ranges: bytes
CF-RAY: 6ac704871f460e12-MXP
Cf-Bgj: imgq:85,h2pri

GET
H/1.1 200
OK 1635928361.png
assets.bilsyndication.com/widget/2021/11/03/ 95 KB
96 KB 62ms
56ms Image
image/webp 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://assets.bilsyndication.com/widget/2021/11/03/1635928361.png

Requested by

Host: jefans.com
URL: http://jefans.com/

Protocol

HTTP/1.1

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d59625b6564d07e0b7bb8808f2273a0f930a1cbbe622ad9b4eb911abdb56ef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 11:00:35 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 222561
Cf-Polished: origFmt=png, origSize=154658
Content-Disposition: inline; filename="1635928361.webp"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 97154
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Nov 2021 08:32:41 GMT
Server: cloudflare
ETag: "61824929-25c22"
X-Robots-Tag: noindex, nofollow
Vary: Accept
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLsTqxyN5CM5EUQWj8QxgCGv%2BHWWsnJGM1IicDgIXKNsR64B6w%2BJxuF%2FJlfX%2BCM8XMrGxhB7OJECKvcz%2B3vfGiqAoDVe0lPOfY7f6euizxC1N5Uh%2F7NwqN1aCV6Vx0JdBM82A9Bk%2FW3BU062M2Ee%2Fv8sh1vyhHc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/webp
Expires: Mon, 08 Nov 2021 21:41:14 GMT
Cache-Control: max-age=16070400
Accept-Ranges: bytes
CF-RAY: 6ac704871c86e8eb-MXP
Cf-Bgj: imgq:85,h2pri

GET
H/1.1 200
OK 1635928418.png
assets.bilsyndication.com/widget/2021/11/03/ 130 KB
131 KB 47ms
41ms Image
image/webp 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://assets.bilsyndication.com/widget/2021/11/03/1635928418.png

Requested by

Host: jefans.com
URL: http://jefans.com/

Protocol

HTTP/1.1

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a2a95a3a1132f723ce3e0491f8ffff068d48e038449074b52494e552e894996

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 11:00:35 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 221652
Cf-Polished: origFmt=png, origSize=219844
Content-Disposition: inline; filename="1635928418.webp"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 132702
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Nov 2021 08:33:38 GMT
Server: cloudflare
ETag: "61824962-35ac4"
X-Robots-Tag: noindex, nofollow
Vary: Accept
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FngFOtQhFRoTTvl9%2BigrZa94SgFBut1Oyguti4ZpwGaAr8Hh2ct7%2B3891SZdOnh%2FWuIgPzyv4dIh7bPrHK7zNsjlTtUiWUREpDMKHa4eeD%2BcHRaCxGGXxk7nL2jwZ7ShfAJWK6hU7iRRSWkzufcSv1c96LZp6Wo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/webp
Expires: Mon, 08 Nov 2021 21:56:23 GMT
Cache-Control: max-age=16070400
Accept-Ranges: bytes
CF-RAY: 6ac704871a043763-MXP
Cf-Bgj: imgq:85,h2pri

GET
H/1.1 200
OK 1592802620.jpg
assets.bilsyndication.com/widget/2020/06/22/ 177 KB
178 KB 49ms
43ms Image
image/webp 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://assets.bilsyndication.com/widget/2020/06/22/1592802620.jpg

Requested by

Host: jefans.com
URL: http://jefans.com/

Protocol

HTTP/1.1

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff17fae67a8461e89b15329dfc863d7c1f75dcc594b897d5cbcc1cc2a3323cfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 11:00:35 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 495331
Cf-Polished: qual=85, origFmt=jpeg, origSize=210846
Content-Disposition: inline; filename="1592802620.webp"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 181668
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 22 Jun 2020 05:10:21 GMT
Server: cloudflare
ETag: "5ef03d3d-3379e"
X-Robots-Tag: noindex, nofollow
Vary: Accept
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rq0Re%2Fqg%2BKpHSWwimXfnZH2JLIQLXxXrIybfce3zXJCeE%2F5JEqHdmwFNYg0z%2Bt9tcd485IM%2FpBb4G%2FrFLU%2F7NyuDQIlPY%2BUx2BYx5n6WYJzSPL68FqO2JiYIGghUVWYiNkW%2Flvc4oLdK1vPBFYFfnHGlT09quhY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/webp
Expires: Fri, 05 Nov 2021 17:55:03 GMT
Cache-Control: max-age=16070400
Accept-Ranges: bytes
CF-RAY: 6ac704871cda59f5-MXP
Cf-Bgj: imgq:85,h2pri

GET
H/1.1 200
OK 1572962830.jpg
assets.bilsyndication.com/widget/2019/11/05/ 192 KB
193 KB 53ms
26ms Image
image/jpeg 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://assets.bilsyndication.com/widget/2019/11/05/1572962830.jpg

Requested by

Host: jefans.com
URL: http://jefans.com/

Protocol

HTTP/1.1

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31370f14534e5bb78d3da68b6cf0e72369feea1bd68aaeac1b61d07094aa1deb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 11:00:35 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1407019
Cf-Polished: degrade=85, origSize=227959, status=webp_bigger
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 196267
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 05 Nov 2019 14:07:11 GMT
Server: cloudflare
ETag: "5dc1820f-37a77"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=glVWTvCORe8G9bU%2BTpRyMemMgOFMqgevtwMhmN8sdMEECdL01o3jgRTh3VVYKassYUp0NRLunKG34Sd5R9lI2uKiSxURNqMdC11Qstxwn0XlDWQLI9KVR4ziQ08uwz3Bazw1x%2BiEGh5YCrP8MR%2FIq1HXR2JoiQQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Expires: Tue, 26 Oct 2021 04:40:16 GMT
Cache-Control: max-age=16070400
Accept-Ranges: bytes
CF-RAY: 6ac704874b7b374e-MXP
Cf-Bgj: imgq:85,h2pri

GET
H/1.1 200
OK 1592801729.jpg
assets.bilsyndication.com/widget/2020/06/22/ 74 KB
75 KB 45ms
29ms Image
image/webp 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://assets.bilsyndication.com/widget/2020/06/22/1592801729.jpg

Requested by

Host: jefans.com
URL: http://jefans.com/

Protocol

HTTP/1.1

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 11:00:35 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1249412
Cf-Polished: qual=85, origFmt=jpeg, origSize=103053
Content-Disposition: inline; filename="1592801729.webp"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 75514
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 22 Jun 2020 04:55:29 GMT
Server: cloudflare
ETag: "5ef039c1-1928d"
X-Robots-Tag: noindex, nofollow
Vary: Accept
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2G9YzdCHKff9UDT4i%2FuS0sDzO9gc7F9Y4o8PBTHDWkpVCOlbeweXFJyVbFSZlsnNgCLWLt%2BltwmkFoU2gxhhXwUsd2bTDA7UMte3cTiEM21CHtPDpbPKUsOiv3vErTaFmN8op9SRECRd%2FVZ3AP0nx%2BHKmT%2B4OK8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/webp
Expires: Thu, 28 Oct 2021 00:27:03 GMT
Cache-Control: max-age=16070400
Accept-Ranges: bytes
CF-RAY: 6ac704873d0ae8f3-MXP
Cf-Bgj: imgq:85,h2pri

GET
H/1.1 200
OK vi-logo.svg
assets.bilsyndication.com/media/icon/ 11 KB
4 KB 26ms
25ms Image
image/svg+xml 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://assets.bilsyndication.com/media/icon/vi-logo.svg

Requested by

Host: jefans.com
URL: http://jefans.com/

Protocol

HTTP/1.1

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 11:00:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1417388
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 01 Nov 2019 05:04:49 GMT
Server: cloudflare
ETag: W/"5dbbbcf1-2c34"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z6QseryOdWPAbE3WrHuTGvMamXUfx8IvCR9HEbhTt5n%2B%2Bai9pvdcKxFDvS2aBFseH0z2QCJL2n0EFt5y6wVqjHABl7U8oEXjXa6vBtuR0Sa1dzgYlHJD053e6eau%2FngdN9v4OwYDLlVPMHupKm0ecmOfY8FLRr8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/svg+xml
Cache-Control: max-age=16070400
CF-RAY: 6ac704875fce0e12-MXP

GET
H/1.1 200
OK vi-icon.svg
assets.bilsyndication.com/media/icon/ 3 KB
2 KB 46ms
45ms Image
image/svg+xml 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://assets.bilsyndication.com/media/icon/vi-icon.svg

