Submitted URL: http://redshifttrade.us/
Effective URL: https://redshifttrade.us/
Submission: On April 13 via manual from PH

Summary

This website contacted 21 IPs in 4 countries across 16 domains to perform 108 HTTP transactions. The main IP is 198.54.116.63, located in United States and belongs to NAMECHEAP-NET, US. The main domain is redshifttrade.us.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 14th 2021. Valid for: a year.
This is the only time redshifttrade.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
29 redshifttrade.us 1 redirects redshifttrade.us
12 cdn1.telesco.pe xn--r1a.website
11 tlgr.org xn--r1a.website
9 www.youtube.com redshifttrade.us
www.youtube.com
7 rf.revolvermaps.com redshifttrade.us
rf.revolvermaps.com
6 client.crisp.chat redshifttrade.us
client.crisp.chat
4 www.gstatic.com redshifttrade.us
translate.googleapis.com
www.youtube.com
4 translate.googleapis.com translate.google.com
translate.googleapis.com
srcdoc
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 www.googletagmanager.com redshifttrade.us
www.googletagmanager.com
3 fonts.gstatic.com www.youtube.com
fonts.googleapis.com
3 xn--r1a.website redshifttrade.us
tlgr.org
2 cdn4.telesco.pe xn--r1a.website
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 widget.supercounters.com redshifttrade.us
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 fonts.googleapis.com xn--r1a.website
1 www.supercounters.com widget.supercounters.com
1 translate.google.com redshifttrade.us
108 22

This site contains links to these domains. Also see Links.

Domain
translate.google.com
www.instagram.com
t.me
Subject Issuer Validity Valid
redshifttrade.us
Sectigo RSA Domain Validation Secure Server CA
2021-02-14 -
2022-02-14
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.google.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.revolvermaps.com
R3
2021-02-05 -
2021-05-06
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-22 -
2021-07-22
a year crt.sh
crisp.chat
Cloudflare Inc ECC CA-3
2020-08-08 -
2021-08-08
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
xn--r1a.website
R3
2021-03-02 -
2021-05-31
3 months crt.sh
*.supercounters.com
Sectigo RSA Domain Validation Secure Server CA
2020-06-24 -
2022-09-26
2 years crt.sh
*.gstatic.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
tlgr.org
R3
2021-03-17 -
2021-06-15
3 months crt.sh
*.telesco.pe
Go Daddy Secure Certificate Authority - G2
2020-03-10 -
2022-04-13
2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.doubleclick.net
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
www.google.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.googleusercontent.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
edgestatic.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh

This page contains 5 frames:

Primary Page: https://redshifttrade.us/
Frame ID: 09E097C666634CC3137B86E79D87E1D7
Requests: 63 HTTP requests in this frame

Frame: https://www.youtube.com/embed/-IQ-8ksO0uA
Frame ID: E503A83B4267FE804DB99BA588F8AD3B
Requests: 17 HTTP requests in this frame

Frame: https://xn--r1a.website/s/redshifttrade
Frame ID: 8EE325EC7ACC6AA23C4EF6E3159907D8
Requests: 33 HTTP requests in this frame

Frame: https://rf.revolvermaps.com/w24/a/a.php?i=5ot78eywop2&d=2&p=0&b=0&w=293&g=2&f=arial&fs=12&r=0&c0=362b05&c1=ff0000&c2=ffffff&ic0=0&ic1=0
Frame ID: 7A35296718D6C22C099FF35BF54DB72D
Requests: 4 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: B77B816BD693E795CD476CE3812128EE
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://redshifttrade.us/ HTTP 301
    https://redshifttrade.us/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<[^>]+class="[^"]*(?:uk-container|uk-section)/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

108
Requests

99 %
HTTPS

75 %
IPv6

16
Domains

22
Subdomains

21
IPs

4
Countries

2745 kB
Transfer

6679 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://redshifttrade.us/ HTTP 301
    https://redshifttrade.us/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

108 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
redshifttrade.us/
Redirect Chain
  • http://redshifttrade.us/
  • https://redshifttrade.us/
59 KB
11 KB
Document
General
Full URL
https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.63 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server120-4.web-hosting.com
Software
Apache /
Resource Hash
4aa95019f9925c17823296d2544f8ea785f3cb1e6368757b8dc9b3bfe0300324

Request headers

:method
GET
:authority
redshifttrade.us
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:09 GMT
server
Apache
last-modified
Sat, 10 Apr 2021 06:56:22 GMT
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-length
11359
content-type
text/html

Redirect headers

date
Tue, 13 Apr 2021 03:27:09 GMT
server
Apache
location
https://redshifttrade.us/
content-length
233
content-type
text/html; charset=iso-8859-1
uikit.min.js
redshifttrade.us/js/vendors/
130 KB
41 KB
Script
General
Full URL
https://redshifttrade.us/js/vendors/uikit.min.js
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.63 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server120-4.web-hosting.com
Software
Apache /
Resource Hash
2e20d5699ee7575d3ba7f020ce63869e10b7cfe9b5f563b6c8df0b2372404391

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:10 GMT
content-encoding
gzip
last-modified
Fri, 29 Jan 2021 05:07:16 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
none
content-length
41883
uikit.min.css
redshifttrade.us/css/vendors/
237 KB
26 KB
Stylesheet
General
Full URL
https://redshifttrade.us/css/vendors/uikit.min.css
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.63 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server120-4.web-hosting.com
Software
Apache /
Resource Hash
c795784276c739b442178903570af49a4fbf5235dd4a06584aecfe3b08edce4b

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:10 GMT
content-encoding
gzip
last-modified
Fri, 09 Apr 2021 21:36:24 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
none
content-length
26938
style.css
redshifttrade.us/css/
133 KB
22 KB
Stylesheet
General
Full URL
https://redshifttrade.us/css/style.css
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.63 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server120-4.web-hosting.com
Software
Apache /
Resource Hash
4c41dd1b081f08e8834dba06d58101fff5e15c994df697a9fecf972d5d89c06e

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:10 GMT
content-encoding
gzip
last-modified
Fri, 09 Apr 2021 21:36:24 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
none
content-length
22427
fa-brands-400.woff2
redshifttrade.us/fonts/
75 KB
75 KB
Font
General
Full URL
https://redshifttrade.us/fonts/fa-brands-400.woff2
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.63 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server120-4.web-hosting.com
Software
Apache /
Resource Hash
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29

Request headers

Origin
https://redshifttrade.us
Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:10 GMT
last-modified
Fri, 29 Jan 2021 05:07:16 GMT
server
Apache
accept-ranges
bytes
content-length
76612
content-type
font/woff2
fa-solid-900.woff2
redshifttrade.us/fonts/
78 KB
78 KB
Font
General
Full URL
https://redshifttrade.us/fonts/fa-solid-900.woff2
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.63 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server120-4.web-hosting.com
Software
Apache /
Resource Hash
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

Origin
https://redshifttrade.us
Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:10 GMT
last-modified
Fri, 29 Jan 2021 05:07:16 GMT
server
Apache
accept-ranges
bytes
content-length
79444
content-type
font/woff2
inter-v2-latin-regular.woff2
redshifttrade.us/fonts/
17 KB
17 KB
Font
General
Full URL
https://redshifttrade.us/fonts/inter-v2-latin-regular.woff2
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.63 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server120-4.web-hosting.com
Software
Apache /
Resource Hash
44fc4fed0b7984a791c7ef112d59885b3f891fae11859f465ad236b9a5d28fb3

Request headers

Origin
https://redshifttrade.us
Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:10 GMT
last-modified
Fri, 29 Jan 2021 05:07:16 GMT
server
Apache
accept-ranges
bytes
content-length
16904
content-type
font/woff2
inter-v2-latin-500.woff2
redshifttrade.us/fonts/
17 KB
17 KB
Font
General
Full URL
https://redshifttrade.us/fonts/inter-v2-latin-500.woff2
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.63 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server120-4.web-hosting.com
Software
Apache /
Resource Hash
ac8ff91d67397bfcf542f0d59a6b1f97d0666f44fe9eb02d82f614d87f2bc496

Request headers

Origin
https://redshifttrade.us
Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:10 GMT
last-modified
Fri, 29 Jan 2021 05:07:16 GMT
server
Apache
accept-ranges
bytes
content-length
17728
content-type
font/woff2
inter-v2-latin-700.woff2
redshifttrade.us/fonts/
18 KB
18 KB
Font
General
Full URL
https://redshifttrade.us/fonts/inter-v2-latin-700.woff2
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.63 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server120-4.web-hosting.com
Software
Apache /
Resource Hash
af3b3cbe273de7c79ed7fb4a85abdb5fb60a391302828284c9035d3a407f7cd9

Request headers

Origin
https://redshifttrade.us
Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:10 GMT
last-modified
Fri, 29 Jan 2021 05:07:16 GMT
server
Apache
accept-ranges
bytes
content-length
17924
content-type
font/woff2
js
www.googletagmanager.com/gtag/
97 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-191795073-2
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c0b42689184bb8eac7fdecb61c0313c621b948521c2c24118dcb3351f3c71763
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:10 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39121
x-xss-protection
0
last-modified
Tue, 13 Apr 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 13 Apr 2021 03:27:10 GMT
in-lazy.gif
redshifttrade.us/img/
62 B
182 B
Image
General
Full URL
https://redshifttrade.us/img/in-lazy.gif
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.63 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server120-4.web-hosting.com
Software
Apache /
Resource Hash
47b7befcec2f2dde8bae8ab0e46878b1986247c47df68343353ce18c2e805b78

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:10 GMT
last-modified
Fri, 29 Jan 2021 05:07:18 GMT
server
Apache
accept-ranges
bytes
content-length
62
content-type
image/gif
element.js
translate.google.com/translate_a/
4 KB
2 KB
Script
General
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
d9fa8b7840d5568cbf60193e899e00c2c1c1648e480bae6dce8a94d1cb943609
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Apr 2021 03:27:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
HTTP server (unknown)
content-language
en
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1876
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
in-liquid-7-mockup.png
redshifttrade.us/img/
59 KB
59 KB
Image
General
Full URL
https://redshifttrade.us/img/in-liquid-7-mockup.png
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.63 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server120-4.web-hosting.com
Software
Apache /
Resource Hash
7b71b7935ef704b5486f7eddc61dd833f465ba11523c99470a5333dfa6d30ae6

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:10 GMT
last-modified
Fri, 29 Jan 2021 05:07:26 GMT
server
Apache
accept-ranges
bytes
content-length
60607
content-type
image/png
0.js
rf.revolvermaps.com/0/0/
1 KB
1 KB
Script
General
Full URL
https://rf.revolvermaps.com/0/0/0.js?i=5ot78eywop2&d=2&p=0&b=0&w=293&g=2&f=arial&fs=12&r=0&c0=362b05&c1=ff0000&c2=ffffff&ic0=0&ic1=0
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
c262f27abcd636af1c3c20b4b19c55e28b206e29b4c75269d3f1aed51710f81a

