irachan.xyz Open in urlscan Pro
104.21.4.172 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://irachan.xyz/
Submission: On October 02 via automatic, source rescanner (October 2nd 2021, 1:05:20 pm UTC) — Scanned from DE

Summary HTTP 153 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 32 IPs in 5 countries across 30 domains to perform 153 HTTP transactions. The main IP is 104.21.4.172, located in and belongs to CLOUDFLARENET, US. The main domain is irachan.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 2nd 2021. Valid for: a year.

This is the only time irachan.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	104.21.4.172 104.21.4.172	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
7	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	142.250.74.200 142.250.74.200	15169 (GOOGLE) (GOOGLE)
8	104.21.40.186 104.21.40.186	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	104.18.16.65 104.18.16.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	45.14.224.146 45.14.224.146	62068 (SPECTRAIP...) (SPECTRAIP SpectraIP B.V.)
2	104.21.234.68 104.21.234.68	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	13.224.194.224 13.224.194.224	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.202 142.250.185.202	15169 (GOOGLE) (GOOGLE)
3	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
13	142.250.186.142 142.250.186.142	15169 (GOOGLE) (GOOGLE)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
6	143.204.98.33 143.204.98.33	16509 (AMAZON-02) (AMAZON-02)
2 2	104.21.23.173 104.21.23.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.21.72.248 104.21.72.248	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.21.45.207 104.21.45.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	66.102.1.155 66.102.1.155	15169 (GOOGLE) (GOOGLE)
4	142.250.185.68 142.250.185.68	15169 (GOOGLE) (GOOGLE)
2	172.67.176.37 172.67.176.37	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.199.111.153 185.199.111.153	54113 (FASTLY) (FASTLY)
4 12	104.19.130.80 104.19.130.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.182.2 172.67.182.2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	185.162.85.1 185.162.85.1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	104.16.133.229 104.16.133.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	148.251.13.139 148.251.13.139	24940 (HETZNER-AS) (HETZNER-AS)
8	213.174.135.25 213.174.135.25	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	13.224.193.5 13.224.193.5	16509 (AMAZON-02) (AMAZON-02)
2	213.174.135.24 213.174.135.24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	213.174.135.33 213.174.135.33	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
4	172.217.18.97 172.217.18.97	15169 (GOOGLE) (GOOGLE)
9	104.18.17.65 104.18.17.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
153	32

2 104.21.4.172 (None, )

ASN13335 (CLOUDFLARENET, US)

irachan.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.74.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.21.40.186 (None, )

ASN13335 (CLOUDFLARENET, US)

fastcdn.jdi5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
counter.jdi5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imgcdn1.jdi5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.18.16.65 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.14.224.146 (Amsterdam, Netherlands) 2 redirects

ASN62068 (SPECTRAIP SpectraIP B.V., NL)
PTR: hosted-by.spectraip.net

directory.wapkiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.234.68 (None, )

ASN13335 (CLOUDFLARENET, US)

dl6.wapkizfile.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.194.224 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-224.fra2.r.cloudfront.net

d18t35yyry2k49.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.204.98.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-33.fra50.r.cloudfront.net

unfudgetljbf.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.23.173 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ad.jetx.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.21.72.248 (None, )

ASN13335 (CLOUDFLARENET, US)

1337x2.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.45.207 (None, )

ASN13335 (CLOUDFLARENET, US)

freychang.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.102.1.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.176.37 (United States)

ASN13335 (CLOUDFLARENET, US)

msgose.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.199.111.153 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-111-153.github.com

afarkas.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.19.130.80 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.182.2 (United States)

ASN13335 (CLOUDFLARENET, US)

ipldekho.cyou	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.162.85.1 (United Kingdom)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

yfetyg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.133.229 (None, )

ASN13335 (CLOUDFLARENET, US)

cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.13.139 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.139.13.251.148.clients.your-server.de

acceptable.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 213.174.135.25 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-5.fra2.r.cloudfront.net

hireprecially.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.174.135.24 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.174.135.33 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

i.wmgtr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.17.65 (None, )