Requested by

Host: jefans.com
URL: http://jefans.com/

Protocol

HTTP/1.1

Server

2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

647f43cd0cfdbafe354249e2c9831cc97c843fe0e44a726febdfb956bd1d25c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 11:00:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1417609
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 01 Nov 2019 05:04:49 GMT
Server: cloudflare
ETag: W/"5dbbbcf1-dc6"
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ane4vQtY%2FmtkuVabHsJYBATBceMsjyF%2Fuu99t9vfrQo8%2BRTPtnbvYy8krLPkkC3ZnYvB5FQsqZpnFcTS1wYJwSG60rV3nj7ie%2B0pWJ%2BlMmH8sBzBMdPtzt9ipFpybhQXHQK7VD%2FvSxLQb07N0ctLEKbCB9a7loc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/svg+xml
Cache-Control: max-age=16070400
CF-RAY: 6ac704877d64e8f3-MXP

GET
H/1.1 200
OK /
logs.bilsyndication.com/slots/ 0
691 B 159ms
141ms Image
image/jpeg 2606:4700:20::681a:294
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://logs.bilsyndication.com/slots/?d=2232&url=http%3A%2F%2Fjefans.com%2F&slots=%7B%22video_discovery%22%3A1%2C%22160_600%22%3A1%7D
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:294 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 11:00:35 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sb5cWoCjd7SkhutkhLNrH%2BPDSL3XjyxvjPjs11qRSycik7DgQHwkKRdOJyDksEgIEdGn1asfKHYDpA75YSwkxrSjNFi0RdWx33KsOBDWm9E9j8%2FSYDeZeS3m0r1PIqSO1JubJo7VOdBK9Jt%2BnKv2vH0ZamGI"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 6ac70487893f5a1f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 0

GET
H/1.1 200
OK 01602088365889.png
static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/ 2 KB
3 KB 93ms
26ms Image
image/png 139.45.197.156
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/01602088365889.png
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.156 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 11:00:35 GMT
Last-Modified: Thu, 01 Jul 2021 09:13:54 GMT
Server: nginx
ETag: "60dd8752-86d"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 2157

HEAD
H/1.1 200
OK / Show response
jefans.com/ 0
233 B 334ms
333ms XHR
text/html 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to

Full URL: http://jefans.com/
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:34 GMT
server: LiteSpeed
Connection: Keep-Alive
link: <http://jefans.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK / Show response
ashoupsu.com/5/3441487/ 3 KB
3 KB 61ms
25ms XHR
application/json 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ashoupsu.com/5/3441487/?oo=1&aab=1
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 07f7a060cbaf75ec4c55cabf14f992902e230bfc21d339e8c59e1eacf5cb2e50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 11:00:35 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 70ef35cfa06a655c1b198d9a07e49794
Pragma: no-cache, no-cache
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Server: nginx
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: http://jefans.com
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://lukomol.com>; rel="preconnect dns-prefetch"
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
ashoupsu.com/ 64 KB
23 KB 56ms
20ms Script
text/javascript 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ashoupsu.com/tag.min.js

Requested by

Host: jefans.com
URL: http://jefans.com/

Protocol

HTTP/1.1

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

09caef499825d621b4d50291fb2bd9333c915ebad77c1ee6a859345c9046cfc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 11:00:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Length: 22701
X-Trace-Id: 7deaf0db19739d6ff0dfa8910f8c9d18
Pragma: no-cache
Last-Modified: Mon, 08 Nov 2021 15:10:52 GMT
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT

HEAD
H/1.1 200
OK / Show response
jefans.com/ 0
233 B 339ms
338ms XHR
text/html 91.223.82.6
IWSNET

General

Check archive.org

Show headers Download Go to

Full URL: http://jefans.com/
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 91.223.82.6 , Netherlands, ASN199968 (IWSNET, SE),
Reverse DNS: pink.warez-host.com
Software: LiteSpeed /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:34 GMT
server: LiteSpeed
Connection: Keep-Alive
link: <http://jefans.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK g.gif
pixel.wp.com/ 50 B
247 B 22ms
6ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pixel.wp.com/g.gif?v=ext&j=1%3A10.3&blog=161107757&post=0&tz=0&srv=jefans.com&host=jefans.com&ref=&fcp=905&rand=0.21032137979854726
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Nov 2021 11:00:35 GMT
Cache-Control: no-cache
Server: nginx
Connection: keep-alive
Content-Length: 50
Content-Type: image/gif

GET
H2 200 cmp-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 8 KB
3 KB 376ms
21ms XHR
application/json 2600:9000:2156:9000:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9000:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91f0f7c572c50c1d67bfe7df208fdeac695c9c7bafd20d876fc3352c16ccab42

Request headers

Accept: application/json, text/plain, */*
Referer: http://jefans.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 03:00:38 GMT
content-encoding: br
age: 28797
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Fri, 05 Nov 2021 19:52:29 GMT
server: AmazonS3
etag: W/"a48521b7112bc88780bb74b7d674335b"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: BJO5z2rOcoUtttjDqeTIqAHlYS9zatJd
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA50-C1
content-type: application/json
x-amz-cf-id: Y3pjGuAvhUQJ6CSZJtDxNuHk0p07NOG4CHqnY51nN1w2BUWSun_iFg==

GET
H2 200 zone Show response
jouteetu.net/ 696 B
980 B 378ms
39ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://jouteetu.net/zone?pub=0&zone_id=3008391&is_mobile=false&domain=jefans.com&var=&ymid=&var_3=

Requested by

Host: jouteetu.net
URL: http://jouteetu.net/ntfc.php?p=3008391

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

73c577adf0a65f5fac50ec25176d173c319cbe52e63fecf13f0b88ac773ba024

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-trace-id: 633cf74be3f773e1801da85a3baf1c1e
date: Thu, 11 Nov 2021 11:00:35 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: http://jefans.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 696

GET
H2 200 universal.min.js Show response
jouteetu.net/pfe/current/ 105 KB
38 KB 377ms
39ms Fetch
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/pfe/current/universal.min.js?v=3.1.339
Requested by: Host: jouteetu.net
URL: http://jouteetu.net/ntfc.php?p=3008391
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 1a982c82df2d09c6629d76ae5c83bbf9719dfeff2bdda1e51d42a469555dd2f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 11:00:35 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 14:40:12 GMT
server: nginx
etag: W/"61829f4c-1a2a9"
content-type: application/javascript
access-control-allow-origin: http://jefans.com
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 img.gif
my.rtmark.net/ 43 B
490 B 14ms
14ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=e6f5d6453d8a4fbfb03588898991017c

Requested by

Host: jefans.com
URL: http://jefans.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:35 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 11 Show response
toglooman.com/ 0
518 B 15ms
15ms XHR
image/jpeg 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/11?rnd=3534905581&z=4026129&b=5362695&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=JSmYv18Fn1oCK8VG9G4kxUQVqp-MGseSb7ZWLDaucGhXoe8V65KD8jNb7I6sv9H6PpdEBTkLJGXTk7zcnZdgmPsZhttSJSoo1oVOunh2VnHm0v4kAwijHnkhZQd0_S3mYLBMgaDREtcozlShNf2HLiSZh6edoWvqpHcEyb01QDc-SHY0TTJfOViNHglU1tTY14w0EzAaBT0Fbs-f3Cfwi6dYk-vm4471zdkVHkScYTWTjU4ztWZCWyR1TF8yXHLDMPu1aExSGob2zuN78LVjer4ej6TtH9pESJVnrw==&ruid=839f1029-f61f-4990-8ec5-932dbc824e0f&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Fjefans.com%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&sah=1200&drf=&hil=1&ist=0&ot=513
Requested by: Host: toglooman.com
URL: https://toglooman.com/27/f42d5f543e173540f12b4b2a0915dcdc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 11:00:35 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: http://jefans.com
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK push.php Show response
youradexchange.com/script/ 1 KB
1 KB 156ms
156ms Fetch
application/json 35.190.41.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://youradexchange.com/script/push.php?r=4249583&ipp=1&mads=2&position=top&czid=df56bb62&aggr=3&atag=1&ppv=1&ab_test=AdOpt_B_L222_2021-10-04
Requested by: Host: acscdn.com
URL: http://acscdn.com/script/ippg.js
Protocol: HTTP/1.1
Server: 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.41.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: f776d027abb091796568ba0c5124bb0da9f926bf3a3d6f0c24727ca529b06d59

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Nov 2021 11:00:35 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: openresty
Via: 1.1 google
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK display.php Show response
youradexchange.com/n/ 2 KB
2 KB 167ms
159ms Fetch
application/json 35.190.41.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://youradexchange.com/n/display.php?r=4249579&seqid=1&cdn=1&atag=1&czid=df56bb62&aggr=3&ab_test=AdOpt_B_L222_2021-10-04
Requested by: Host: acscdn.com
URL: http://acscdn.com/script/intrf.js
Protocol: HTTP/1.1
Server: 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.41.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: edb98bbb7496d8d68e5136e08bc2234749d88c3c3a00827c4b15ad695c646050

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 11:00:35 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Link: <track.sparta-tracking.xyz>; rel=dns-prefetch,<track.sparta-tracking.xyz>; rel=preconnect,<youradexchange.com>; rel=dns-prefetch,<youradexchange.com>; rel=preconnect
Via: 1.1 google