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 03:27:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Sep 2014 15:31:19 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=100
Content-Length
720
online_i.js
widget.supercounters.com/ssl/
4 KB
2 KB
Script
General
Full URL
https://widget.supercounters.com/ssl/online_i.js
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:9a78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b01052595d22238c23ad27dfb118270dc17124aa47731d3308824fbf182511b6

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4771
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
096adddbef00004ea965a65000000001
last-modified
Tue, 11 Jul 2017 06:49:04 GMT
server
cloudflare
etag
W/"596474e0-109e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cqFwp9oU%2BTAFwanjS1FZ4ZEua3H3toskhtL064bpC4v9s%2BmUM%2BOthiDrwHlkDAsqFlysnS6cQQeaza4V%2F3ZGPnzCILr3mRGRWTQS3W3hJYE3vQgDDZ98%2Fziz3eMTTrUCL8j5KJI%3D"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
63f198d97ceb4ea9-FRA
blockit.min.js
redshifttrade.us/js/vendors/
11 KB
3 KB
Script
General
Full URL
https://redshifttrade.us/js/vendors/blockit.min.js
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.63 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server120-4.web-hosting.com
Software
Apache /
Resource Hash
0cdc45414faebd39996b7ba015fad00da0624a56b9bca698ef124afdb66921d4

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:10 GMT
content-encoding
gzip
last-modified
Fri, 29 Jan 2021 05:07:14 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
none
content-length
3409
config-theme.js
redshifttrade.us/js/
2 KB
982 B
Script
General
Full URL
https://redshifttrade.us/js/config-theme.js
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.63 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server120-4.web-hosting.com
Software
Apache /
Resource Hash
0a2a1eb7fd5d18792ee125deb8f6e2156bead14cb7249ce21676d9f1511b7658

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:10 GMT
content-encoding
gzip
last-modified
Fri, 29 Jan 2021 05:07:14 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
825
l.js
client.crisp.chat/
8 KB
3 KB
Script
General
Full URL
https://client.crisp.chat/l.js
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b47aa96b51209d8f0c759a15da938402b6ccdaa3949bdfacb9660c4a9f7e6631
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
63329
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
096adddbef000005bb0c98c000000001
last-modified
Mon, 12 Apr 2021 09:51:03 GMT
server
cloudflare
etag
W/"60741807-1e7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=86400
access-control-allow-credentials
false
cf-ray
63f198d97b0c05bb-FRA
access-control-allow-headers
Content-Type, Origin
expires
Wed, 14 Apr 2021 03:27:10 GMT
gtm.js
www.googletagmanager.com/
74 KB
29 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P6D33N9
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fd658c9ddb92935566c0fca89d3bd5f640584a5f8a545686d6ab3dfa49bd7d2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:10 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29748
x-xss-protection
0
last-modified
Tue, 13 Apr 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 13 Apr 2021 03:27:10 GMT
js
www.googletagmanager.com/gtag/
128 KB
49 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZKVZ97CYDE&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6D33N9
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
89ec8ad066b71b7e92e23c3308ed72dc3506c4a4006b3468c6ea37783b731287
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:10 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50372
x-xss-protection
0
expires
Tue, 13 Apr 2021 03:27:10 GMT
js
www.googletagmanager.com/gtag/
128 KB
50 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HTMQQJGY8B&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6D33N9
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
77e5490026bdea69953da0b5e9e6cd13aff5d39f34ff2c372251821ec0599fa7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:10 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50355
x-xss-protection
0
expires
Tue, 13 Apr 2021 03:27:10 GMT
client.js
client.crisp.chat/static/javascripts/
383 KB
83 KB
Script
General
Full URL
https://client.crisp.chat/static/javascripts/client.js?f49ba90
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/l.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bee6dbd6ac08a3dcf4f5b044d5a27bbf397e485ee8ff4445d14eb8bd48be4386
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
63329
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
096adddc66000005bbd636a000000001
last-modified
Mon, 12 Apr 2021 09:51:03 GMT
server
cloudflare
etag
W/"60741807-5fb21"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=315360000
access-control-allow-credentials
false
cf-ray
63f198da3bd205bb-FRA
access-control-allow-headers
Content-Type, Origin
expires
Fri, 11 Apr 2031 03:27:10 GMT
client_default.css
client.crisp.chat/static/stylesheets/
324 KB
36 KB
Stylesheet
General
Full URL
https://client.crisp.chat/static/stylesheets/client_default.css?f49ba90
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/l.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab05a30bd45cd08814e10a3f5d81b8624492907d4a70dfdcdb9d433b552c20d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
63329
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
096adddc67000005bb00a8d000000001
last-modified
Mon, 12 Apr 2021 09:51:03 GMT
server
cloudflare
etag
W/"60741807-50e5f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=315360000
access-control-allow-credentials
false
cf-ray
63f198da3bd305bb-FRA
access-control-allow-headers
Content-Type, Origin
expires
Fri, 11 Apr 2031 03:27:10 GMT
collect
www.google-analytics.com/g/
0
74 B
Other
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-ZKVZ97CYDE&gtm=2oe3v0&_p=696943844&sr=1600x1200&ul=en-us&cid=1717339110.1618284431&_s=1&dl=https%3A%2F%2Fredshifttrade.us%2F&dt=Welcome%20To%20Redshift%20Trade%20LTD%20%7C%20Trade%20Cryptocurrency%2C%20Forex%20%26%20CFD%27s%20On%20Autopilot&sid=1618284430&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZKVZ97CYDE&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Apr 2021 03:27:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://redshifttrade.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/
0
127 B
Other
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-HTMQQJGY8B&gtm=2oe3v0&_p=696943844&sr=1600x1200&ul=en-us&cid=1717339110.1618284431&_s=1&dl=https%3A%2F%2Fredshifttrade.us%2F&dt=Welcome%20To%20Redshift%20Trade%20LTD%20%7C%20Trade%20Cryptocurrency%2C%20Forex%20%26%20CFD%27s%20On%20Autopilot&sid=1618284430&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HTMQQJGY8B&l=dataLayer&cx=c
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Apr 2021 03:27:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://redshifttrade.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-191795073-2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
5734
date
Tue, 13 Apr 2021 01:51:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Tue, 13 Apr 2021 03:51:36 GMT
collect
www.google-analytics.com/j/
1 B
282 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=696943844&t=pageview&_s=1&dl=https%3A%2F%2Fredshifttrade.us%2F&ul=en-us&de=UTF-8&dt=Welcome%20To%20Redshift%20Trade%20LTD%20%7C%20Trade%20Cryptocurrency%2C%20Forex%20%26%20CFD%27s%20On%20Autopilot&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAUABAAAAAC~&jid=2132871808&gjid=1787099654&cid=1717339110.1618284431&tid=UA-191795073-2&_gid=375390498.1618284431&_r=1&gtm=2ou3v0&z=192866420
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Apr 2021 03:27:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://redshifttrade.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
translateelement.css
translate.googleapis.com/translate_static/css/
18 KB
3 KB
Stylesheet
General
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 02:56:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
1842
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3130
x-xss-protection
0
last-modified
Wed, 24 Feb 2021 19:45:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 13 Apr 2021 03:56:29 GMT
main.js
translate.googleapis.com/translate_static/js/element/
4 KB
2 KB
Script
General
Full URL
https://translate.googleapis.com/translate_static/js/element/main.js
Requested by
Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f35659d030651ea3acc6d6e97475b42eaa60d5700e83f9623cf90904d42cec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 02:42:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
2682
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1673
x-xss-protection
0
last-modified
Thu, 25 Feb 2021 22:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 13 Apr 2021 03:42:29 GMT
-IQ-8ksO0uA
www.youtube.com/embed/ Frame E503
50 KB
21 KB
Document
General
Full URL
https://www.youtube.com/embed/-IQ-8ksO0uA
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1452a015ca827373148d1f05084fac40373220c8bcff3766c3b593333b4a8851
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/-IQ-8ksO0uA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://redshifttrade.us/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://redshifttrade.us/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 13 Apr 2021 03:27:11 GMT
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=SeRIIUJtjbU; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=qaGPXhkuJEQ; Domain=.youtube.com; Expires=Sun, 10-Oct-2021 03:27:11 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+366; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
redshifttrade
xn--r1a.website/s/ Frame 8EE3
61 KB
11 KB
Document
General
Full URL
https://xn--r1a.website/s/redshifttrade
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
0a4cbab79f382da32b45ec37f01567da70f4903a0cb12f5859f3bf6cc618d606
Security Headers
Name Value
Strict-Transport-Security max-age=35768000 max-age=0

Request headers

Host
xn--r1a.website
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://redshifttrade.us/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://redshifttrade.us/

Response headers

Server
nginx
Date
Tue, 13 Apr 2021 03:27:11 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Pragma
no-cache
Cache-control
no-store
Strict-Transport-Security
max-age=35768000 max-age=0
Content-Encoding
gzip
in-liquid-slide-bg.png
redshifttrade.us/img/
85 KB
85 KB
Image
General
Full URL
https://redshifttrade.us/img/in-liquid-slide-bg.png
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.63 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server120-4.web-hosting.com
Software
Apache /
Resource Hash
74fcc48fc65107aa9c18331c7841cc95eaa59f3f4bf9d1616eb54c30bccce2d8

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:11 GMT
last-modified
Fri, 29 Jan 2021 05:07:42 GMT
server
Apache
accept-ranges
bytes
content-length
87327
content-type
image/png
in-liquid-7-bg.png
redshifttrade.us/img/
138 KB
139 KB
Image
General
Full URL
https://redshifttrade.us/img/in-liquid-7-bg.png
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.63 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server120-4.web-hosting.com
Software
Apache /
Resource Hash
92c035efe2e6184801be4bdb7597abc1898f461ea6336ac19327172c58e14cb5

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:11 GMT
last-modified
Fri, 29 Jan 2021 05:07:30 GMT
server
Apache
accept-ranges
bytes
content-length
141690
content-type
image/png
in-liquid-card-bg.png
redshifttrade.us/img/
15 KB
15 KB
Image
General
Full URL
https://redshifttrade.us/img/in-liquid-card-bg.png
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.63 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server120-4.web-hosting.com
Software
Apache /
Resource Hash
d44d2e0f6b3740a2f7eb77b8b6d49bbf3b898e4e2e220906505907d2bae54f41

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:11 GMT
last-modified
Fri, 29 Jan 2021 05:07:26 GMT
server
Apache
accept-ranges
bytes
content-length
15131
content-type
image/png
in-liquid-5-bg.png
redshifttrade.us/img/
19 KB
19 KB
Image
General
Full URL
https://redshifttrade.us/img/in-liquid-5-bg.png
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.63 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server120-4.web-hosting.com
Software
Apache /
Resource Hash
d999596076e920fba38a2515073340fb894212799db4d39d4c62767378a304d2