ASN13335 (CLOUDFLARENET, US)

s-img.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	adskeeper.com jsc.adskeeper.com c.adskeeper.com servicer.adskeeper.com s-img.adskeeper.com cm.adskeeper.com	373 KB
17	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	356 KB
13	google-analytics.com www.google-analytics.com	78 KB
12	adskeeper.co.uk 4 redirects cdn.adskeeper.co.uk c.adskeeper.co.uk Failed s-img.adskeeper.co.uk	72 KB
8	jdi5.com fastcdn.jdi5.com counter.jdi5.com imgcdn1.jdi5.com	12 KB
8	googletagmanager.com www.googletagmanager.com	326 KB
7	bootstrapcdn.com maxcdn.bootstrapcdn.com	159 KB
6	wpadmngr.com js.wpadmngr.com	51 KB
6	1337x2.xyz 1337x2.xyz	7 KB
6	unfudgetljbf.xyz unfudgetljbf.xyz	11 KB
6	google.com adservice.google.com www.google.com	2 KB
5	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	6 KB
4	yfetyg.com yfetyg.com	940 B
4	cloudfront.net d18t35yyry2k49.cloudfront.net	97 KB
2	wmgtr.com i.wmgtr.com	52 KB
2	wpushsdk.com js.wpushsdk.com	6 KB
2	nawpush.com na.nawpush.com	725 B
2	a-ads.com acceptable.a-ads.com static.a-ads.com	5 KB
2	cloudflare.com cloudflare.com	729 B
2	github.io afarkas.github.io	7 KB
2	msgose.com msgose.com	112 KB
2	freychang.fun freychang.fun	1 KB
2	jetx.info 2 redirects ad.jetx.info	1 KB
2	googleadservices.com partner.googleadservices.com	712 B
2	googleapis.com ajax.googleapis.com	61 KB
2	wapkizfile.info dl6.wapkizfile.info	25 KB
2	wapkiz.com 2 redirects directory.wapkiz.com	1 KB
2	irachan.xyz irachan.xyz	15 KB
1	hireprecially.space hireprecially.space	368 B
1	ipldekho.cyou ipldekho.cyou	727 B
153	30

	Domain	Requested by
13	www.google-analytics.com	www.googletagmanager.com counter.jdi5.com www.google-analytics.com irachan.xyz
13	pagead2.googlesyndication.com	irachan.xyz pagead2.googlesyndication.com tpc.googlesyndication.com
9	s-img.adskeeper.com	jsc.adskeeper.com
8	www.googletagmanager.com	irachan.xyz www.googletagmanager.com 1337x2.xyz
7	maxcdn.bootstrapcdn.com	irachan.xyz maxcdn.bootstrapcdn.com
6	js.wpadmngr.com	msgose.com js.wpadmngr.com
6	1337x2.xyz	irachan.xyz
6	unfudgetljbf.xyz	d18t35yyry2k49.cloudfront.net
4	s-img.adskeeper.co.uk
4	c.adskeeper.co.uk
4	cm.adskeeper.com	jsc.adskeeper.com
4	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
4	yfetyg.com	msgose.com
4	cdn.adskeeper.co.uk	irachan.xyz jsc.adskeeper.com
4	www.google.com	irachan.xyz tpc.googlesyndication.com
4	counter.jdi5.com	irachan.xyz counter.jdi5.com
4	d18t35yyry2k49.cloudfront.net	irachan.xyz unfudgetljbf.xyz
4	jsc.adskeeper.com	irachan.xyz jsc.adskeeper.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	servicer.adskeeper.com	jsc.adskeeper.com
2	i.wmgtr.com	irachan.xyz msgose.com
2	js.wpushsdk.com	js.wpadmngr.com
2	na.nawpush.com	js.wpadmngr.com
2	imgcdn1.jdi5.com	irachan.xyz counter.jdi5.com
2	cloudflare.com	msgose.com
2	afarkas.github.io	1337x2.xyz
2	msgose.com	1337x2.xyz
2	c.adskeeper.com	jsc.adskeeper.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	freychang.fun	d18t35yyry2k49.cloudfront.net
2	ad.jetx.info	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	ajax.googleapis.com	irachan.xyz
2	dl6.wapkizfile.info	irachan.xyz
2	directory.wapkiz.com	2 redirects
2	fastcdn.jdi5.com	irachan.xyz
2	irachan.xyz	irachan.xyz
1	static.a-ads.com	acceptable.a-ads.com
1	hireprecially.space	irachan.xyz
1	acceptable.a-ads.com	ipldekho.cyou
1	ipldekho.cyou	afarkas.github.io
153	42

This site contains links to these domains. Also see Links.