GET
H/1.1 200
OK / Show response
interst12.com/ Frame 65DC 20 KB
6 KB 155ms
54ms Document
text/html 188.72.201.207
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D467860880%26z%3D4026129%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DJSmYv18Fn1oCK8VG9G4kxUQVqp-MGseSb7ZWLDaucGhXoe8V65KD8jNb7I6sv9H6PpdEBTkLJGXTk7zcnZdgmPsZhttSJSoo1oVOunh2VnHm0v4kAwijHnkhZQd0_S3mYLBMgaDREtcozlShNf2HLiSZh6edoWvqpHcEyb01QDc-SHY0TTJfOViNHglU1tTY14w0EzAaBT0Fbs-f3Cfwi6dYk-vm4471zdkVHkScYTWTjU4ztWZCWyR1TF8yXHLDMPu1aExSGob2zuN78LVjer4ej6TtH9pESJVnrw%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D839f1029-f61f-4990-8ec5-932dbc824e0f%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fjefans.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Requested by: Host: toglooman.com
URL: https://toglooman.com/27/f42d5f543e173540f12b4b2a0915dcdc
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 188.72.201.207 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx / PHP/7.4.24
Resource Hash: 0191a7f660300d020fba49c3660de0b99dfdb687a6ce6588148915233ec15acd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/

Response headers

Server: nginx
Date: Thu, 11 Nov 2021 11:00:35 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.24
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

GET
H/1.1 200
OK / Show response
ashoupsu.com/ 2 KB
2 KB 28ms
28ms Fetch
application/json 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ashoupsu.com/?rb=tH7fyWTtckomJCuuxhRsprZGL3LVg9gdcPg-iooh1HlVzjUiCeOFx1N2zGCuO3qKOUX7PBxfhuxawRS0QVB9cf4jK6zr5KJ8iYjibLGF78ZNPQAolg9LdvNQ3dR1z-AtIWpU365Ryo-S3ED4I2IU70CfqCVz9cBggyQimat_6cYBhJTN8bGyw16wJU7SVtcs8atn5ftVDDhCtOt35DbMkM1ECJ5q31ATmyB3w8niLF4IzzjWE4VV5c-AnYxtOGZZUYTkK-IdihGhgIZx&zoneid=3441487&request_ab2=0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=10&pl=http%3A%2F%2Fjefans.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=2&bs=84c14615-10e3-4694-9bf4-118a7c6710cf&userId=c745f587d3ce49c09ef0969d2c47bfef&m=link

Requested by

Host: ashoupsu.com
URL: http://ashoupsu.com/tag.min.js

Protocol

HTTP/1.1

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

9e6483c984cdb4dafb969390811d2418233aa26e821e6b7bb51a892e1f01ab67

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 11:00:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Connection: keep-alive
X-Trace-Id: a3147310f269c897ccee5c1aa2e393ce
Pragma: no-cache
Server: nginx
Access-Control-Max-Age: 86400
Strict-Transport-Security: max-age=1
Content-Type: application/json
Access-Control-Allow-Origin: http://jefans.com
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 47bf9e83e6a6ba42ad3b5359b431dc55_6535.jpg
crrepo.com/extban/274010220/creatives/23359822/ 7 KB
8 KB 278ms
209ms Image
image/jpeg 2606:4700:3038::6815:eb72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crrepo.com/extban/274010220/creatives/23359822/47bf9e83e6a6ba42ad3b5359b431dc55_6535.jpg
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7d1cdafe82d5dcc0fcd5583501d8e56ca0a0986bdd068f93b1e9e0b015ad697

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:36 GMT
via: 1.1 google
cf-cache-status: MISS
last-modified: Sat, 09 Oct 2021 08:31:43 GMT
server: cloudflare
etag: W/"6161536f-1da8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xe%2FRvptbVmU5MclE06sz%2BTyTBQ88p4Pe1x8eqhaXMNPqt%2FXnajeR0fWdy7GgWTf2DQzEKNj2aElh7QvAP1XdMwQIb6Z3%2BobxdZJeyOoEZ01OyuZReHgZbcXEBgJLGNiBPQoNIg79Q071"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ac7048bdc2f59e9-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 204
No Content i.php
youradexchange.com/script/ 0
162 B 196ms
140ms Image
text/plain 35.190.41.116
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://youradexchange.com/script/i.php?stamat=m%257C%252C%252CgjM6IhYnoGU3B0-GH0dEdHP3xP.1cb%252CPBx5xdPJzg8gT3uEmYnrCe3NkqEY7Pvh6zRVMKaKca8hN5XdtbohMdTIRdW9a1Mk2nFlvWz3RU5zf63A53VTpwMlpvAUCg8SpIsOJ_EQl7CeFrm84sSdGZUBb042ShKSD9leoRd0lekPSPag6xcqWbSjCQPHoeGH7ZSyvOE-57PSsnshRKISw_qNQisrM72_PC2s-zahBLd613st9gRW0B_nT-JBxGGF9WIr9Bz7JgNG5-S39FtyPsKR-lB9hs89hljdNWQGYCIZWBlcg3pH-8CQruOwrCrvWrYSDCYzbnfExY4EUFgyD51_-hphjnKWWAVvX0vACu5mxojD2wSSbQn1UDclLO2jZ_tAL-i8Ra4AN0g1c2yOeRpdb4aulrcwQ5JpdiIN_ID0EYQdjDZstyAvuIMjbMQjUKEwgHJ2LhQ3g0XP0RgzIo57kT36spLtcnBG1EzCW_xKeLTptcyP8iSFuGKXd4zN-Mg8joprMG3ko4mmBShWxXkp7wq2IqYJ43nRWk1-PVUbSv-jfDMAv5R7NcaVlZ5ZXmdTU6G7Unw9TGbYSrpA1Nl__mylnY-gSVuWs54vtefL2GmMCPn30smosL4PU6Nkgdsg_q2eNf8%252C&utsid=99764865986711531636628433573
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.41.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Nov 2021 11:00:35 GMT
Via: 1.1 google
Referrer-Policy: no-referrer
Server: openresty

GET
H/1.1 200
OK ec7ee8dc7ba3b4c6a291a23becb211c1_4403.png
crrepo.com/extban/277691220/creatives/23369170/ 143 KB
143 KB 179ms
174ms Image
image/png 2606:4700:3038::6815:eb72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://crrepo.com/extban/277691220/creatives/23369170/ec7ee8dc7ba3b4c6a291a23becb211c1_4403.png
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 2606:4700:3038::6815:eb72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62f4f2c0ba5d223ebe6fd9eec6d4454b529c9ee0396a38da0cc375b4a96c68bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 11:00:35 GMT
via: 1.1 google
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 02 Nov 2021 14:50:11 GMT
Server: cloudflare
etag: W/"61815023-23d53"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BfdCO0%2FssCQvI3YYirUwOe4iTwAb56P91IN8Ztzu9IL2i8xgW93tjTfbm1PMxr%2FrPxAZORLQEk3fFl0PIB6DgUW2GBE09BUTWuzBzw9lww2K3tSoyzhTn1ROHTGOhB2nGq%2B8IzD7zE9l"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
CF-RAY: 6ac7048b6fdb59b3-MXP

GET
H/1.1 204
No Content i.php
youradexchange.com/script/ 0
162 B 196ms
138ms Image
text/plain 35.190.41.116
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://youradexchange.com/script/i.php?stamat=m%257C%252C%252Cwjfvo2IuoGU3BJ-GH0dEdHP3xP.bb7%252Cs89ROKoLlR90kevPwsWNbCnoFEb2RarkIaf7aGZkD8PCI6zEJdtNIJuZNbipyDlXxQ-JHII6gpihgDCYmbrRobLxtKJKI-W9hYud7qK9E8uzZQLKvcPKm35Y9Qx2BuST0nP-kVsdJHaP0enLi969hJ0oRXWiVVpAN0AzZzSrMooc75AsO3CN88Kr0C4tOt2KozMqPln0TNRtiAEGJyE7yVRvu_1k-LCq6VgUoT16VRLqjdmgYvnQrqIbtmJzz-Oqt6doSeokxj3zioOo4rdlMzbZBo-jKXdlzBwvcJoDYV9o7nlSSKV-L4UYTHxwjYT6hiABTPHilikDL2RVtezBBdrVjBbc_LSEpofc_9Cmw28WeXbJIPaW_lNVUQTfuZl5rzUhcL08w-bIX6VTitLjClBGXq6GqxXb8VT_j_5MfHSDhZq-lfIV8wyQtgqubCPKClJvCB4vGFCpeKTrgHwUM93YsrUc4OOb6bfvaRhlyt-WK8G5Ec4wQzz9Dbn8XhpjtPI5vssRql5TeOCQebwKrh-50kFAtCDY5u5SRJOCHUt_bGMKlhnUchAFZtEkV9Sn9ugIF_nk0TIXy-RV5bn5zThnsdERjeOgI9Dykvzu4YXCGTEZHR9iPhGk5Ul-Prr0gAlBQsf_jTJixSBKmS_8Yw%252C%252C&utsid=99764865986711531636628433573
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.41.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Nov 2021 11:00:35 GMT
Via: 1.1 google
Referrer-Policy: no-referrer
Server: openresty