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:11 GMT
last-modified
Fri, 29 Jan 2021 05:07:26 GMT
server
Apache
accept-ranges
bytes
content-length
19780
content-type
image/png
fc.php
www.supercounters.com/
28 B
279 B
Script
General
Full URL
https://www.supercounters.com/fc.php?id=1609911&w=1&v=2&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&ref=&url=https%3A%2F%2Fredshifttrade.us%2F&sw=1600&sh=1200&rand=22
Requested by
Host: widget.supercounters.com
URL: https://widget.supercounters.com/ssl/online_i.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.104.29.90 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
nginx/1.12.2 / PHP/7.4.13
Resource Hash
b8202dbf11d6a1e1e2053569a938cf6c9a048046d5ebb8e20616865f0eb520fd

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 03:27:12 GMT
Content-Encoding
gzip
Server
nginx/1.12.2
Connection
keep-alive
X-Powered-By
PHP/7.4.13
Transfer-Encoding
chunked
Content-Type
application/x-javascript
c.php
rf.revolvermaps.com/js/
43 B
289 B
Image
General
Full URL
https://rf.revolvermaps.com/js/c.php?i=5ot78eywop2
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 03:27:11 GMT
Last-Modified
Tue, 13 Apr 2021 03:27:11 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=900
Connection
Keep-Alive
Keep-Alive
timeout=4, max=99
Content-Length
43
r.php
rf.revolvermaps.com/js/
43 B
215 B
Image
General
Full URL
https://rf.revolvermaps.com/js/r.php?i=5ot78eywop2&l=https%3A%2F%2Fredshifttrade.us%2F&r=1618284431817
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 03:27:11 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=4, max=98
Content-Length
43
Content-Type
image/gif
truncated
/
70 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9013420951bd8d131a0721dab55ff27b37d3b4cae4bd67f5ccd177ed37f4623a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
71 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5c4c0efe6a994665b234f55765562be057caf685176a89acdbe5c68c408ff301

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
69 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b85bcb075a13466616c573a91f310265b48c0879b56e003d4d3b7c421eee188

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
69 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6368f6246fd9a23729b2507b796740811adf20b635ec21556c315160d5be64b0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
71 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f320cdcf165a64a73a9a84905c4261c8d3fa07c39c7d0c03ec4194e33dc09676

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
70 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28efedd94986159d3582bdf9517da0d2242d64771d163a989b5c785be49a1be2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
70 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ef2e8acfa202a147acea4d0116c84a0dff35cfcef1ba3843dc01a395ac76b15

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
client.crisp.chat/settings/website/e400238a-2f2a-4a7e-a565-89f21e1d81e7/prelude/
78 B
362 B
Script
General
Full URL
https://client.crisp.chat/settings/website/e400238a-2f2a-4a7e-a565-89f21e1d81e7/prelude/?callback=window.%24crisp.__spool.website_handler&2021-3-13-5-27
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?f49ba90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0514be156f4dcb18d068d671e6fc80fdc43612afd55806deacad2270819a43e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
096adde292000005bbde21f000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=14400
access-control-allow-credentials
false
cf-ray
63f198e41f4f05bb-FRA
access-control-allow-headers
Content-Type, Origin
expires
Tue, 13 Apr 2021 07:27:12 GMT
element_main.js
translate.googleapis.com/element/TE_20210224_00/e/js/element/
250 KB
90 KB
Script
General
Full URL
https://translate.googleapis.com/element/TE_20210224_00/e/js/element/element_main.js
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca537b74a51c73d56a401ea7d361ad32f692558ab321b86a8fb0979f2927712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 20:56:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23457
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91310
x-xss-protection
0
last-modified
Wed, 24 Feb 2021 18:08:41 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Apr 2022 20:56:15 GMT
a.php
rf.revolvermaps.com/w24/a/ Frame 7A35
4 KB
2 KB
Document
General
Full URL
https://rf.revolvermaps.com/w24/a/a.php?i=5ot78eywop2&d=2&p=0&b=0&w=293&g=2&f=arial&fs=12&r=0&c0=362b05&c1=ff0000&c2=ffffff&ic0=0&ic1=0
Requested by
Host: rf.revolvermaps.com
URL: https://rf.revolvermaps.com/0/0/0.js?i=5ot78eywop2&d=2&p=0&b=0&w=293&g=2&f=arial&fs=12&r=0&c0=362b05&c1=ff0000&c2=ffffff&ic0=0&ic1=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
868249e2514339702a65eeda3cf32915a1d6e7c32412514ef62ac386eb5885f3

Request headers

Host
rf.revolvermaps.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://redshifttrade.us/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://redshifttrade.us/

Response headers

Date
Tue, 13 Apr 2021 03:27:12 GMT
Server
Apache
Cache-Control
public, max-age=31536000
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Length
1860
Keep-Alive
timeout=4, max=97
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
www-player-webp.css
www.youtube.com/s/player/2cea24bf/ Frame E503
357 KB
52 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/2cea24bf/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/-IQ-8ksO0uA
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5421a0a28d791c01667d1dcc004a7fe6afae973c9b08d31e3d8aa663b6097330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/-IQ-8ksO0uA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 12 Apr 2021 00:17:01 GMT
server
sffe
age
45700
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53672
x-xss-protection
0
expires
Tue, 12 Apr 2022 14:45:32 GMT
www-embed-player.js
www.youtube.com/s/player/2cea24bf/www-embed-player.vflset/ Frame E503
184 KB
65 KB
Script
General
Full URL
https://www.youtube.com/s/player/2cea24bf/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/-IQ-8ksO0uA
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e7878e1663715360661d68893e34f41b705c615c3a5594d37c2e685dbf13360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/-IQ-8ksO0uA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 12 Apr 2021 00:17:01 GMT
server
sffe
age
45700
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66660
x-xss-protection
0
expires
Tue, 12 Apr 2022 14:45:32 GMT
base.js
www.youtube.com/s/player/2cea24bf/player_ias.vflset/en_US/ Frame E503
2 MB
514 KB
Script
General
Full URL
https://www.youtube.com/s/player/2cea24bf/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/-IQ-8ksO0uA
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b76a2dd7b5dbe0aaae16dc3c414486896335ccb82f0c9a4e0f0ff3739fbddc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/-IQ-8ksO0uA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 12 Apr 2021 00:17:01 GMT
server
sffe
age
45662
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
526448
x-xss-protection
0
expires
Tue, 12 Apr 2022 14:46:10 GMT
fetch-polyfill.js
www.youtube.com/s/player/2cea24bf/fetch-polyfill.vflset/ Frame E503
8 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/2cea24bf/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/-IQ-8ksO0uA
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/-IQ-8ksO0uA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:45:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 12 Apr 2021 00:17:01 GMT
server
sffe
age
45700
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3027
x-xss-protection
0
expires
Tue, 12 Apr 2022 14:45:32 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E503
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/-IQ-8ksO0uA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
149014
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:38 GMT
in-liquid-icon-9.svg
redshifttrade.us/img/
2 KB
648 B
Image
General
Full URL
https://redshifttrade.us/img/in-liquid-icon-9.svg
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.63 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server120-4.web-hosting.com
Software
Apache /
Resource Hash
c8aea179fda610cf1460d882c700c34ef4107305040d3a3af5028c11e9a2d0ce

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:12 GMT
content-encoding
gzip
last-modified
Fri, 09 Apr 2021 21:31:00 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
none
content-length
501
in-liquid-slide-3.svg
redshifttrade.us/img/
24 KB
8 KB
Image
General
Full URL
https://redshifttrade.us/img/in-liquid-slide-3.svg
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.63 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server120-4.web-hosting.com
Software
Apache /
Resource Hash
0341f4e640aedbf4079f74165ead2c155166ed2759d91ebc735936bc178ac4ba

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:12 GMT
content-encoding
gzip
last-modified
Fri, 09 Apr 2021 21:36:24 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
none
content-length
7970
logo-1.png
redshifttrade.us/img/
13 KB
13 KB
Image
General
Full URL
https://redshifttrade.us/img/logo-1.png
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.63 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server120-4.web-hosting.com
Software
Apache /
Resource Hash
26575eb68b1dbbbbc8e0a4e6a9ea0e2c2bdae9ebdce96767d6b1b8a518c25e19

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:12 GMT
last-modified
Fri, 09 Apr 2021 21:38:22 GMT
server
Apache
accept-ranges
bytes
content-length
13110
content-type
image/png
in-liquid-icon-7.svg
redshifttrade.us/img/
2 KB
817 B
Image
General
Full URL
https://redshifttrade.us/img/in-liquid-icon-7.svg
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.63 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server120-4.web-hosting.com
Software
Apache /
Resource Hash
0006d7110917ac772e0ee2d06a6ebfa4754bad0f464b73d2d22f68238712e6c8

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:12 GMT
content-encoding
gzip
last-modified
Fri, 09 Apr 2021 21:30:54 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
none
content-length
670
in-liquid-icon-8.svg
redshifttrade.us/img/
841 B
525 B
Image
General
Full URL
https://redshifttrade.us/img/in-liquid-icon-8.svg
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.63 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server120-4.web-hosting.com
Software
Apache /
Resource Hash
7042a4ffb35e8881911b44fffb6611c12543278333861a83e925a1744b4692b0

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:12 GMT
content-encoding
gzip
last-modified
Fri, 09 Apr 2021 21:30:50 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
none
content-length
378
in-liquid-icon-10.svg
redshifttrade.us/img/
2 KB
986 B
Image
General
Full URL
https://redshifttrade.us/img/in-liquid-icon-10.svg
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.63 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server120-4.web-hosting.com
Software
Apache /
Resource Hash
dff8fe4c5a9625caa99205862c64d90ce6b79406f124f9510c92e61e732e2d63

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:12 GMT
content-encoding
gzip
last-modified
Fri, 09 Apr 2021 21:31:06 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
none
content-length
839
in-liquid-icon-5.svg
redshifttrade.us/img/
2 KB
834 B
Image
General
Full URL
https://redshifttrade.us/img/in-liquid-icon-5.svg
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.63 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server120-4.web-hosting.com
Software
Apache /
Resource Hash
62f1996e798c66ddbd30f84ce18d739c1f7efcf068f43f26cf8bd4cd8b548a7e

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:12 GMT
content-encoding
gzip
last-modified
Fri, 09 Apr 2021 21:30:22 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
none
content-length
687
in-liquid-icon-6.svg
redshifttrade.us/img/
1 KB
691 B
Image
General
Full URL
https://redshifttrade.us/img/in-liquid-icon-6.svg
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.63 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server120-4.web-hosting.com
Software
Apache /
Resource Hash
b7d845189ebfb4d981c5e089b6531162ca51600610a7934b1ae33ddeef7f9259

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:12 GMT
content-encoding
gzip
last-modified
Fri, 09 Apr 2021 21:30:18 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
none
content-length
544
in-liquid-object-4.svg
redshifttrade.us/img/
303 KB
45 KB
Image
General
Full URL
https://redshifttrade.us/img/in-liquid-object-4.svg
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.63 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server120-4.web-hosting.com
Software
Apache /
Resource Hash
203749d422d25eb305384899c2adf50b627a62122e041006e65a99c0eef5650b