Domain
widgets.adskeeper.com
www.adskeeper.com
wapmash.xyz

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-02` - `2022-10-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
unfudgetljbf.xyz Amazon	`2021-09-01` - `2022-09-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.github.com DigiCert SHA2 High Assurance Server CA	`2020-05-06` - `2022-04-14`	2 years	crt.sh
yfetyg.com R3	`2021-07-22` - `2021-10-20`	3 months	crt.sh
cloudflare.com Cloudflare Inc ECC CA-3	`2021-06-04` - `2022-06-03`	a year	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2020-12-02` - `2022-01-02`	a year	crt.sh
js.wpadmngr.com R3	`2021-08-24` - `2021-11-22`	3 months	crt.sh
hireprecially.space Amazon	`2021-09-22` - `2022-10-20`	a year	crt.sh
na.nawpush.com R3	`2021-08-16` - `2021-11-14`	3 months	crt.sh
js.wpushsdk.com R3	`2021-08-20` - `2021-11-18`	3 months	crt.sh
i.wmgtr.com R3	`2021-08-31` - `2021-11-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 21 frames:

Primary Page: https://irachan.xyz/
Frame ID: F425693B3DEF204CD1218B7D86D0306B
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/zrt_lookup.html
Frame ID: 9F081C8E44882575558725FBD9D9F29D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8649784530043118&output=html&adk=1812271804&adf=3025194257&lmt=1633179912&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Firachan.xyz%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633179913291&bpp=5&bdt=99&idt=123&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2750108737571&frm=20&pv=2&ga_vid=699647040.1633179913&ga_sid=1633179913&ga_hid=1385960328&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062986&oid=2&pvsid=2524957996954334&pem=661&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=137
Frame ID: 201875C75C5663AFCD560479439EDABD
Requests: 1 HTTP requests in this frame

Frame: https://unfudgetljbf.xyz/N2hKQzVWCikuClZVKGVARQR3ZgdxTXgFUQZQPnAAThE4OgdcXHNtVlsHPydTRQckNxtZDT5mB3EHBAV/TTEmEW1nOnoGVAcpfQUEDhwIFG9yPR00ZngpCw16XDo8BU9QMRgUZFouDhVfchAiIlZcKSUFBA4DDykBZCwODn9TKhMOe0AEIBVkeh8cLgx/OgkBcGc6IiV8YQd4BVJmUR0pVm86CQVjVRB+DXlbWG9xd38fBDt3XzoNF3JmOhMGe3whe3MNcR96KWcEDAgWX0cpLnNzZDIbEQ1mWC4tUVkMCBZceQwaBmNgCxsgZGEECChhcDoCEAZyLxMrGH47AAVSBCoLIAdvEjkLZwUyMxkFdT4vJFFcPiYBXn8sISFzXQQTJwVyACkSb14gPTAQBS4fG1F1PSANZ3o6LQ1TZS4tEkJyUBgpBVIqeQZycS06EVBQOnIRBFMCC3BNcT0SBnJuDwsHeFs9LQReUwUpLlF2PhIsfW0uHxtUZk4gMFpZGHcnb3sZfBZDVj8LKA0
Frame ID: 4B631C57D33B22E4532AB952082194C8
Requests: 2 HTTP requests in this frame

Frame: https://1337x2.xyz/torrent/5002906/You-May-Be-Pretty-But-I-Am-Beautiful-The-Adrian-Street-Story-2019-1080p-WEBRip-x264-RARBG/
Frame ID: CCB86C53778BB94617345A0AC1955492
Requests: 16 HTTP requests in this frame

Frame: https://irachan.xyz/
Frame ID: 72316618007A6A738C946E0E12DF5965
Requests: 43 HTTP requests in this frame