OPTIONS
H2 200 custom
pseepsie.com/ Frame 0
0 43ms
39ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pseepsie.com/custom
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://jefans.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 11 Nov 2021 11:00:35 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: http://jefans.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400

POST
H2 200 custom Show response
pseepsie.com/ 39 B
321 B 27ms
16ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pseepsie.com/custom

Requested by

Host: jefans.com
URL: http://jefans.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://jefans.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: f9f5b00a3cf3c4931bb9d1fea83bd102
date: Thu, 11 Nov 2021 11:00:35 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: http://jefans.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
539 B 40ms
17ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=b1ee6cdf55124d8da5b732fdf55a0884&zoneId=4026130&checkDuplicate=true&ymid=&var=

Requested by

Host: jefans.com
URL: http://jefans.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e807be593be98816e59ef3be737e6f234361d0b47e0d2a136e13ce812eba2b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:35 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: http://jefans.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 vendor-list.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 293 KB
34 KB 47ms
14ms XHR
application/json 2600:9000:2156:9400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf8fb4b661478893cdc01168684edb65856d41eff4281aa41aece0cc1ea1f062

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 03:00:41 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 28795
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 11 Nov 2021 03:00:32 GMT
server: AmazonS3
etag: W/"f6d4528430403c37959019252fe21ec7"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: yUPyU8c1lhaeHTWabd5WSIGBw51iJmraeaGxXxDS08BBDp1F6TixJw==

GET
H/1.1 204
No Content i.php
www.linkonclick.com/script/ Frame D341 0
162 B 149ms
149ms Image
text/plain 35.186.193.41
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.linkonclick.com/script/i.php?stamat=m%257C%252C%252CQ3Lqd3MmtGU3BU9GH0dEdHP3xP.c7c%252CBYRf5xYkU8L-UdOg8bfNidSqVsXGu-noNvaB3gxaVWwklY23VtdPbn6idgGlyXKtN5KWKPUoc5JrUmgjx8-HXO8i3IRZ4kLDc8_0H3uAd8qFs87A-kNmAlrfwr3z12BLq8QzviborW9hhheK1zlSdIbX17hKtPTaybIHEK3SXoNeApwf1VgtZqqBZtQp8Gvxd8OKG4CLwVOPeBnqEzu96g5chk7deaKM5vM0Wk_jP4EYT0xGuF4DP-ma0AgbPYfG3aoo4CjFnEaupsqEarpdRCE8ktrbHFrEUb0dW49V_1SJEEmyrzUbm4MTsHvkzTHXBmBe5jFFgC0UkLiqve9YRQ3Ie3hrJEVJCUkKmQVH8NiNkOgettB2-Y8tKv-MHqof3UI4cxRfhENSH_ZtT-dVqH842Xp8QiENlmfIsmpiuTYA63orim8ubHf6bZ_w6e3SzT_Zkgaltuadx1QbE4lqKULwMD77oYsy_sbCsoR8oKI%252C
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: HTTP/1.1
Server: 35.186.193.41 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 41.193.186.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.linkonclick.com/ad/display.php?stamat=m%257C%252Co43frYierB1dAN0dEdHP3xP.b60%252CZMkKdRAQlkuDbgTABrav5HX28Nykz1zmncZRIDrLIVnSYXbPiXC27hfR5ksw0H4pEhYV8HuM-lTGkL78EhfKDp4D0xvEe6R_onlrzgR4Z2U%252C&cbur=0.3784470095622259&cbtitle=Jefans%20%E2%80%93%20Sports%20Streams&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Nov 2021 11:00:35 GMT
Via: 1.1 google
Referrer-Policy: no-referrer
Server: openresty

GET
H2 200 defaultSkin.min.js Show response
pseepsie.com/pfe/current/ 56 KB
19 KB 17ms
15ms Fetch
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pseepsie.com/pfe/current/defaultSkin.min.js
Requested by: Host: jefans.com
URL: http://jefans.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 11:00:35 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 14:40:12 GMT
server: nginx
etag: W/"61829f4c-df63"
content-type: application/javascript
access-control-allow-origin: http://jefans.com
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 cmp2ui-en.js Show response
quantcast.mgr.consensu.org/tcfv2/23/ 469 KB
124 KB 45ms
16ms Script
text/javascript 2600:9000:2156:9400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/plugins/cmptcf2/cmp-v2.0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 587e2e7350886d6b5fd31e385638ffe5cf3331c82260e8fe76523f99cda27a42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 03:19:37 GMT
content-encoding: br
age: 27669
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Fri, 18 Dec 2020 15:09:43 GMT
server: AmazonS3
etag: W/"b999c652510fc4edd897a1d667aaee33"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: R4uqPQLkpXJt2hvFWrnlfdjJzwjVaL1wHLoMoThYliFwpReQRL6b4g==

GET
DATA 200
OK truncated
/ Frame 420E 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 custom Show response
pseepsie.com/ 39 B
322 B 22ms
22ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pseepsie.com/custom

Requested by

Host: jefans.com
URL: http://jefans.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://jefans.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 47988a85ed79884a5491cde5268d97b7
date: Thu, 11 Nov 2021 11:00:35 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: http://jefans.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

OPTIONS
H2 200 custom
pseepsie.com/ Frame 0
0 13ms
13ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pseepsie.com/custom
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://jefans.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 11 Nov 2021 11:00:35 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: http://jefans.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400

GET
H2 200 fv.js Show response
propeller-tracking.com/ Frame 65DC 5 KB
3 KB 82ms
15ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=72747&cb=187943456

Requested by

Host: interst12.com
URL: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D467860880%26z%3D4026129%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DJSmYv18Fn1oCK8VG9G4kxUQVqp-MGseSb7ZWLDaucGhXoe8V65KD8jNb7I6sv9H6PpdEBTkLJGXTk7zcnZdgmPsZhttSJSoo1oVOunh2VnHm0v4kAwijHnkhZQd0_S3mYLBMgaDREtcozlShNf2HLiSZh6edoWvqpHcEyb01QDc-SHY0TTJfOViNHglU1tTY14w0EzAaBT0Fbs-f3Cfwi6dYk-vm4471zdkVHkScYTWTjU4ztWZCWyR1TF8yXHLDMPu1aExSGob2zuN78LVjer4ej6TtH9pESJVnrw%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D839f1029-f61f-4990-8ec5-932dbc824e0f%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fjefans.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://interst12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: f0479a6f305ba104ff6fd6059740d398
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 style.css
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/ Frame 65DC 12 KB
3 KB 62ms
17ms Stylesheet
text/css 2606:4700:10::6816:1874
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/style.css?v=1518177503492
Requested by: Host: interst12.com
URL: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D467860880%26z%3D4026129%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DJSmYv18Fn1oCK8VG9G4kxUQVqp-MGseSb7ZWLDaucGhXoe8V65KD8jNb7I6sv9H6PpdEBTkLJGXTk7zcnZdgmPsZhttSJSoo1oVOunh2VnHm0v4kAwijHnkhZQd0_S3mYLBMgaDREtcozlShNf2HLiSZh6edoWvqpHcEyb01QDc-SHY0TTJfOViNHglU1tTY14w0EzAaBT0Fbs-f3Cfwi6dYk-vm4471zdkVHkScYTWTjU4ztWZCWyR1TF8yXHLDMPu1aExSGob2zuN78LVjer4ej6TtH9pESJVnrw%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D839f1029-f61f-4990-8ec5-932dbc824e0f%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fjefans.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1874 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12ec824a66b6ad652e1cf0952853b6ba3053dd76a84bbcf4bdb3c055e411c78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://interst12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 3263
last-modified: Mon, 01 Nov 2021 10:28:07 GMT
server: cloudflare
etag: W/"617fc137-30c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=14400
cf-ray: 6ac7048d3a8f6987-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 audible.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame 65DC 3 KB
3 KB 17ms
16ms Image
image/png 2606:4700:10::6816:1874
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/audible.png
Requested by: Host: interst12.com
URL: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D467860880%26z%3D4026129%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DJSmYv18Fn1oCK8VG9G4kxUQVqp-MGseSb7ZWLDaucGhXoe8V65KD8jNb7I6sv9H6PpdEBTkLJGXTk7zcnZdgmPsZhttSJSoo1oVOunh2VnHm0v4kAwijHnkhZQd0_S3mYLBMgaDREtcozlShNf2HLiSZh6edoWvqpHcEyb01QDc-SHY0TTJfOViNHglU1tTY14w0EzAaBT0Fbs-f3Cfwi6dYk-vm4471zdkVHkScYTWTjU4ztWZCWyR1TF8yXHLDMPu1aExSGob2zuN78LVjer4ej6TtH9pESJVnrw%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D839f1029-f61f-4990-8ec5-932dbc824e0f%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fjefans.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1874 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 871975b8040629c7b43de81b1a0878f40991ec2f49caddd6441b5d1f8322aeed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://interst12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:36 GMT
cf-cache-status: HIT
age: 3263
content-length: 3429
last-modified: Mon, 01 Nov 2021 10:28:07 GMT
server: cloudflare
etag: "617fc137-d65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6ac7048e6d996987-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H/1.1 200
OK 0100657458245.jpeg
interst12.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/ Frame 65DC 52 KB
53 KB 27ms
26ms Image
image/jpeg 188.72.201.207
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interst12.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/0100657458245.jpeg
Requested by: Host: interst12.com
URL: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D467860880%26z%3D4026129%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DJSmYv18Fn1oCK8VG9G4kxUQVqp-MGseSb7ZWLDaucGhXoe8V65KD8jNb7I6sv9H6PpdEBTkLJGXTk7zcnZdgmPsZhttSJSoo1oVOunh2VnHm0v4kAwijHnkhZQd0_S3mYLBMgaDREtcozlShNf2HLiSZh6edoWvqpHcEyb01QDc-SHY0TTJfOViNHglU1tTY14w0EzAaBT0Fbs-f3Cfwi6dYk-vm4471zdkVHkScYTWTjU4ztWZCWyR1TF8yXHLDMPu1aExSGob2zuN78LVjer4ej6TtH9pESJVnrw%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D839f1029-f61f-4990-8ec5-932dbc824e0f%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fjefans.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 188.72.201.207 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D467860880%26z%3D4026129%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DJSmYv18Fn1oCK8VG9G4kxUQVqp-MGseSb7ZWLDaucGhXoe8V65KD8jNb7I6sv9H6PpdEBTkLJGXTk7zcnZdgmPsZhttSJSoo1oVOunh2VnHm0v4kAwijHnkhZQd0_S3mYLBMgaDREtcozlShNf2HLiSZh6edoWvqpHcEyb01QDc-SHY0TTJfOViNHglU1tTY14w0EzAaBT0Fbs-f3Cfwi6dYk-vm4471zdkVHkScYTWTjU4ztWZCWyR1TF8yXHLDMPu1aExSGob2zuN78LVjer4ej6TtH9pESJVnrw%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D839f1029-f61f-4990-8ec5-932dbc824e0f%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fjefans.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 11:00:36 GMT
Last-Modified: Thu, 31 Jan 2019 11:14:34 GMT
Server: nginx
ETag: "5c52d89a-d0e0"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 53472