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:12 GMT
content-encoding
gzip
last-modified
Fri, 09 Apr 2021 21:30:08 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
none
content-length
45675
css
fonts.googleapis.com/ Frame 8EE3
4 KB
713 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/redshifttrade
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 13 Apr 2021 03:21:36 GMT
server
ESF
date
Tue, 13 Apr 2021 03:27:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Apr 2021 03:27:12 GMT
widget-frame.css
tlgr.org/css/ Frame 8EE3
67 KB
15 KB
Stylesheet
General
Full URL
https://tlgr.org/css/widget-frame.css?45
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/redshifttrade
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
d73efe70be2927ba40fb4617468ffa04712439f55dd935568313ce4a09320418
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 03:27:12 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
text/css
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 17 Apr 2021 03:27:12 GMT
telegram-web.css
tlgr.org/css/ Frame 8EE3
21 KB
5 KB
Stylesheet
General
Full URL
https://tlgr.org/css/telegram-web.css?19
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/redshifttrade
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
2892a779cee25c3a681f6c8d4c779f0e8632741aec6485a87da48000d84b96c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 03:27:12 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
text/css
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 17 Apr 2021 03:27:12 GMT
LlT_ufdEZyOTA6uy8ebXrOnxZSZpszR82G-85keFos-LaYS4Ea9VZbaktr41Bfo6zZDevOFZwpuJJBKSnD8f5Y6AvaTWR01W1bWVbepAMypPrkWA6IR-hYtgyMBjzSzfVO8BbutBEPmQ7MstxHfFZ5gHsi46HEGYMzguXTlKB80CT-toPX9_rjhe50hw5gMzrFLYF...
cdn1.telesco.pe/file/ Frame 8EE3
9 KB
9 KB
Image
General
Full URL
https://cdn1.telesco.pe/file/LlT_ufdEZyOTA6uy8ebXrOnxZSZpszR82G-85keFos-LaYS4Ea9VZbaktr41Bfo6zZDevOFZwpuJJBKSnD8f5Y6AvaTWR01W1bWVbepAMypPrkWA6IR-hYtgyMBjzSzfVO8BbutBEPmQ7MstxHfFZ5gHsi46HEGYMzguXTlKB80CT-toPX9_rjhe50hw5gMzrFLYFkUC7b8IjWNMUkS6m5JJNS2hQBYej1LXeiNZbtSBfcd8rzsJGpK-ZJn2iFlNH1_SaHRa2eSy5yzVrYBeDHP8gZzFjbMc38l9Wm09s-maE6rmTAo9_Zu_aKoQHwgJKExUR1DM5Q4m_06ZHDAYvg.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/redshifttrade
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.175.205 , Antigua And Barbuda, ASN59930 (TELEGRAM_MESSENGER, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d3808f45c24bcd89b636a3b1337cf482f713ce40b432a06c77d312ee0c5f4a40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 03:27:14 GMT
Last-Modified
Thu, 11 Mar 2021 10:34:29 GMT
Server
nginx/1.18.0
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
0-9097, bytes
Content-Length
9097
Expires
Thu, 13 May 2021 03:27:14 GMT
jquery.min.js
tlgr.org/js/ Frame 8EE3
94 KB
34 KB
Script
General
Full URL
https://tlgr.org/js/jquery.min.js
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/redshifttrade
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 03:27:12 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 17 Apr 2021 03:27:12 GMT
jquery-ui.min.js
tlgr.org/js/ Frame 8EE3
96 KB
28 KB
Script
General
Full URL
https://tlgr.org/js/jquery-ui.min.js
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/redshifttrade
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
eb46d82ef6f86859f18e379660e0f45b85c6f69fa97111905f0c125a08506376
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 03:27:13 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 17 Apr 2021 03:27:13 GMT
tgsticker.js
tlgr.org/js/ Frame 8EE3
14 KB
4 KB
Script
General
Full URL
https://tlgr.org/js/tgsticker.js?24
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/redshifttrade
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
7af53d7077c16f6ad9efd63a975749c4835ce6e495c337fa4176f15ed385f80b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 03:27:13 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 17 Apr 2021 03:27:13 GMT
widget-frame.js
tlgr.org/js/ Frame 8EE3
81 KB
20 KB
Script
General
Full URL
https://tlgr.org/js/widget-frame.js?45
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/redshifttrade
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
4d5a7a3357dea74f080addcfbfcea19dc7bc87959956bc4ff2c379f7ee8c59a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 03:27:13 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 17 Apr 2021 03:27:13 GMT
telegram-web.js
tlgr.org/js/ Frame 8EE3
11 KB
3 KB
Script
General
Full URL
https://tlgr.org/js/telegram-web.js?10
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/redshifttrade
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
0f661b180cb5ec06a2458d8be5c013a37abe06a0d446945709010132ca813d15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 03:27:13 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 17 Apr 2021 03:27:13 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/1x/
825 B
914 B
Image
General
Full URL
https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 09:24:11 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
64981
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
825
x-xss-protection
0
expires
Tue, 12 Apr 2022 09:24:11 GMT
googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/
910 B
999 B
Image
General
Full URL
https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:12:19 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
317693
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
910
x-xss-protection
0
expires
Sat, 09 Apr 2022 11:12:19 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://translate.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 18:32:29 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
32083
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1847
x-xss-protection
0
expires
Tue, 12 Apr 2022 18:32:29 GMT
ff0000.png
widget.supercounters.com/images/online/
495 B
984 B
Image
General
Full URL
https://widget.supercounters.com/images/online/ff0000.png
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:9a78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb06f21269068cde5dc5b3359d8619725b5929c08095223bcb4447e8019949d8

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:12 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1213
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
495
cf-request-id
096adde4a300004ea94c9a7000000001
last-modified
Wed, 23 Sep 2015 04:22:42 GMT
server
cloudflare
etag
"56022912-1ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bt7Ps%2Fji2GNMPVxYra6nqu2GgoZZx3Z%2BbRp13U7rvSnklRy9maF6R6IDeuC%2BMeUDDCCZzmlNGeXBXzI3zxbBct%2BO6D%2BwUvLK4ozMTzupozjZzbQrlzbGDxkf0T7PA25GmClenV0%3D"}],"max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
63f198e76ee54ea9-FRA
293.png
rf.revolvermaps.com/w24/a/g/2/p/0/ Frame 7A35
387 B
662 B
Image
General
Full URL
https://rf.revolvermaps.com/w24/a/g/2/p/0/293.png
Requested by
Host: rf.revolvermaps.com
URL: https://rf.revolvermaps.com/w24/a/a.php?i=5ot78eywop2&d=2&p=0&b=0&w=293&g=2&f=arial&fs=12&r=0&c0=362b05&c1=ff0000&c2=ffffff&ic0=0&ic1=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
5209b680d1d05e5221218f4877061c8074bd3d9773fd3c15564214f531a32c7a

Request headers

Referer
https://rf.revolvermaps.com/w24/a/a.php?i=5ot78eywop2&d=2&p=0&b=0&w=293&g=2&f=arial&fs=12&r=0&c0=362b05&c1=ff0000&c2=ffffff&ic0=0&ic1=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 03:27:12 GMT
Last-Modified
Wed, 15 Jul 2015 13:53:42 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=290304000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=96
Content-Length
387
id
googleads.g.doubleclick.net/pagead/ Frame E503
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
922 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/-IQ-8ksO0uA
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64fddea776d051789e51d9aa2aa2dc8f5a89a795b880599a5be48eb739bad0ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 13 Apr 2021 03:27:12 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame E503
29 B
406 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/2cea24bf/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:26:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
69
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Tue, 13 Apr 2021 03:41:04 GMT
9.png
rf.revolvermaps.com/w24/a/g/2/b/0/ Frame 7A35
163 B
438 B
Image
General
Full URL
https://rf.revolvermaps.com/w24/a/g/2/b/0/9.png
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
3a2d09f5fc7226a77c23d774bc83b118ca85e2c76a547db9581b3f4e0029261f

Request headers

Referer
https://rf.revolvermaps.com/w24/a/a.php?i=5ot78eywop2&d=2&p=0&b=0&w=293&g=2&f=arial&fs=12&r=0&c0=362b05&c1=ff0000&c2=ffffff&ic0=0&ic1=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 03:27:13 GMT
Last-Modified
Wed, 15 Jul 2015 13:51:43 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=290304000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=95
Content-Length
163
remote.js
www.youtube.com/s/player/2cea24bf/player_ias.vflset/en_US/ Frame E503
97 KB
32 KB
Script
General
Full URL
https://www.youtube.com/s/player/2cea24bf/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/2cea24bf/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec6ff1ea69b3a469abf3aa04fc67782bbedfff4553bfaeec5ab17534d1f12403
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/-IQ-8ksO0uA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:46:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 12 Apr 2021 00:17:01 GMT
server
sffe
age
45659
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32717
x-xss-protection
0
expires
Tue, 12 Apr 2022 14:46:14 GMT
CaTTKhWvyyg-SKH9ZlOhjZrmYpmMmDgainbYhyo6Eko.js
www.google.com/js/th/ Frame E503
33 KB
12 KB
Script
General
Full URL
https://www.google.com/js/th/CaTTKhWvyyg-SKH9ZlOhjZrmYpmMmDgainbYhyo6Eko.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/2cea24bf/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09a4d32a15afcb283e48a1fd6653a18d9ae662998c98381a8a76d8872a3a124a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 09:52:57 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:00:00 GMT
server
sffe
age
149656
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12601
x-xss-protection
0
expires
Mon, 11 Apr 2022 09:52:57 GMT
embed.js
www.youtube.com/s/player/2cea24bf/player_ias.vflset/en_US/ Frame E503
24 KB
25 KB
Script
General
Full URL
https://www.youtube.com/s/player/2cea24bf/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/2cea24bf/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62462d078b1e218b56f3714d205ba24a790d66e331ba8d918b459db4e4f8f5e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/-IQ-8ksO0uA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 14:48:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 12 Apr 2021 00:17:01 GMT
server
sffe
age
45502
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25011
x-xss-protection
0
expires
Tue, 12 Apr 2022 14:48:51 GMT
truncated
/ Frame E503
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AAUvwnhNox270JPg-6wPHRt7j6cN1vgTTZKtHWAP2QI=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame E503
4 KB
4 KB
Image
General
Full URL
https://yt3.ggpht.com/ytc/AAUvwnhNox270JPg-6wPHRt7j6cN1vgTTZKtHWAP2QI=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/-IQ-8ksO0uA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2442300e38d7ba769c0bd84df112169ae96d70e2803af7eae4db744590c1e025
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:13 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4005
x-xss-protection
0
server
fife
etag
"v7"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 12 Apr 2021 05:56:40 GMT
sddefault.webp
i.ytimg.com/vi_webp/-IQ-8ksO0uA/ Frame E503
20 KB
20 KB
Image
General
Full URL
https://i.ytimg.com/vi_webp/-IQ-8ksO0uA/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/-IQ-8ksO0uA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33cf72f5588c41696b82ab2eb11847b61ccd459eecb05aa071f6924a59778b9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:13 GMT
x-content-type-options
nosniff
server
sffe
age
0
etag
"0"
vary
Origin
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20214
x-xss-protection
0
expires
Tue, 13 Apr 2021 05:27:13 GMT
l
translate.googleapis.com/translate_a/ Frame B77B
3 KB
1 KB
Script
General
Full URL
https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qWC9gadLu8rdHfMYBdGRRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'report-sample' 'nonce-qWC9gadLu8rdHfMYBdGRRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin; report-to="TranslateApiHttp"
date
Tue, 13 Apr 2021 03:27:13 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"TranslateApiHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/TranslateApiHttp/external"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
a.php
rf.revolvermaps.com/w24/b/ Frame 7A35
54 B
205 B
XHR
General
Full URL
https://rf.revolvermaps.com/w24/b/a.php?i=5ot78eywop2&y4t6
Requested by
Host: rf.revolvermaps.com
URL: https://rf.revolvermaps.com/w24/a/a.php?i=5ot78eywop2&d=2&p=0&b=0&w=293&g=2&f=arial&fs=12&r=0&c0=362b05&c1=ff0000&c2=ffffff&ic0=0&ic1=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
9b1e9c30163274cf243c8f382e02c73c17afd6339e9445310edc4e1bc5a1a067