Frame: https://unfudgetljbf.xyz/cVdGUVcQNSU8aBBqJHciAzt7dGU3cnQXM0BvMmJiCC40KGUaY39/NB04MzUxAzgoJXkfMjJ0ZTc6JT8RQDQDAAU5PzUGMgYOHxQCQG4XYQEyBnUpAjYgHzccFh0LGBMWIBQ6BkkdDhsUOgV+YBYiER4QBh4wEmERJR8FBDQ3PC4GHiMgFQISNz4DKQIpAx4TAjMGEzcbQW8DFi8gPwATMBMRFRMCMxUUHxwjZwoZFQY4A2AFORkoFzQgAQQSMzc4ARkVRTAOAA42AR4LFDkgAAczGh0HAwFEZxBhHkIBHgsUMz8xNDQaDRMDPTs/FxQSPwUoEzUnEms1FjsGDxMQIwI8Fy88MgEFFSkGPB8RFWcQNwUaDS4AEjczASggNh8EPQEVPQAEBUEWKRYvHgYQCQ0yES4QAz0vdwgCNB12FAUaHw4oPCkBAzJlFwIANwUnYjEDZysUHj8dMwEDNRY/LwsJETAeMgdnPC0UCTM3D3YLECgwIhxxGyQpPydMAg4lY0QeEmdnKT0DFAQ
Frame ID: FDAC18955F472FE6ED2F3C984C7ED68F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8649784530043118&output=html&adk=1812271804&adf=3279755401&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Firachan.xyz%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633179913690&bpp=2&bdt=94&idt=105&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&cookie=ID%3D9567595a23e15a44-22a4034ce3ca0048%3AT%3D1633179913%3ART%3D1633179913%3AS%3DALNI_MbrvWlHlqvkQcWgWYKhfCbsaAWtEw&nras=1&correlator=2750108737571&frm=23&ife=1&pv=1&ga_vid=699647040.1633179913&ga_sid=1633179914&ga_hid=631963850&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3489720953&scr_x=0&scr_y=0&eid=31062945%2C31062986&oid=2&pvsid=4210810601138915&pem=661&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.ad53kuxhpmdk&fsb=1&dtd=112
Frame ID: BC8002DA8992C661A3D91B35F4E81A9E
Requests: 1 HTTP requests in this frame

Frame: https://1337x2.xyz/sub/42/0/
Frame ID: CD967F6BBC8EAB64ACC8DFCE44809430
Requests: 17 HTTP requests in this frame

Frame: https://ipldekho.cyou/a-ads.php
Frame ID: A7E8263B0FF09CC32760C737B0ECF331
Requests: 1 HTTP requests in this frame

Frame: https://acceptable.a-ads.com/1800606
Frame ID: 4B668366038CF6771FA653B5E0415CDB
Requests: 3 HTTP requests in this frame

Frame: https://i.wmgtr.com/cic/PJzI7vofYMkLJlsDDrdgJwFN4G_V58EZ.png
Frame ID: 62AD192360642E4025FB33E06DBF84A3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 3B188170A091EA5EEBC52D6F75EA5C4C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 749D28D01237A5EEC01D52633678E1C9
Requests: 2 HTTP requests in this frame

Frame: https://i.wmgtr.com/cic/PJzI7vofYMkLJlsDDrdgJwFN4G_V58EZ.png
Frame ID: E9E0D19997D7B668ACE4DD073D8C3132
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 85BF543A9304DE8415EC24D48999285C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 34535366F459ED5780C2B5C124F17179
Requests: 2 HTTP requests in this frame

Frame: https://cm.adskeeper.com/i-noref.js?cbuster=1633179914894242190506
Frame ID: B150C91B7C9205E0BC41B137BBBCDD09
Requests: 1 HTTP requests in this frame

Frame: https://cm.adskeeper.com/i-noref.js?cbuster=1633179915089247176196
Frame ID: 26A5FE6536D2B082D3116303401B5695
Requests: 1 HTTP requests in this frame

Frame: https://s-img.adskeeper.co.uk/g/3805664/328x328/96x0x480x480/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8xODRjNzBkZDRmYWVkZGY5MTU1YTdiZGQ3MmFjNTE5My5qcGVn.webp?v=1633179913-q-8jFKX3pbbugGH6XCIq6lwMxoysuJ33yyKi3_VHxEA
Frame ID: 53A9E8B7AB59B9E3B3FC772B02688AD0
Requests: 2 HTTP requests in this frame