GET
H/1.1 200
OK 0933414948049.jpeg
interst12.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/ Frame 65DC 14 KB
15 KB 55ms
25ms Image
image/jpeg 188.72.201.207
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interst12.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/0933414948049.jpeg
Requested by: Host: interst12.com
URL: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D467860880%26z%3D4026129%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DJSmYv18Fn1oCK8VG9G4kxUQVqp-MGseSb7ZWLDaucGhXoe8V65KD8jNb7I6sv9H6PpdEBTkLJGXTk7zcnZdgmPsZhttSJSoo1oVOunh2VnHm0v4kAwijHnkhZQd0_S3mYLBMgaDREtcozlShNf2HLiSZh6edoWvqpHcEyb01QDc-SHY0TTJfOViNHglU1tTY14w0EzAaBT0Fbs-f3Cfwi6dYk-vm4471zdkVHkScYTWTjU4ztWZCWyR1TF8yXHLDMPu1aExSGob2zuN78LVjer4ej6TtH9pESJVnrw%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D839f1029-f61f-4990-8ec5-932dbc824e0f%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fjefans.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 188.72.201.207 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D467860880%26z%3D4026129%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DJSmYv18Fn1oCK8VG9G4kxUQVqp-MGseSb7ZWLDaucGhXoe8V65KD8jNb7I6sv9H6PpdEBTkLJGXTk7zcnZdgmPsZhttSJSoo1oVOunh2VnHm0v4kAwijHnkhZQd0_S3mYLBMgaDREtcozlShNf2HLiSZh6edoWvqpHcEyb01QDc-SHY0TTJfOViNHglU1tTY14w0EzAaBT0Fbs-f3Cfwi6dYk-vm4471zdkVHkScYTWTjU4ztWZCWyR1TF8yXHLDMPu1aExSGob2zuN78LVjer4ej6TtH9pESJVnrw%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D839f1029-f61f-4990-8ec5-932dbc824e0f%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fjefans.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 11:00:36 GMT
Last-Modified: Mon, 26 Mar 2018 13:01:51 GMT
Server: nginx
ETag: "5ab8ef3f-393b"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 14651

GET
H/1.1 200
OK 0350025199145.jpeg
interst12.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/ Frame 65DC 35 KB
35 KB 55ms
25ms Image
image/jpeg 188.72.201.207
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interst12.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/0350025199145.jpeg
Requested by: Host: interst12.com
URL: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D467860880%26z%3D4026129%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DJSmYv18Fn1oCK8VG9G4kxUQVqp-MGseSb7ZWLDaucGhXoe8V65KD8jNb7I6sv9H6PpdEBTkLJGXTk7zcnZdgmPsZhttSJSoo1oVOunh2VnHm0v4kAwijHnkhZQd0_S3mYLBMgaDREtcozlShNf2HLiSZh6edoWvqpHcEyb01QDc-SHY0TTJfOViNHglU1tTY14w0EzAaBT0Fbs-f3Cfwi6dYk-vm4471zdkVHkScYTWTjU4ztWZCWyR1TF8yXHLDMPu1aExSGob2zuN78LVjer4ej6TtH9pESJVnrw%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D839f1029-f61f-4990-8ec5-932dbc824e0f%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fjefans.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 188.72.201.207 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D467860880%26z%3D4026129%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DJSmYv18Fn1oCK8VG9G4kxUQVqp-MGseSb7ZWLDaucGhXoe8V65KD8jNb7I6sv9H6PpdEBTkLJGXTk7zcnZdgmPsZhttSJSoo1oVOunh2VnHm0v4kAwijHnkhZQd0_S3mYLBMgaDREtcozlShNf2HLiSZh6edoWvqpHcEyb01QDc-SHY0TTJfOViNHglU1tTY14w0EzAaBT0Fbs-f3Cfwi6dYk-vm4471zdkVHkScYTWTjU4ztWZCWyR1TF8yXHLDMPu1aExSGob2zuN78LVjer4ej6TtH9pESJVnrw%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D839f1029-f61f-4990-8ec5-932dbc824e0f%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fjefans.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 11:00:36 GMT
Last-Modified: Tue, 17 Jul 2018 10:46:08 GMT
Server: nginx
ETag: "5b4dc8f0-8b17"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 35607

GET
H/1.1 200
OK 01289039865190.jpeg
interst12.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/ Frame 65DC 49 KB
50 KB 56ms
26ms Image
image/jpeg 188.72.201.207
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interst12.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/01289039865190.jpeg
Requested by: Host: interst12.com
URL: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D467860880%26z%3D4026129%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DJSmYv18Fn1oCK8VG9G4kxUQVqp-MGseSb7ZWLDaucGhXoe8V65KD8jNb7I6sv9H6PpdEBTkLJGXTk7zcnZdgmPsZhttSJSoo1oVOunh2VnHm0v4kAwijHnkhZQd0_S3mYLBMgaDREtcozlShNf2HLiSZh6edoWvqpHcEyb01QDc-SHY0TTJfOViNHglU1tTY14w0EzAaBT0Fbs-f3Cfwi6dYk-vm4471zdkVHkScYTWTjU4ztWZCWyR1TF8yXHLDMPu1aExSGob2zuN78LVjer4ej6TtH9pESJVnrw%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D839f1029-f61f-4990-8ec5-932dbc824e0f%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fjefans.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 188.72.201.207 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D467860880%26z%3D4026129%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DJSmYv18Fn1oCK8VG9G4kxUQVqp-MGseSb7ZWLDaucGhXoe8V65KD8jNb7I6sv9H6PpdEBTkLJGXTk7zcnZdgmPsZhttSJSoo1oVOunh2VnHm0v4kAwijHnkhZQd0_S3mYLBMgaDREtcozlShNf2HLiSZh6edoWvqpHcEyb01QDc-SHY0TTJfOViNHglU1tTY14w0EzAaBT0Fbs-f3Cfwi6dYk-vm4471zdkVHkScYTWTjU4ztWZCWyR1TF8yXHLDMPu1aExSGob2zuN78LVjer4ej6TtH9pESJVnrw%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D839f1029-f61f-4990-8ec5-932dbc824e0f%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fjefans.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 11:00:36 GMT
Last-Modified: Thu, 31 Jan 2019 11:14:34 GMT
Server: nginx
ETag: "5c52d89a-c502"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 50434