Request headers

Referer
https://rf.revolvermaps.com/w24/a/a.php?i=5ot78eywop2&d=2&p=0&b=0&w=293&g=2&f=arial&fs=12&r=0&c0=362b05&c1=ff0000&c2=ffffff&ic0=0&ic1=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 03:27:13 GMT
Server
Apache
Connection
close
Content-Length
54
Content-Type
text/plain;charset=UTF-8
LVp8twciS7pFFcMX2-Dv8BUfx9UeSTXCQ_WY8N52LYkCleDsJSQxaevaYEQ1Eq381Hm05pc5S6gVcpv5VPG1Hpn_bjJ-NrNoripF7V9N4i8cvluvXJLD8zXCt5nFJrfTUdDS2rkZWHhiGmpwwdj3sgZNPhoKYqvPDKbR-6Tzy48h88mnHOx_PruZ5KIZuNiSop5C8...
cdn1.telesco.pe/file/ Frame 8EE3
66 KB
67 KB
Image
General
Full URL
https://cdn1.telesco.pe/file/LVp8twciS7pFFcMX2-Dv8BUfx9UeSTXCQ_WY8N52LYkCleDsJSQxaevaYEQ1Eq381Hm05pc5S6gVcpv5VPG1Hpn_bjJ-NrNoripF7V9N4i8cvluvXJLD8zXCt5nFJrfTUdDS2rkZWHhiGmpwwdj3sgZNPhoKYqvPDKbR-6Tzy48h88mnHOx_PruZ5KIZuNiSop5C8xvowsF1JmEC7hzCvAoEPAqQX3uLA_7GDqGUxfzjbDZBmwykbuLXPbC0w7-uJJR0kdPGu27SjE0j_F3cagF3hNZoVVdydyQr_8Q7odIi1FmsrTSyVFLVdueQ4fGqTn72C9Ib6ALLWSwuezyRdQ.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/redshifttrade
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.175.205 , Antigua And Barbuda, ASN59930 (TELEGRAM_MESSENGER, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
754c6ef59af2619cd9c8fa58b71580ad20ab56a3f874df16f5c2d4ecab4c1019
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 03:27:14 GMT
Last-Modified
Wed, 24 Mar 2021 15:15:36 GMT
Server
nginx/1.18.0
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
0-67955, bytes
Content-Length
67955
Expires
Thu, 13 May 2021 03:27:14 GMT
F09F9388.png
tlgr.org/img/emoji/40/ Frame 8EE3
2 KB
3 KB
Image
General
Full URL
https://tlgr.org/img/emoji/40/F09F9388.png
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/redshifttrade
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
63d569b00425d5fda992e27593d23824d20df423726df326a66b15b6139c08a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 03:27:13 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
image/png
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Expires
Sat, 17 Apr 2021 03:27:13 GMT
F09FA496.png
tlgr.org/img/emoji/40/ Frame 8EE3
3 KB
3 KB
Image
General
Full URL
https://tlgr.org/img/emoji/40/F09FA496.png
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/redshifttrade
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
1d898e8a2883b0d902a6c060575a99ab0318c3bcffb4ad22bfb840990558623a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 03:27:13 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
image/png
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Expires
Sat, 17 Apr 2021 03:27:13 GMT
truncated
/ Frame 8EE3
683 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5c639313a20041c6986df07dae08542d6e26be05464cadce13a51141b8a8886

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
B8EIHBTbsaFDq4zEwtY8csBaYTeolnOmdA3j4MHGcUzFjOO6mb9xcgKqUFcRpp4k-lWbkyiQdf2ATbaICyW4q3siB0DI1iRVEUq3kANGEQMPvuqd9HDu3Wiuv044v5TKI00rbniQXSALtlDIb_K96AqWkTlsRg2VlG9I3aoTIsQltDnVC0YFuctM0-DQrzxjamzqc...
cdn1.telesco.pe/file/ Frame 8EE3
84 KB
84 KB
Image
General
Full URL
https://cdn1.telesco.pe/file/B8EIHBTbsaFDq4zEwtY8csBaYTeolnOmdA3j4MHGcUzFjOO6mb9xcgKqUFcRpp4k-lWbkyiQdf2ATbaICyW4q3siB0DI1iRVEUq3kANGEQMPvuqd9HDu3Wiuv044v5TKI00rbniQXSALtlDIb_K96AqWkTlsRg2VlG9I3aoTIsQltDnVC0YFuctM0-DQrzxjamzqc6ZioDq-YN5mMjNWpFcRahVjH9eqiwJED3SsBmPXdhCArBvlX1OdMYVpE3yOWBt3DJ_T7R4z7EagiCBbaE8V47vPUr2d1biMK3UZrPwJlRplWwVupNygLI8QwIasp5GaGCYeKqX_DZPuKypnrg.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/redshifttrade
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.175.205 , Antigua And Barbuda, ASN59930 (TELEGRAM_MESSENGER, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
36df20f881a3d45cd77b08dac6d1e85f5e28daf97e4eaddcca1d2fe2baad338b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 03:27:14 GMT
Last-Modified
Wed, 24 Mar 2021 15:30:58 GMT
Server
nginx/1.18.0
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
0-85734, bytes
Content-Length
85734
Expires
Thu, 13 May 2021 03:27:14 GMT
aPg7RH_rJVbmsJatgJXXntlfYSqzLwr2g0XnHLf2XpHNcRzHKYiQotRSJs5YwM6Tv9JLkFRQ3gojZHl-APcEAbcuj1KefM2oPWIQVPifSJ6F_vXF-xD09piGfyYa8_uBChoXSZW6h_EkuM_5LUg6dshEqdsm1-YycC7gil3bOGQzU0cIu_-JOFoHdlWt7Db40bEEo...
cdn4.telesco.pe/file/ Frame 8EE3
50 KB
51 KB
Image
General
Full URL
https://cdn4.telesco.pe/file/aPg7RH_rJVbmsJatgJXXntlfYSqzLwr2g0XnHLf2XpHNcRzHKYiQotRSJs5YwM6Tv9JLkFRQ3gojZHl-APcEAbcuj1KefM2oPWIQVPifSJ6F_vXF-xD09piGfyYa8_uBChoXSZW6h_EkuM_5LUg6dshEqdsm1-YycC7gil3bOGQzU0cIu_-JOFoHdlWt7Db40bEEoPUtWWmECBnIGLZCWAy9WKYLSJ6S0RiPUHbC0meFyUlOzjrj3xQ2-uMK2DDkhMRajyhWRu8qXo9qjIYmypxEKDSnjQI-Z5rD-sHqbb-kXDZGbmh-y7pfhnEMRbcnNC_HNa0Z9hlogdsXAZ_Mlg.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/redshifttrade
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.165.133 , Antigua And Barbuda, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
a4b3d88757e99cb6dcecb5a101e9485634ec6a1fa6bbb068987f5bab704348b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 03:27:13 GMT
Last-Modified
Tue, 13 Apr 2021 03:27:13 GMT
Server
nginx/1.18.0
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
0-51436, bytes
Content-Length
51436
Expires
Thu, 13 May 2021 03:27:13 GMT
iVr10WMBjY20M9gVxTkZfVqp54Y3GI09Tpn4I5W4x2MC3GvcWCPSyE3CLb4IzDwNqHTwsyvDDQvHsm5QzM7mAEbbtUPo_A5dG5pmpNZqYXMHEpnfvyqcM2oWvLyzuA2krbEeTHh7cilABEpLcsNDv0BN98hdxsvEZg4RkiPCw0Vfp3YxmwuP54Tvtv67fjxvZ2rVB...
cdn1.telesco.pe/file/ Frame 8EE3
1 KB
2 KB
Image
General
Full URL
https://cdn1.telesco.pe/file/iVr10WMBjY20M9gVxTkZfVqp54Y3GI09Tpn4I5W4x2MC3GvcWCPSyE3CLb4IzDwNqHTwsyvDDQvHsm5QzM7mAEbbtUPo_A5dG5pmpNZqYXMHEpnfvyqcM2oWvLyzuA2krbEeTHh7cilABEpLcsNDv0BN98hdxsvEZg4RkiPCw0Vfp3YxmwuP54Tvtv67fjxvZ2rVBg-EFpZ7Dbi2NNJC0OXPy54q0TA-FvFlpcixegmekcTQGbRoJiaeDkiHhgj0SCkK8pToZT5156MYpD-TAOM4N34ZaEq_G3m516ODL5aJ-LiPhK5v0PBxJRtxJLZtJaouHqrs1xaeQprIg0a6Ug
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/redshifttrade
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.175.205 , Antigua And Barbuda, ASN59930 (TELEGRAM_MESSENGER, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f50271f26322eae6ab28b81314c790802655ab4d09da5f17115cc75e6b6cb469
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 03:27:14 GMT
Last-Modified
Wed, 16 Oct 2019 21:41:22 GMT
Server
nginx/1.18.0
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
0-1198, bytes
Content-Length
1198
Expires
Thu, 13 May 2021 03:27:14 GMT
truncated
/ Frame 8EE3
496 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f48401d810df54d8c06bd7a85a69b65e5403bab8dcb8d7e919f3d31247e5460