Frame: https://s-img.adskeeper.co.uk/g/4023138/328x328/37x0x535x535/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2FmMzdiMTIxM2YxYTQyNjkzZWE1YjYyY2ZlNjg4OTA3LmpwZWc.webp?v=1633179914-7lOpaMyjS5E5I_EvvzCFSxKiTKGbt6S59FXjlU9KVeM
Frame ID: E948FBE1A31A784628AC627AD8017ED3
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cerpen Mu Cerpen KuCerpen Mu Cerpen Ku

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

153
Requests

95 %
HTTPS

0 %
IPv6

30
Domains

42
Subdomains

32
IPs

5
Countries

1837 kB
Transfer

4531 kB
Size

12
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://widgets.adskeeper.com/?utm_source=widget_adskeeper&utm_medium=text&utm_campaign=add&utm_content=1092870

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/3973211/i/57426922/2/pp/1/1?h=n2-maPZ__wF9jfgne51Hh-WRQdhNTeTn72SKYrhJgymGvbVisr5qhWcfQOBbVcNJ&rid=62379649-2381-11ec-ace9-d094662c1c35&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/5097645/i/57426922/2/pp/2/1?h=n2-maPZ__wF9jfgne51Hh0YyYG2uFZnmjteX4AOiTcna8qDROWZQPB2-GNXkzJIz&rid=62379649-2381-11ec-ace9-d094662c1c35&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/10839579/i/57426922/2/pp/3/1?h=n2-maPZ__wF9jfgne51Hh00iDvA8Tzjvg0jCyfHBKzhQEg9Xpn6tDq1L4gPsZwPS&rid=62379649-2381-11ec-ace9-d094662c1c35&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/10839628/i/57426922/2/pp/4/1?h=n2-maPZ__wF9jfgne51Hh9QEWCb-WoCUrojVaPtf7GGuw4gcvP46x568f37gWdxw&rid=62379649-2381-11ec-ace9-d094662c1c35&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1

Search URL Search Domain Scan URL

URL: https://wapmash.xyz/
Title: Wapmash

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg HTTP 302
https://dl6.wapkizfile.info/download/4c5b9d223ca30a01d8e4fc1d2acb33b7/51bbbc9982ad1e01f48a79247a035239/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg

Request Chain 24

https://ad.jetx.info/red2.php?rand=hHa8a633527beddab8d54773afed97205c&id=27 HTTP 302
https://1337x2.xyz/submit.php

Request Chain 38

https://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg HTTP 302
https://dl6.wapkizfile.info/download/4c5b9d223ca30a01d8e4fc1d2acb33b7/51bbbc9982ad1e01f48a79247a035239/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg

Request Chain 61

https://ad.jetx.info/red2.php?rand=hHa8a633527beddab8d54773afed97205c&id=27 HTTP 302
https://1337x2.xyz/submit.php

Request Chain 143

https://c.adskeeper.co.uk/c?pv=2&v=0|0|0|F2CGdMNtP5elUVBQF7p8sT00_X3aDMnTdBgnOD2-rgmH7z2-9AkqJ-FIXzgh5Yqv&cid=770363&f=1&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=61bb1461-2381-11ec-82bb-e4434b374cb2&psid=914738&iub=aHR0cHM6Ly9zLWltZy5hZHNrZWVwZXIuY28udWsvZy8zODA1NjY0LzMyOHgzMjgvOTZ4MHg0ODB4NDgwL2FIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBZeTh5TURFNUxUQTJMekV3TVRreU5DOHhPRFJqTnpCa1pEUm1ZV1ZrWkdZNU1UVTFZVGRpWkdRM01tRmpOVEU1TXk1cWNHVm4ud2VicD92PTE2MzMxNzk5MTMtcS04akZLWDNwYmJ1Z0dINlhDSXE2bHdNeG95c3VKMzN5eUtpM19WSHhFQQ== HTTP 301
https://s-img.adskeeper.co.uk/g/3805664/328x328/96x0x480x480/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8xODRjNzBkZDRmYWVkZGY5MTU1YTdiZGQ3MmFjNTE5My5qcGVn.webp?v=1633179913-q-8jFKX3pbbugGH6XCIq6lwMxoysuJ33yyKi3_VHxEA