GET
H2 200 player.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame 65DC 28 KB
28 KB 16ms
16ms Image
image/png 2606:4700:10::6816:1874
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/player.png
Requested by: Host: interst12.com
URL: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D467860880%26z%3D4026129%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DJSmYv18Fn1oCK8VG9G4kxUQVqp-MGseSb7ZWLDaucGhXoe8V65KD8jNb7I6sv9H6PpdEBTkLJGXTk7zcnZdgmPsZhttSJSoo1oVOunh2VnHm0v4kAwijHnkhZQd0_S3mYLBMgaDREtcozlShNf2HLiSZh6edoWvqpHcEyb01QDc-SHY0TTJfOViNHglU1tTY14w0EzAaBT0Fbs-f3Cfwi6dYk-vm4471zdkVHkScYTWTjU4ztWZCWyR1TF8yXHLDMPu1aExSGob2zuN78LVjer4ej6TtH9pESJVnrw%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D839f1029-f61f-4990-8ec5-932dbc824e0f%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fjefans.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1874 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1eb8cf889202f439bb6bd1a03049b2e71953c7c0a5aadddde498cbea9bcadac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://interst12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:36 GMT
cf-cache-status: HIT
age: 3239
content-length: 28527
last-modified: Mon, 01 Nov 2021 10:28:07 GMT
server: cloudflare
etag: "617fc137-6f6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6ac7048e7dc76987-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 script.js Show response
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/ Frame 65DC 1 KB
558 B 19ms
18ms Script
application/javascript 2606:4700:10::6816:1874
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/script.js?v=1518177503494
Requested by: Host: interst12.com
URL: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D467860880%26z%3D4026129%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DJSmYv18Fn1oCK8VG9G4kxUQVqp-MGseSb7ZWLDaucGhXoe8V65KD8jNb7I6sv9H6PpdEBTkLJGXTk7zcnZdgmPsZhttSJSoo1oVOunh2VnHm0v4kAwijHnkhZQd0_S3mYLBMgaDREtcozlShNf2HLiSZh6edoWvqpHcEyb01QDc-SHY0TTJfOViNHglU1tTY14w0EzAaBT0Fbs-f3Cfwi6dYk-vm4471zdkVHkScYTWTjU4ztWZCWyR1TF8yXHLDMPu1aExSGob2zuN78LVjer4ej6TtH9pESJVnrw%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D839f1029-f61f-4990-8ec5-932dbc824e0f%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Fjefans.com%252F%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1874 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55c72f42fc6ee2c502a5f86fe215690719ce746f383ec8551af1f1fb66252b2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://interst12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 3263
last-modified: Mon, 01 Nov 2021 10:28:07 GMT
server: cloudflare
etag: W/"617fc137-58b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=14400
cf-ray: 6ac7048dbbd26987-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 / Show response
audit-tcfv2.quantcast.mgr.consensu.org/ 80 B
506 B 306ms
11ms XHR
text/html 18.66.97.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22domain%22%3A%22jefans.com%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22%22%2C%22clientTimestamp%22%3A1636628436042%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-jj149bcba55vwki3tob2%22%7D
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Accept: application/json, text/plain, */*
Referer: http://jefans.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:36 GMT
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 80
last-modified: Tue, 26 Nov 2019 14:21:44 GMT
server: AmazonS3
etag: "0614149d8033903db5de46d6c184bbfd"
vary: Origin
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: JyPvGB2rUXKb1CVb1nMDMIoyVVHdkq_18-8I1bKHHJEkrQoy-MEbuw==

GET
H2 204 vctx Show response
propeller-tracking.com/ Frame 65DC 0
490 B 13ms
13ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propeller-tracking.com/vctx?t=72747

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=72747&cb=187943456

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://interst12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-trace-id: 2cc242d9005d2c6a675eb861c8551652
pragma: no-cache
date: Thu, 11 Nov 2021 11:00:36 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://interst12.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 45ms
21ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211108&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af4aee3ddefba0399d8abfed98e1542ae6d4aecc73091e5cf124f6aeffc9fe15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Nov 2021 11:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9195
x-xss-protection: 0

POST
H2 200 custom Show response
pseepsie.com/ 39 B
321 B 15ms
14ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pseepsie.com/custom

Requested by

Host: jefans.com
URL: http://jefans.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://jefans.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: b084a82dfd6004e71bf1bb65c7c0b89c
date: Thu, 11 Nov 2021 11:00:36 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: http://jefans.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

POST
H2 204 vbl
propeller-tracking.com/ Frame 65DC 0
490 B 14ms
14ms Ping
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propeller-tracking.com/vbl?t=72747&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=72747&cb=187943456

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://interst12.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: a4334cb76dade1685505939e3732d9d0
pragma: no-cache
date: Thu, 11 Nov 2021 11:00:36 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://interst12.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 custom
pseepsie.com/ Frame 0
0 14ms
14ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pseepsie.com/custom
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://jefans.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 11 Nov 2021 11:00:36 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: http://jefans.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 73ms
32ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 11 Nov 2021 11:00:36 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame D530 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Thu, 11 Nov 2021 10:58:24 GMT
expires: Fri, 11 Nov 2022 10:58:24 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 132
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C756 783 B
1 KB 45ms
17ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2d7701847a09b85fc13768599351c0cf2e5f4c884b15a1e0aa096c2662b1658e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jNJxIIlUEKhXowD8KsycQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 11 Nov 2021 11:00:36 GMT
date: Thu, 11 Nov 2021 11:00:36 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-jNJxIIlUEKhXowD8KsycQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 NTNWKiBL7yBOt2fj16hs5kaKxvBgsSqcFBAD4a9zqo0.js Show response
pagead2.googlesyndication.com/bg/ Frame D530 35 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/NTNWKiBL7yBOt2fj16hs5kaKxvBgsSqcFBAD4a9zqo0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3533562a204bef204eb767e3d7a86ce6468ac6f060b12a9c141003e1af73aa8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 12:16:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13531
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 12:16:50 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C756 0
0 79ms
78ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211108&jk=289985372373289&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
119 B 48ms
48ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211108&jk=289985372373289&bg=!pKelp-PNAAYDGbPvAxk7ACkAdvg8WpyEvwxPMxlvZjL2b_-IpuuKVr5q4o0g7s2RWcx6RDUQaVt20AIAAADGUgAAAApoAQeZArdhgZytF4nI2vWOhKxoywmn0SjJ_XrE1zCSIt3xMrnAQIJTNv4CZL-NDIga2uF4gJ-cHYp1d2ipKaymn2sadVoNtipqkHqmiOThKfbFIMbw1dMgMsae9GoCOwCHmymAnVaU_0r3_LXI2FFP9HO27R2dSQsra5T357yHAkdtAMcdCuAB7kPbvwsqzQmeLrCvyG1vgQ6-MPHy6BknHLQUelgUS6S0lSMr-u329uH3Ajp66okdrdThzi9dhIyt3e5V-ViARjTtgQ6RLHbwv-9l9ABa8LSIK8V0m0-mMOqL-SwxPODGY5aRv921j_dYem13cTOC5A-P-4njAKqvIyKJtpkjSolFwMOanQbMf77uPTmNFDLMI3hrqTMT-3zS2I_rrKtyBwtX5Y5g97m3zQ-m1YQqys3uD01GLcggYNi5sgPUqqeohGuGXiu3AlEk0oOZc0LjsqkeXT5rMQz095uWldWUNIS7eupBVl8Lvg63-YYu6xQtyrLZTcKjPosQvWnmTHtddDRiN4Xffa2YOVB_L9-HY1Sm4v-nwlBwEF6GMzWNobG-EEjQNiuG0gaO0_3JAwxCH5t6tBIos1OnfJVzHpYCwAa44_8XkrECT0xuam1ADDCVTRCbImcEHq0TukGN_Xrk8N1yAvkaUnmYm2jRHyyEgZkcMFM0LsmhflyQdzXbFGqHl0VZqhe66lFypTTB9cRoMJkhFIUHnllwSqY6zb_1_pdryaVqncUjfGMcdUADnFGeCjco94-85xOehudhdZp1jvX2KS7bdyhUND4_WoUPnj8BzE6R_dWB4tMoSAfznleJ3RecrZkC4ZHTBZgf4Z7aJQOF5LlCNVC4AY7z82MWJIK6yUu6IXLjI-gXHA7lWW0ZOPe431MvsiXAKkKFtYqDOsKT7C7S2Sc3_NUAP9o-dV0wfoF4QQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 11:00:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dgxVybDPwUJQZ65rW7L__bFzlAK4tpKIITZcMGikn9uyAhb9_LrEwVzq1YOBcHPuemc7v7z7BRrM71BpgqP3V7DEDEtgWQVUlChESTyZkEV-NgQbuoq16ODUlVG_2VXcWRXWgaK93eTmOwh8jqrwfwSvSaW2LLL6Haw6zbGJWViM6A-Lgt2lsNQSGs3sl83LGJYSH...
dozubatan.com/impression/ 43 B
325 B 14ms
14ms Image
image/gif 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dozubatan.com/impression/dgxVybDPwUJQZ65rW7L__bFzlAK4tpKIITZcMGikn9uyAhb9_LrEwVzq1YOBcHPuemc7v7z7BRrM71BpgqP3V7DEDEtgWQVUlChESTyZkEV-NgQbuoq16ODUlVG_2VXcWRXWgaK93eTmOwh8jqrwfwSvSaW2LLL6Haw6zbGJWViM6A-Lgt2lsNQSGs3sl83LGJYSHeCbpOk_ID_qQQ9yyP2Ym7BIq8RA-lPruGfkuYF557nbqDSXWc1UhoEoK3kfgsJTpP154KkVehDIQFcefYa7wsWdvAfIwF4Euc_f7E_dMs-qiquXTVmlxfFhGkJEFC64497TtYWhZMK99b6nZNkYqS93DxXNyjhOR8rVgCDbgueZF2Xozi0255KwYoWi6Wh8Sg==?_z=4026128&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=12&pl=http%3A%2F%2Fjefans.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://jefans.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-trace-id: d6008f06f5ee6b2466b488f22416ed3b
pragma: no-cache
date: Thu, 11 Nov 2021 11:00:39 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: image/gif
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
content-length: 43
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK 01602088365889.png
static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/ Frame 040C 2 KB
3 KB 14ms
14ms Image
image/png 139.45.197.156
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/01602088365889.png
Requested by: Host: dozubatan.com
URL: https://dozubatan.com/400/4026128
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.156 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 11:00:39 GMT
Last-Modified: Thu, 01 Jul 2021 09:13:54 GMT
Server: nginx
ETag: "60dd8752-86d"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 2157