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
eqg1NuYSrHlmvv9LOBD0LOdzouOtRaKJ5N0vsXdOILJmInO0JYMC2o89Ejenj8NVFK5HFzsOvgjYPsbwCHksLLHWq9dIjlQcseeBBc4PL1vMWWO4xo44SV-Jw6e_efmUt0J1L7AlQ-Dhe4wJah1oHcYzWobtThUplBzhVpJbTOQqlL0aBX4npr18u5EOAeoWCoZA7...
cdn1.telesco.pe/file/ Frame 8EE3
87 KB
87 KB
Image
General
Full URL
https://cdn1.telesco.pe/file/eqg1NuYSrHlmvv9LOBD0LOdzouOtRaKJ5N0vsXdOILJmInO0JYMC2o89Ejenj8NVFK5HFzsOvgjYPsbwCHksLLHWq9dIjlQcseeBBc4PL1vMWWO4xo44SV-Jw6e_efmUt0J1L7AlQ-Dhe4wJah1oHcYzWobtThUplBzhVpJbTOQqlL0aBX4npr18u5EOAeoWCoZA77FWQfrLVUZjqrds70KiUpKC5R9Sbz2Qmy47m9sUyQ_1ixi9IDvDQvtRY_0Fw5S-u_AWgrPRfKqx1fS5XvX5gO2N3mNQN6BxkDZ5LvjuvT55xhtWxR9baXObimhH62TwWv5rTqGOf7mzJghJIA.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/redshifttrade
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.175.205 , Antigua And Barbuda, ASN59930 (TELEGRAM_MESSENGER, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
319431a90e37952bd084389f8239e7a66b99e7a30a39da77aa3e382696f41009
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 03:27:14 GMT
Last-Modified
Thu, 25 Mar 2021 09:27:43 GMT
Server
nginx/1.18.0
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
0-88603, bytes
Content-Length
88603
Expires
Thu, 13 May 2021 03:27:14 GMT
F09F9187.png
tlgr.org/img/emoji/40/ Frame 8EE3
2 KB
2 KB
Image
General
Full URL
https://tlgr.org/img/emoji/40/F09F9187.png
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/redshifttrade
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
6c077a89e644603448ef5dc3a85f2bfbaebab7c0fa53ed827e4e39f72f98a310
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 03:27:13 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
image/png
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Expires
Sat, 17 Apr 2021 03:27:13 GMT
omYl4bnaOJ_qm4ZxNJ5RBpiR2EwwUGQ79h_hEi_7C7vPE1dR6q5UOGB-EbCOPqWDtBWwTgmnXaWNkiAyh3-A60ZP5ruXSYhHGAVjYNj_1_OBzHgoDuykBBoYWqKtdLIV9tM-O-pJJhvi-kTrNCweptevdcWDIlMb5uT7C5zcO2vkunKJiVyv57OXrPrBgdCOQtHJq...
cdn1.telesco.pe/file/ Frame 8EE3
6 KB
7 KB
Image
General
Full URL
https://cdn1.telesco.pe/file/omYl4bnaOJ_qm4ZxNJ5RBpiR2EwwUGQ79h_hEi_7C7vPE1dR6q5UOGB-EbCOPqWDtBWwTgmnXaWNkiAyh3-A60ZP5ruXSYhHGAVjYNj_1_OBzHgoDuykBBoYWqKtdLIV9tM-O-pJJhvi-kTrNCweptevdcWDIlMb5uT7C5zcO2vkunKJiVyv57OXrPrBgdCOQtHJquR-Fck-jm527Muc5zTtINgi5jc67sY1Co25cBx2J_RFd12omqi_3Myrba1ahdvoxlBuStlVgbap0_WXuG4ZxVnMt6mSwkWxXYE_ma59OvNwbJxoRaP0DjNS_s3ZGxnyxPs1BkZQLNwe5tfqIg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/redshifttrade
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.175.205 , Antigua And Barbuda, ASN59930 (TELEGRAM_MESSENGER, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
c0b395c96a2860953a10cb0e7bed7eb88db9ff1ef584b04ba0eaf48ca1583ae0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 03:27:14 GMT
Last-Modified
Sat, 27 Mar 2021 10:19:57 GMT
Server
nginx/1.18.0
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
0-6344, bytes
Content-Length
6344
Expires
Thu, 13 May 2021 03:27:14 GMT
uGKlRJ7zR6w_9eF_14mEVbbyDwdOWGlEDjAHUANhIvh-LZAVxtZ6vO0-EnYQIQSIZ_7_l5_YPRCGHROGdp7xZwDFsZHng7zc4QddA---Oo5MxFWBlDZ4T8VrmpkZwoWr_bELTEVZGTK8yHp6tucgqx6JucYnr_kvniLPL9Mki48YiaakxdrJfJBcCc5UohZOXticw...
cdn1.telesco.pe/file/ Frame 8EE3
105 KB
105 KB
Image
General
Full URL
https://cdn1.telesco.pe/file/uGKlRJ7zR6w_9eF_14mEVbbyDwdOWGlEDjAHUANhIvh-LZAVxtZ6vO0-EnYQIQSIZ_7_l5_YPRCGHROGdp7xZwDFsZHng7zc4QddA---Oo5MxFWBlDZ4T8VrmpkZwoWr_bELTEVZGTK8yHp6tucgqx6JucYnr_kvniLPL9Mki48YiaakxdrJfJBcCc5UohZOXticwD_z7dYcJje1RiYQrfMuvDfT2ZETNqzhTvCNg1Ue8pMb9slt7rbSBvVFtQLQ7oOOH9kCw5PgTT3E-f4CLByaQNWH_GZg2t4swmnZaAr7zmAvTYUF6ljU7xThZlHrLGfIyG9hOgjYvo6vGcamfg.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/redshifttrade
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.175.205 , Antigua And Barbuda, ASN59930 (TELEGRAM_MESSENGER, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4b4a9f7c7e359e90c8902e21184695d76b40584c493468ed54e9217a0173553a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 03:27:14 GMT
Last-Modified
Mon, 29 Mar 2021 23:33:52 GMT
Server
nginx/1.18.0
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
0-107234, bytes
Content-Length
107234
Expires
Thu, 13 May 2021 03:27:14 GMT
F09F918D.png
tlgr.org/img/emoji/40/ Frame 8EE3
2 KB
2 KB
Image
General
Full URL
https://tlgr.org/img/emoji/40/F09F918D.png
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/redshifttrade
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
ad1c2f1120499c9fac2443eb5d8eaa85b630f483fbd2ba8d5dee62c22d06a0b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=0

Request headers

Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 03:27:13 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=0
Content-Type
image/png
Cache-Control
max-age=345600
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Expires
Sat, 17 Apr 2021 03:27:13 GMT
Cm-oDSOinq35gjK-iLEypdxPdONIIklZjf6fOTfGKtWV9cY2XUHh7d3WJdeZXuWfWuH3x6XMuQpsXy5kwvcsniUO2ZeYcTcLS59DAxbpEqdUquXhZvxes0JIo0kP30uGj9grbBFDi2K3E_q0pcxjXse-sPdOWD_igRe8NLDXpVbekChcupIcwwef59w5HAZwR1Vor...
cdn1.telesco.pe/file/ Frame 8EE3
64 KB
65 KB
Image
General
Full URL
https://cdn1.telesco.pe/file/Cm-oDSOinq35gjK-iLEypdxPdONIIklZjf6fOTfGKtWV9cY2XUHh7d3WJdeZXuWfWuH3x6XMuQpsXy5kwvcsniUO2ZeYcTcLS59DAxbpEqdUquXhZvxes0JIo0kP30uGj9grbBFDi2K3E_q0pcxjXse-sPdOWD_igRe8NLDXpVbekChcupIcwwef59w5HAZwR1Vorfcrt9f17nYYkhsIFn4A0RKeJACF3XAOqqFEXsEVk9mD37FVyIfVToZpFMiKpLg6mb3FsU-a6V8h8nO19wUm2KX60UVpeCIsRsyMMt0AnnJKD_LQCYyWgggNzdHdWqOQiUyE1T2285l_RCaVqg.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/redshifttrade
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.175.205 , Antigua And Barbuda, ASN59930 (TELEGRAM_MESSENGER, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
562da0b851f7005ebbf6deb75d092e4c8e113643eb53ba526188532caa3bfc0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 03:27:14 GMT
Last-Modified
Tue, 30 Mar 2021 09:53:08 GMT
Server
nginx/1.18.0
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
0-65618, bytes
Content-Length
65618
Expires
Thu, 13 May 2021 03:27:14 GMT
tBzJT6O_GFalWkZgNsbgDGXV_ipfHsRw-ew6sWpvQn5gjkH5nss2Uw1k9i3YhOSrCy_q7EWZnvqOWfJuuDZ6qMPJUtro_WD5S003fRLXoD7lmaGiXYZXP4DQNss4d_VcSTyL36tHDantFDnCN6IspQHM2ktKZq2GSWwFvDHiGAJvgf30xT0-ht5u3-fhARm_QqtyV...
cdn4.telesco.pe/file/ Frame 8EE3
82 KB
82 KB
Image
General
Full URL
https://cdn4.telesco.pe/file/tBzJT6O_GFalWkZgNsbgDGXV_ipfHsRw-ew6sWpvQn5gjkH5nss2Uw1k9i3YhOSrCy_q7EWZnvqOWfJuuDZ6qMPJUtro_WD5S003fRLXoD7lmaGiXYZXP4DQNss4d_VcSTyL36tHDantFDnCN6IspQHM2ktKZq2GSWwFvDHiGAJvgf30xT0-ht5u3-fhARm_QqtyVdD5mkrqRYeCJf-Wgag0jpaJFYWtXhiMn0tQYv8NvaGkBRaMXFtJvsPXAvV1NimMi87EcYHnvKlq1AItw8bHOVD7ORry_F0iVry_bK2-CNawYRs6xgBB1YG8FhCileWRGXHwS9lxdlOig4ZzAw.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/redshifttrade
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.165.133 , Antigua And Barbuda, ASN62041 (TELEGRAM, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e937a0a85e0d8b4a733090f3f655ebfd759bf2247af32d16b606606166fb4ed8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 03:27:13 GMT
Last-Modified
Fri, 09 Apr 2021 01:27:53 GMT
Server
nginx/1.18.0
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
0-83616, bytes
Content-Length
83616
Expires
Thu, 13 May 2021 03:27:13 GMT
qFLvKAvi5Dea_bwtR88SuOOobBwKhK0Fs1BYHqJYC1MI03Hg3LwjK0LvLCQ11r127rtWUYer42tcAkPJ63pipkQZzI1dw92M2nRPL7VZxMFVWwt53sHZEFqK1cLzsWi_CJ5xVt4SnBpsTkqjFwbZndCKou1VMTFwtH2jf_Nphw6zW2Tmb4mKhSXM5UlhCJiC6Yp-z...
cdn1.telesco.pe/file/ Frame 8EE3
68 KB
68 KB
Image
General
Full URL
https://cdn1.telesco.pe/file/qFLvKAvi5Dea_bwtR88SuOOobBwKhK0Fs1BYHqJYC1MI03Hg3LwjK0LvLCQ11r127rtWUYer42tcAkPJ63pipkQZzI1dw92M2nRPL7VZxMFVWwt53sHZEFqK1cLzsWi_CJ5xVt4SnBpsTkqjFwbZndCKou1VMTFwtH2jf_Nphw6zW2Tmb4mKhSXM5UlhCJiC6Yp-zdq519BXyv5kcv-t-ut8h9Hsg7pzJvsPRiq0P8oso7fbN5kwF3kZEaqEcd020ql5Yv3x_LmdZwxUjoBNv_kCb83nfEE_wh4uYi9cq-o5a9q7Is897NVEmVIP9VuWIySWLMkBSGL0LyYmvBanhQ.jpg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/redshifttrade
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.175.205 , Antigua And Barbuda, ASN59930 (TELEGRAM_MESSENGER, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0dab844002f3777727526f76cf7a18edb23dcc5d8345f3b50d6e4d6951a91b05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://xn--r1a.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 03:27:14 GMT
Last-Modified
Sat, 10 Apr 2021 04:15:34 GMT
Server
nginx/1.18.0
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
0-69481, bytes
Content-Length
69481
Expires
Thu, 13 May 2021 03:27:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 8EE3
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://xn--r1a.website
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 21:15:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
22313
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Tue, 12 Apr 2022 21:15:20 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 8EE3
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://xn--r1a.website
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 19:15:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
547908
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
expires
Wed, 06 Apr 2022 19:15:25 GMT
5bec95477c.mp4
cdn1.telesco.pe/file/ Frame 8EE3
63 KB
0
Media
General
Full URL
https://cdn1.telesco.pe/file/5bec95477c.mp4?token=WaZ8TM2m1whvOf2JB8hylS10flyn58GHwNvBu7Ke43Hk9Groiaux5kdZEQdn8KaIdSun2fGazl5gurMGtH8oDheufM6N4yvfmYlJt0CzCc_vZ0LFtnuS5wvgPpvhNqcx92J1EWPsyvNjEJ4iZMDU9c7AKBqdtPEQlWA3nh02SvWn1haTnOYXz5ENnaw0OrFmchwL3u8QdTTYaQfvhcb06l6OzMTlDuk_jYJcPEdNYNH37s0ZNzo83A50mdNm1A6jv0USDRtUGSOHWdZJgvcWjKlGOU4s9DtVibRpn1DFcOwo2hy1B9dk8yxj5SVUAuhzlXtB8wjNV2IUXyoKCO4aAg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/redshifttrade
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.175.205 , Antigua And Barbuda, ASN59930 (TELEGRAM_MESSENGER, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://xn--r1a.website/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 13 Apr 2021 03:27:16 GMT
Last-Modified
Sat, 27 Mar 2021 10:19:57 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
video/mp4
Content-Range
bytes 0-2509273/2509274
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
0-2509274
Content-Length
2509274
Expires
Thu, 13 May 2021 03:27:14 GMT
/
xn--r1a.website/v/ Frame 8EE3
4 B
498 B
XHR
General
Full URL
https://xn--r1a.website/v/
Requested by
Host: tlgr.org
URL: https://tlgr.org/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
Security Headers
Name Value
Strict-Transport-Security max-age=35768000, max-age=0