GET
H2 200 4026128 Show response
dozubatan.com/500/ 3 KB
2 KB 23ms
23ms XHR
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dozubatan.com/500/4026128?excludes=9730266&oaid=c745f587d3ce49c09ef0969d2c47bfef&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=13&pl=http%3A%2F%2Fjefans.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: dozubatan.com
URL: https://dozubatan.com/400/4026128

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

45897b801172f048216cbd80ba3c3893239a8ef776cf6f6863e2698df2a3fe31

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://jefans.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 7ae83f3f0eaa6317ce2b0a2e2dd88323
pragma: no-cache
date: Thu, 11 Nov 2021 11:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: http://jefans.com
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H2 200 4026128
dozubatan.com/500/ Frame 0
0 13ms
13ms Preflight 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: http://jefans.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 11 Nov 2021 11:00:39 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: http://jefans.com
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

Verdicts & Comments Add Verdict or Comment

167 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
toglooman.com/42	1970-01-20 07:22:44	Name: OAID Value: e6f5d6453d8a4fbfb03588898991017c
toglooman.com/42	1970-01-20 07:22:44	Name: oaidts Value: 1636628433
bedrapiona.com/	1970-01-20 07:22:44	Name: OAID Value: c745f587d3ce49c09ef0969d2c47bfef
bedrapiona.com/	1970-01-20 07:22:44	Name: oaidts Value: 1636628433
my.rtmark.net/	1970-01-20 07:22:44	Name: ID Value: c745f587d3ce49c09ef0969d2c47bfef
toglooman.com/	1970-01-20 07:22:44	Name: scm Value: 1
toglooman.com/	1970-01-20 07:22:44	Name: oaidts Value: 1636628433
.jefans.com/	1970-01-20 16:08:20	Name: _ga Value: GA1.2.1457100288.1636628434
.jefans.com/	1970-01-19 22:38:34	Name: _gid Value: GA1.2.2115133054.1636628434
.jefans.com/	1970-01-19 22:37:08	Name: _gat_gtag_UA_139142569_1 Value: 1
jefans.com/	1970-01-19 22:37:08	Name: prefetchAd_4026131 Value: true
.doubleclick.net/	1970-01-19 22:37:09	Name: test_cookie Value: CheckForPermission
dozubatan.com/	1970-01-20 07:22:44	Name: OAID Value: c745f587d3ce49c09ef0969d2c47bfef
.jefans.com/	1970-01-20 07:58:44	Name: __gads Value: ID=b880da1ed2ffe734-22383b3943cb002b:T=1636628434:RT=1636628434:S=ALNI_MYmKqKW6KY9s8fRbzGAyqUisWBFYg
toglooman.com/	1970-01-20 07:22:44	Name: OAID Value: c745f587d3ce49c09ef0969d2c47bfef
jefans.com/	1970-01-19 22:37:08	Name: prefetchAd_3441487 Value: true