Request headers

Accept
*/*
Referer
https://xn--r1a.website/s/redshifttrade
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 13 Apr 2021 03:27:14 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=35768000, max-age=0
Content-Type
application/json; charset=utf-8
Cache-control
no-store
Transfer-Encoding
chunked
Connection
keep-alive
/
client.crisp.chat/settings/website/e400238a-2f2a-4a7e-a565-89f21e1d81e7/
1 KB
901 B
Script
General
Full URL
https://client.crisp.chat/settings/website/e400238a-2f2a-4a7e-a565-89f21e1d81e7/?callback=window.%24crisp.__spool.website_handler&1618053330208
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?f49ba90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d40a4dd2a5539ff3de4184f7efbff3cb6af7a62cc55605a88f07518cdc810fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
096addebc3000005bbb120b000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=14400
access-control-allow-credentials
false
cf-ray
63f198f2d81105bb-FRA
access-control-allow-headers
Content-Type, Origin
expires
Tue, 13 Apr 2021 07:27:14 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame E503
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/2cea24bf/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Tue, 13 Apr 2021 03:27:14 GMT
generate_204
www.youtube.com/ Frame E503
0
39 B
Image
General
Full URL
https://www.youtube.com/generate_204?zuc0Ew
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/-IQ-8ksO0uA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:14 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
en.js
client.crisp.chat/static/javascripts/locales/
6 KB
2 KB
Script
General
Full URL
https://client.crisp.chat/static/javascripts/locales/en.js?f49ba90
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?f49ba90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6df8553ea848b4ef08b889fdcf2018dba4e970eb5e59b1e23e611a97a79233c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
63330
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
096addede7000005bba9a6d000000001
last-modified
Mon, 12 Apr 2021 09:51:03 GMT
server
cloudflare
etag
W/"60741807-17fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=315360000
access-control-allow-credentials
false
cf-ray
63f198f63c1905bb-FRA
access-control-allow-headers
Content-Type, Origin
expires
Fri, 11 Apr 2031 03:27:14 GMT
truncated
/
881 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
5bec95477c.mp4
cdn1.telesco.pe/file/ Frame 8EE3
50 KB
51 KB
Media
General
Full URL
https://cdn1.telesco.pe/file/5bec95477c.mp4?token=WaZ8TM2m1whvOf2JB8hylS10flyn58GHwNvBu7Ke43Hk9Groiaux5kdZEQdn8KaIdSun2fGazl5gurMGtH8oDheufM6N4yvfmYlJt0CzCc_vZ0LFtnuS5wvgPpvhNqcx92J1EWPsyvNjEJ4iZMDU9c7AKBqdtPEQlWA3nh02SvWn1haTnOYXz5ENnaw0OrFmchwL3u8QdTTYaQfvhcb06l6OzMTlDuk_jYJcPEdNYNH37s0ZNzo83A50mdNm1A6jv0USDRtUGSOHWdZJgvcWjKlGOU4s9DtVibRpn1DFcOwo2hy1B9dk8yxj5SVUAuhzlXtB8wjNV2IUXyoKCO4aAg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/redshifttrade
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.175.205 , Antigua And Barbuda, ASN59930 (TELEGRAM_MESSENGER, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d61464662b3f16fa324e788a327b1dad0749a6ed6deb4ec241289e2fc710d761
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://xn--r1a.website/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=2457600-

Response headers

Date
Tue, 13 Apr 2021 03:27:17 GMT
Last-Modified
Sat, 27 Mar 2021 10:19:57 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
video/mp4
Content-Range
bytes 2457600-2509273/2509274
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
0-2509274
Content-Length
51674
Expires
Thu, 13 May 2021 03:27:16 GMT
5bec95477c.mp4
cdn1.telesco.pe/file/ Frame 8EE3
79 KB
0
Media
General
Full URL
https://cdn1.telesco.pe/file/5bec95477c.mp4?token=WaZ8TM2m1whvOf2JB8hylS10flyn58GHwNvBu7Ke43Hk9Groiaux5kdZEQdn8KaIdSun2fGazl5gurMGtH8oDheufM6N4yvfmYlJt0CzCc_vZ0LFtnuS5wvgPpvhNqcx92J1EWPsyvNjEJ4iZMDU9c7AKBqdtPEQlWA3nh02SvWn1haTnOYXz5ENnaw0OrFmchwL3u8QdTTYaQfvhcb06l6OzMTlDuk_jYJcPEdNYNH37s0ZNzo83A50mdNm1A6jv0USDRtUGSOHWdZJgvcWjKlGOU4s9DtVibRpn1DFcOwo2hy1B9dk8yxj5SVUAuhzlXtB8wjNV2IUXyoKCO4aAg
Requested by
Host: xn--r1a.website
URL: https://xn--r1a.website/s/redshifttrade
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.154.175.205 , Antigua And Barbuda, ASN59930 (TELEGRAM_MESSENGER, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://xn--r1a.website/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=32768-

Response headers

Date
Tue, 13 Apr 2021 03:27:18 GMT
Last-Modified
Sat, 27 Mar 2021 10:19:57 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
video/mp4
Content-Range
bytes 32768-2509273/2509274
Access-Control-Expose-Headers
Accept-Ranges, Content-Range, Content-Length
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
0-2509274
Content-Length
2476506
Expires
Thu, 13 May 2021 03:27:18 GMT
in-liquid-slide-4.svg
redshifttrade.us/img/
19 KB
7 KB
Image
General
Full URL
https://redshifttrade.us/img/in-liquid-slide-4.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.63 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server120-4.web-hosting.com
Software
Apache /
Resource Hash
99944100ee80b612c14826a8234955cd2e326f45332387aac42398444e4ea0a8

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:19 GMT
content-encoding
gzip
last-modified
Fri, 09 Apr 2021 21:36:24 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
6967
in-liquid-slide-4.svg
redshifttrade.us/img/
19 KB
7 KB
Image
General
Full URL
https://redshifttrade.us/img/in-liquid-slide-4.svg
Requested by
Host: redshifttrade.us
URL: https://redshifttrade.us/js/vendors/uikit.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.116.63 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server120-4.web-hosting.com
Software
Apache /
Resource Hash
99944100ee80b612c14826a8234955cd2e326f45332387aac42398444e4ea0a8

Request headers

Referer
https://redshifttrade.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 03:27:19 GMT
content-encoding
gzip
last-modified
Fri, 09 Apr 2021 21:36:24 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
6967
/
xn--r1a.website/v/ Frame 8EE3
4 B
497 B
XHR
General
Full URL
https://xn--r1a.website/v/
Requested by
Host: tlgr.org
URL: https://tlgr.org/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.216.186.40 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.186.216.95.clients.your-server.de
Software
nginx /
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
Security Headers
Name Value
Strict-Transport-Security max-age=35768000, max-age=0

Request headers

Accept
*/*
Referer
https://xn--r1a.website/s/redshifttrade
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 13 Apr 2021 03:27:24 GMT
Content-Encoding
gzip
Server
nginx
Strict-Transport-Security
max-age=35768000, max-age=0
Content-Type
application/json; charset=utf-8
Cache-control
no-store
Transfer-Encoding
chunked
Connection
keep-alive
log_event
www.youtube.com/youtubei/v1/ Frame E503
28 B
238 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/2cea24bf/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/-IQ-8ksO0uA
X-YouTube-Client-Version
1.20210411.0.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtxYUdQWGhrdUpFUSiPn9SDBg%3D%3D
X-YouTube-Ad-Signals
dt=1618284432825&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image&bid=ANyPxKojiwEjW2xUVuRUp78rgURRIviEaYFO-Vh8mJznHqDZ09qeyXJLN3BX_1nPiXGtpmHOA9Vrlil5WZeNUW4He3D70Fyxxw

Response headers

date
Tue, 13 Apr 2021 03:27:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Tue, 13 Apr 2021 03:27:24 GMT

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer object| $crisp string| CRISP_WEBSITE_ID object| d object| s object| google_tag_manager object| _dollar_crisp object| google_tag_data object| gaGlobal string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData function| googleTranslateElementInit2 object| google function| GTranslateFireEvent function| doGTranslate object| sc_olimg_var function| sc_online_i function| sc_onlineimage function| ct_insert function| drawText_online function| errorMsg function| UIkit function| activeMenu function| breadcrumb function| mobileNav function| serialize function| ajaxRequest function| emptyElements function| counterUp function| modalIframe object| _rm5tat30bj_ function| onYouTubeIframeAPIReady object| closure_lm_508121

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn1.telesco.pe
cdn4.telesco.pe
client.crisp.chat
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
redshifttrade.us
rf.revolvermaps.com
static.doubleclick.net
tlgr.org
translate.google.com
translate.googleapis.com
widget.supercounters.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.supercounters.com
www.youtube.com
xn--r1a.website
yt3.ggpht.com
149.154.165.133
149.154.175.205
172.104.29.90
198.54.116.63
2606:4700:3030::ac43:9a78
2606:4700::6812:1c5b
2a00:1450:4001:800::200a
2a00:1450:4001:808::2003
2a00:1450:4001:808::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2016
2a00:1450:4001:811::2006
2a00:1450:4001:812::2001
2a00:1450:4001:827::2002
2a00:1450:4001:829::2004
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2008
2a00:f820:425::3
95.216.186.40
0006d7110917ac772e0ee2d06a6ebfa4754bad0f464b73d2d22f68238712e6c8
0341f4e640aedbf4079f74165ead2c155166ed2759d91ebc735936bc178ac4ba
03c95581c28064117f1345d168d9745fbf86c2f693fa2ac977b93adf8786477e
0514be156f4dcb18d068d671e6fc80fdc43612afd55806deacad2270819a43e8
09a4d32a15afcb283e48a1fd6653a18d9ae662998c98381a8a76d8872a3a124a
0a2a1eb7fd5d18792ee125deb8f6e2156bead14cb7249ce21676d9f1511b7658
0a4cbab79f382da32b45ec37f01567da70f4903a0cb12f5859f3bf6cc618d606
0cdc45414faebd39996b7ba015fad00da0624a56b9bca698ef124afdb66921d4
0dab844002f3777727526f76cf7a18edb23dcc5d8345f3b50d6e4d6951a91b05
0f661b180cb5ec06a2458d8be5c013a37abe06a0d446945709010132ca813d15
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
1452a015ca827373148d1f05084fac40373220c8bcff3766c3b593333b4a8851
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1d898e8a2883b0d902a6c060575a99ab0318c3bcffb4ad22bfb840990558623a
203749d422d25eb305384899c2adf50b627a62122e041006e65a99c0eef5650b
2442300e38d7ba769c0bd84df112169ae96d70e2803af7eae4db744590c1e025
26575eb68b1dbbbbc8e0a4e6a9ea0e2c2bdae9ebdce96767d6b1b8a518c25e19
2892a779cee25c3a681f6c8d4c779f0e8632741aec6485a87da48000d84b96c5
28efedd94986159d3582bdf9517da0d2242d64771d163a989b5c785be49a1be2
2e20d5699ee7575d3ba7f020ce63869e10b7cfe9b5f563b6c8df0b2372404391
319431a90e37952bd084389f8239e7a66b99e7a30a39da77aa3e382696f41009
33cf72f5588c41696b82ab2eb11847b61ccd459eecb05aa071f6924a59778b9f
36df20f881a3d45cd77b08dac6d1e85f5e28daf97e4eaddcca1d2fe2baad338b
3a2d09f5fc7226a77c23d774bc83b118ca85e2c76a547db9581b3f4e0029261f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e7878e1663715360661d68893e34f41b705c615c3a5594d37c2e685dbf13360
44fc4fed0b7984a791c7ef112d59885b3f891fae11859f465ad236b9a5d28fb3
47b7befcec2f2dde8bae8ab0e46878b1986247c47df68343353ce18c2e805b78
4aa95019f9925c17823296d2544f8ea785f3cb1e6368757b8dc9b3bfe0300324
4b4a9f7c7e359e90c8902e21184695d76b40584c493468ed54e9217a0173553a
4b76a2dd7b5dbe0aaae16dc3c414486896335ccb82f0c9a4e0f0ff3739fbddc7
4c41dd1b081f08e8834dba06d58101fff5e15c994df697a9fecf972d5d89c06e
4d5a7a3357dea74f080addcfbfcea19dc7bc87959956bc4ff2c379f7ee8c59a7
5209b680d1d05e5221218f4877061c8074bd3d9773fd3c15564214f531a32c7a
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5421a0a28d791c01667d1dcc004a7fe6afae973c9b08d31e3d8aa663b6097330
562da0b851f7005ebbf6deb75d092e4c8e113643eb53ba526188532caa3bfc0d
5c4c0efe6a994665b234f55765562be057caf685176a89acdbe5c68c408ff301
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5d40a4dd2a5539ff3de4184f7efbff3cb6af7a62cc55605a88f07518cdc810fd
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
5f48401d810df54d8c06bd7a85a69b65e5403bab8dcb8d7e919f3d31247e5460
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
62462d078b1e218b56f3714d205ba24a790d66e331ba8d918b459db4e4f8f5e0
62f1996e798c66ddbd30f84ce18d739c1f7efcf068f43f26cf8bd4cd8b548a7e
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
6368f6246fd9a23729b2507b796740811adf20b635ec21556c315160d5be64b0
63d569b00425d5fda992e27593d23824d20df423726df326a66b15b6139c08a8
64fddea776d051789e51d9aa2aa2dc8f5a89a795b880599a5be48eb739bad0ff
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c077a89e644603448ef5dc3a85f2bfbaebab7c0fa53ed827e4e39f72f98a310
6df8553ea848b4ef08b889fdcf2018dba4e970eb5e59b1e23e611a97a79233c0
7042a4ffb35e8881911b44fffb6611c12543278333861a83e925a1744b4692b0
74fcc48fc65107aa9c18331c7841cc95eaa59f3f4bf9d1616eb54c30bccce2d8
754c6ef59af2619cd9c8fa58b71580ad20ab56a3f874df16f5c2d4ecab4c1019
77e5490026bdea69953da0b5e9e6cd13aff5d39f34ff2c372251821ec0599fa7
7af53d7077c16f6ad9efd63a975749c4835ce6e495c337fa4176f15ed385f80b
7b71b7935ef704b5486f7eddc61dd833f465ba11523c99470a5333dfa6d30ae6
7b85bcb075a13466616c573a91f310265b48c0879b56e003d4d3b7c421eee188
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
80f35659d030651ea3acc6d6e97475b42eaa60d5700e83f9623cf90904d42cec
868249e2514339702a65eeda3cf32915a1d6e7c32412514ef62ac386eb5885f3
89ec8ad066b71b7e92e23c3308ed72dc3506c4a4006b3468c6ea37783b731287
8ef2e8acfa202a147acea4d0116c84a0dff35cfcef1ba3843dc01a395ac76b15
9013420951bd8d131a0721dab55ff27b37d3b4cae4bd67f5ccd177ed37f4623a
92c035efe2e6184801be4bdb7597abc1898f461ea6336ac19327172c58e14cb5
99944100ee80b612c14826a8234955cd2e326f45332387aac42398444e4ea0a8
9b1e9c30163274cf243c8f382e02c73c17afd6339e9445310edc4e1bc5a1a067
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd
a4b3d88757e99cb6dcecb5a101e9485634ec6a1fa6bbb068987f5bab704348b4
ab05a30bd45cd08814e10a3f5d81b8624492907d4a70dfdcdb9d433b552c20d4
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
ac8ff91d67397bfcf542f0d59a6b1f97d0666f44fe9eb02d82f614d87f2bc496
ad1c2f1120499c9fac2443eb5d8eaa85b630f483fbd2ba8d5dee62c22d06a0b0
af3b3cbe273de7c79ed7fb4a85abdb5fb60a391302828284c9035d3a407f7cd9
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b01052595d22238c23ad27dfb118270dc17124aa47731d3308824fbf182511b6
b47aa96b51209d8f0c759a15da938402b6ccdaa3949bdfacb9660c4a9f7e6631
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b5c639313a20041c6986df07dae08542d6e26be05464cadce13a51141b8a8886
b7d845189ebfb4d981c5e089b6531162ca51600610a7934b1ae33ddeef7f9259
b8202dbf11d6a1e1e2053569a938cf6c9a048046d5ebb8e20616865f0eb520fd
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bee6dbd6ac08a3dcf4f5b044d5a27bbf397e485ee8ff4445d14eb8bd48be4386
c0b395c96a2860953a10cb0e7bed7eb88db9ff1ef584b04ba0eaf48ca1583ae0
c0b42689184bb8eac7fdecb61c0313c621b948521c2c24118dcb3351f3c71763
c262f27abcd636af1c3c20b4b19c55e28b206e29b4c75269d3f1aed51710f81a
c795784276c739b442178903570af49a4fbf5235dd4a06584aecfe3b08edce4b
c8aea179fda610cf1460d882c700c34ef4107305040d3a3af5028c11e9a2d0ce
ca537b74a51c73d56a401ea7d361ad32f692558ab321b86a8fb0979f2927712c
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d3808f45c24bcd89b636a3b1337cf482f713ce40b432a06c77d312ee0c5f4a40
d44d2e0f6b3740a2f7eb77b8b6d49bbf3b898e4e2e220906505907d2bae54f41
d61464662b3f16fa324e788a327b1dad0749a6ed6deb4ec241289e2fc710d761
d73efe70be2927ba40fb4617468ffa04712439f55dd935568313ce4a09320418
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d999596076e920fba38a2515073340fb894212799db4d39d4c62767378a304d2
d9fa8b7840d5568cbf60193e899e00c2c1c1648e480bae6dce8a94d1cb943609
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
dff8fe4c5a9625caa99205862c64d90ce6b79406f124f9510c92e61e732e2d63
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e937a0a85e0d8b4a733090f3f655ebfd759bf2247af32d16b606606166fb4ed8
eb06f21269068cde5dc5b3359d8619725b5929c08095223bcb4447e8019949d8
eb46d82ef6f86859f18e379660e0f45b85c6f69fa97111905f0c125a08506376
ec6ff1ea69b3a469abf3aa04fc67782bbedfff4553bfaeec5ab17534d1f12403
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f320cdcf165a64a73a9a84905c4261c8d3fa07c39c7d0c03ec4194e33dc09676
f50271f26322eae6ab28b81314c790802655ab4d09da5f17115cc75e6b6cb469
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fd658c9ddb92935566c0fca89d3bd5f640584a5f8a545686d6ab3dfa49bd7d2f