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://pl15874460.highperformancecpm.com/f6/bc/c3/f6bcc3d3fdc13ad2d4327c44f39d7e5b.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: http://jefans.com/(Line 627) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.displaycontentprofit.com/3031353533313232303161363165636232333030333566383838376535303335/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://jefans.com/(Line 627) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.displaycontentprofit.com/3031353533313232303161363165636232333030333566383838376535303335/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://pl15874460.topprofitablegate.com/f6/bc/c3/f6bcc3d3fdc13ad2d4327c44f39d7e5b.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://www.displaycontentprofit.com/3031353533313232303161363165636232333030333566383838376535303335/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://pl15874460.topprofitablegate.com/f6/bc/c3/f6bcc3d3fdc13ad2d4327c44f39d7e5b.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://pl15874460.highperformancecpm.com/f6/bc/c3/f6bcc3d3fdc13ad2d4327c44f39d7e5b.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acscdn.com
adservice.google.com
adservice.google.de
ashoupsu.com
assets.bilsyndication.com
audit-tcfv2.quantcast.mgr.consensu.org
bedrapiona.com
biltag.bilsyndication.com
cdn.jsdelivr.net
cdn.onesignal.com
crrepo.com
dozubatan.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
iclickcdn.com
imasdk.googleapis.com
interst12.com
jefans.com
jouteetu.net
lambingsyddir.com
littlecdn.com
logs.bilsyndication.com
my.rtmark.net
onesignal.com
onmarshtompor.com
pagead2.googlesyndication.com
partner.googleadservices.com
perf.cdnads.com
pixel.wp.com
pl15874460.highperformancecpm.com
pl15874460.topprofitablegate.com
propeller-tracking.com
pseepsie.com
quantcast.mgr.consensu.org
securepubads.g.doubleclick.net
services.bilsyndication.com
static.cdnativepush.com
stats.wp.com
test.quantcast.mgr.consensu.org
toglooman.com
tpc.googlesyndication.com
www.displaycontentprofit.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.linkonclick.com
youradexchange.com
139.45.195.8
139.45.197.156
139.45.197.234
139.45.197.237
139.45.197.238
139.45.197.239
139.45.197.240
139.45.197.243
139.45.197.250
139.45.197.251
142.250.186.66
172.255.6.123
18.66.97.22
188.72.201.207
192.0.76.3
192.243.59.13
192.243.59.20
2600:9000:2156:9000:3:a4cd:8380:93a1
2600:9000:2156:9400:9:46dc:4700:93a1
2606:4700:10::6816:1874
2606:4700:20::681a:294
2606:4700:20::681a:394
2606:4700:20::ac43:4b09
2606:4700:3033::ac43:90e8
2606:4700:3038::6815:eb72
2606:4700::6810:5814
2606:4700::6812:e134
2a00:1450:4001:808::200e
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::2008
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
35.186.193.41
35.190.41.116
87.245.235.49
91.223.82.6
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
013642abc6eb7dace2707aec3f8dae8d884cc284951ace55bb737bfde43f687a
0191a7f660300d020fba49c3660de0b99dfdb687a6ce6588148915233ec15acd
01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0500b44b265d89e4c22ebed71192119b312f10077ba82cdc5c12d85aa695f220
07f7a060cbaf75ec4c55cabf14f992902e230bfc21d339e8c59e1eacf5cb2e50
09caef499825d621b4d50291fb2bd9333c915ebad77c1ee6a859345c9046cfc0
0a4a6606857c657e2f659e917ee0c6daf4fa1554a722ac83d7f04807c10fe336
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
10149e81621b3a46836cd42ffe55748208254e3054a3013cbd6dc6b9d593521d
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1a982c82df2d09c6629d76ae5c83bbf9719dfeff2bdda1e51d42a469555dd2f7
1b59f925c75f5294cb4d911771f3edde59c8e6abdb5abb3af8e7a66083633b1c
1f18dfd43166392d53482502d316b91e27215abe16343b0dbc17110becf467d1
2470cb47586fda36c627d32ff037101917f0817709853aa471a28faeb030fcf6
24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8
281b20888c1f572bb33bc373680d2c10cd185f3d842dcdc7b9fa8253ec6dcf58
299b8e76b97667f71e96658e21de2b2aa690510277ae7ae2226cad7660cd2b20
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b7c7b7cba96de196fe5273dcf4a1f2394ce2185a83930c39d82574a5e2abf7e
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2d7701847a09b85fc13768599351c0cf2e5f4c884b15a1e0aa096c2662b1658e
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
31370f14534e5bb78d3da68b6cf0e72369feea1bd68aaeac1b61d07094aa1deb
3533562a204bef204eb767e3d7a86ce6468ac6f060b12a9c141003e1af73aa8d
3e07628a0bff02eeff9e768fd55d47c23e11d0fffd2cf928afb31fcc0369f829
3f6a6368fd81d4fa55197df50d59b03087be809f44363c59a28de55797b8b614
400f47b94ac4b3fea4a1e1551cf2f87847fdd9aa75b58bf3a8404048cd2553f1
41b60d2262cffca90f6cd644983a2d813336dc959558bdd6ae54b35ef06dd9fb
44cf1e18bda7ae6f231b4ff884f891b05cc173cae45defa98274c16a6bdc71f8
45897b801172f048216cbd80ba3c3893239a8ef776cf6f6863e2698df2a3fe31
45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f68fc51c836d43534035beeab690e3eb581cab3b2fe7d160e8dd6b614dfad63
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5070ac3b366acec9800e3c40c4e1d8284bfb14347e004267715669bdff54ae86
55c72f42fc6ee2c502a5f86fe215690719ce746f383ec8551af1f1fb66252b2e
587e2e7350886d6b5fd31e385638ffe5cf3331c82260e8fe76523f99cda27a42
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d59625b6564d07e0b7bb8808f2273a0f930a1cbbe622ad9b4eb911abdb56ef5
5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3
5e2778d4aa6e69d5502e588c3ee022d8b4fcd5be1c43321e8b0d7d7d70353d25
605ed4d2465e152732b687ef85a17e252a1569bfb09cae6730c533de07a49cb4
62f4f2c0ba5d223ebe6fd9eec6d4454b529c9ee0396a38da0cc375b4a96c68bb
62faf54be09baa50aa7250184e0ca445fae9e79bbc1a2ed17e13bf88a475e0d8
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
647f43cd0cfdbafe354249e2c9831cc97c843fe0e44a726febdfb956bd1d25c5
68f79d350d5ce1e71fef983cb9c933c5162fa3b55e08c9701cc0786519048a2e
6a905caad4c39cd893b070964a2f151975e82ff19852ad8510c8b45e7deccd1f
6b14209e4ac3cc0145c675fdfa636c2b1823ce5b6d437d06bc3d7f6df73e24ed
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72374edaa409bc39b31238dad3166fbddc8cb00a473c1c02cce87bb0b32108b3
731c982fe2f526eb1cfc47130b9d84b74c1a1038a4a518bcaf70f83ddac162a7
73c577adf0a65f5fac50ec25176d173c319cbe52e63fecf13f0b88ac773ba024
73e373f0c89d23183bc0097f19292c7833eb5d0ed607b9d0d0c4349470d3de2e
75a320b2b64363aa196daa7260f22679b2efc3f9be2c58cf0e8448ac111a962e
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5
7ba8765927c4784f8d3d7acc4f00a47de9a2c3e47eeceb5da74843e6efad22f2
818266fe4b7bbf0fe187b6190933c99af05829f70c2d6023acab03f8af5a59b0
822950eadfe1b0ea18ebd5550c5494e0164e8fae9fcb92b9fe61502bbf378032
825b428dc12357fdb556fb57435465ccfed97f4ef79f41e75425bda2b7a94d23
83573fe4e1639117194a0c506ca6f041356b29cfdf87ebe2fda19780f289bdb1
8707636ac96ec7ca9f79e8807aa7f8f0f6d9698cb5d8766b451f45218663880f
871975b8040629c7b43de81b1a0878f40991ec2f49caddd6441b5d1f8322aeed
87a1a7e65f6ceed57d27b07cac22836a7682617932fc9d4376887b0ae1754a35
89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568
8a2a95a3a1132f723ce3e0491f8ffff068d48e038449074b52494e552e894996
8de541c3a5a5779a4d58a53e72109a7916ada1b069359d87602ec98c1cf0ac1e
903af7cda9a9f3e6e55071dc51ab2eee44296a534e46378820cb167b4b597910
90f67af89f96997de24b69225c764611b1bca9ca4b9d2129e4626ca128097a5c
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
91f0f7c572c50c1d67bfe7df208fdeac695c9c7bafd20d876fc3352c16ccab42
9540aa956bceb42282fffdb23eba7f2118dec72f74baa0650ceaf1a0ed090d90
9716fc326a5af52ade7e33aae3e17a008fc0d16c9f9158de9ef0963fac2af00d
972603cbd460c6d48db6fd9c590b417b949090411cde625c32c62863ed5c8514
9b84d38d0eab1b3f6cf6491ab4bb7ec35341f6664c10465a617bcfa7f69b6a74
9e6483c984cdb4dafb969390811d2418233aa26e821e6b7bb51a892e1f01ab67
9f3923a90b38fb5a7be614b5a2fe30e39a30c4b78f7c059cc119fd03e10a2b47
a0be76c911338a04a147d23494fe0bba1e96cb78a4c6efce737b072466c8a346
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a229d87ea219a11f4e8fdc066ae4a5a38c674001759fa779d82394cf1d1566b8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
aa081436fdbf78060847f4dbd6cc95f88a435c2f995e03aedf16cae94bb48762
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
af4aee3ddefba0399d8abfed98e1542ae6d4aecc73091e5cf124f6aeffc9fe15
b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022
b1120d33c5555905f10c16db625451efe382d21e8091a46b00a9791005f6a213
b229ce92870ce24154c3dd5cb3666bd3b86c35963ab0a924fb5db1378422b591
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
b9ca101c49b57a4d46b3c5b79996f564a8b611bed284217cde2361f6e7b4b3bc
bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf8fb4b661478893cdc01168684edb65856d41eff4281aa41aece0cc1ea1f062
d12ec824a66b6ad652e1cf0952853b6ba3053dd76a84bbcf4bdb3c055e411c78
d1eb8cf889202f439bb6bd1a03049b2e71953c7c0a5aadddde498cbea9bcadac
d48cf0ca8285fdf0160f5e0dc1d6cca870efa9305835d0668fb389eb38b38ddc
d9acf0ffd3ec7320876a9a857c2a2c35e4a8d7985e3de01680d1fcd5f4e7dab7
d9dd92d5c8e808e7d6e44ea23104f3fd299da48f1c926968ab4336bd8188e737
db8821659f8bb147f331d30c9eecc50951e045b5e4210785a9afa9ed8afcd9b7
dc99da913f75c9039bf70c07a07c1c69f319f92e7fec9b6505a3adde456004fc
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e045b801b25884d661e4b57f517777b263868e7e27d61bb966f7de69a0597f6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e708fe12174d8be13093cdb95f27dbb23e1c1f5ecf15cf06d18af852679acee7
e807be593be98816e59ef3be737e6f234361d0b47e0d2a136e13ce812eba2b2b
e8f37268f357d88fc2074ff147ee4649fb2067921719f771537dbdc98dd614d1
eaea8f3fa5400c00d704fc63645650765408f30fa7e72c66b13c1036fb6d7e02
edb98bbb7496d8d68e5136e08bc2234749d88c3c3a00827c4b15ad695c646050
ef643095f5b431c2f246009061dbbed79be1f2a3fbf7b96ec550bf3021b508db
efe96b925aac113eab9c6cdc355ef07ee9a832442ac638961f025f814c55833b
f2b8f0d67e553a0dd5b8fc45cef1c3e39c6a1d8c4e60050e1df5fa6c582f0068
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d
f776d027abb091796568ba0c5124bb0da9f926bf3a3d6f0c24727ca529b06d59
f7d1cdafe82d5dcc0fcd5583501d8e56ca0a0986bdd068f93b1e9e0b015ad697
fdf4726321914d65ac988b2a5c33e048421c8369fa40d987321c1a602f798b39
ff17fae67a8461e89b15329dfc863d7c1f75dcc594b897d5cbcc1cc2a3323cfc
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

jefans.com Open in urlscan Pro 91.223.82.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

160 Requests

49 %HTTPS

51 %IPv6

38 Domains

49 Subdomains

44 IPs

4 Countries

3434 kBTransfer

7581 kBSize

16 Cookies

4 Outgoing links

Redirected requests

160 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

jefans.com Open in urlscan Pro
91.223.82.6 Public Scan

Screenshot
Live screenshot

Full Image

160
Requests

49 %
HTTPS

51 %
IPv6

38
Domains

49
Subdomains

44
IPs

4
Countries

3434 kB
Transfer

7581 kB
Size

16
Cookies

160 HTTP transactions
1 data transactions