Request Chain 144

https://c.adskeeper.co.uk/c?pv=2&v=0|0|0|F2CGdMNtP5elUVBQF7p8sd7BOHbfZDOfdXhME5shQN_Jssy2j9BKGAT3Jo528Po3&cid=770363&f=1&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=61bb17e7-2381-11ec-a757-e4434b374bc6&psid=914738&iub=aHR0cHM6Ly9zLWltZy5hZHNrZWVwZXIuY28udWsvZy8xMDgzOTYwNS8zMjh4MzI4Ly0vYUhSMGNEb3ZMMk5zTG1sdFoyaHZjM1J6TG1OdmJTOXBiV2RvTDJsdFlXZGxMMlpsZEdOb0wyRnlYekU2TVN4algyWnBiR3dzWlY5emFHRnljR1Z1T2pFd01DeG1YMnB3Wnl4blgzaDVYMk5sYm5SbGNpeDNYemsyTUN4NFh6WTFPQ3g1WHpRM05TOW9kSFJ3T2k4dmFXMW5hRzl6ZEhNdVkyOXRMM1F2TWpBeU1TMHdOaTh4TURFNU1qUXZaVFExTjJKaFpEUmlPR1ppWWpFeU5HUmlNamd4TnpBMU9UZzRNVFV3Wm1NdWFuQmxady53ZWJwP3Y9MTYzMzE3OTkxMy1DRXM5U2VwWkpPbDdVbmxoYlRKdmdYSW9zdlVmQzlXWVNPS3YtY09tZ2k4 HTTP 301
https://s-img.adskeeper.co.uk/g/10839605/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3Xzk2MCx4XzY1OCx5XzQ3NS9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNi8xMDE5MjQvZTQ1N2JhZDRiOGZiYjEyNGRiMjgxNzA1OTg4MTUwZmMuanBlZw.webp?v=1633179913-CEs9SepZJOl7UnlhbTJvgXIosvUfC9WYSOKv-cOmgi8

Request Chain 148

https://c.adskeeper.co.uk/c?pv=2&v=0|0|0|tdw23LMBPTSQK2Vadc4VM7qXwI4QYzPPW0squ9nVASk0BuTummoO3nRJi5qnURjV&cid=770363&f=1&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=622dc15b-2381-11ec-9fce-e4434b374c8a&psid=914738&iub=aHR0cHM6Ly9zLWltZy5hZHNrZWVwZXIuY28udWsvZy80MDIzMTM4LzMyOHgzMjgvMzd4MHg1MzV4NTM1L2FIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TVRrdE1EZ3ZNVEF4T1RJMEwyRm1NemRpTVRJeE0yWXhZVFF5TmprelpXRTFZall5WTJabE5qZzRPVEEzTG1wd1pXYy53ZWJwP3Y9MTYzMzE3OTkxNC03bE9wYU15alM1RTVJX0V2dnpDRlN4S2lUS0didDZTNTlGWGpsVTlLVmVN HTTP 301
https://s-img.adskeeper.co.uk/g/4023138/328x328/37x0x535x535/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2FmMzdiMTIxM2YxYTQyNjkzZWE1YjYyY2ZlNjg4OTA3LmpwZWc.webp?v=1633179914-7lOpaMyjS5E5I_EvvzCFSxKiTKGbt6S59FXjlU9KVeM

Request Chain 149

https://c.adskeeper.co.uk/c?pv=2&v=0|0|0|tdw23LMBPTSQK2Vadc4VMxZMksiJbsy3SqCuXhNGq5L8vpbknaSJIeMfd3EYAaiq&cid=770363&f=1&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=622dc614-2381-11ec-a757-e4434b374bc6&psid=914738&iub=aHR0cHM6Ly9zLWltZy5hZHNrZWVwZXIuY28udWsvZy82Mjg4MTA3LzMyOHgzMjgvMHgxOHg3MDB4NzAwL2FIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpBdE1EWXZNVEF4T1RJMEx6VXdPRFkxWkdabFpqUTFNMk5oTW1Sak5qVmhOR0V6T0RFNU1UVXpOalJqTG1wd1pXYy53ZWJwP3Y9MTYzMzE3OTkxNC1vTmJoTDF1eVlzcFVlektVcHFTTFRTMFJxOXdqNXFCaXlPVm5wZ2ZOSm5Z HTTP 301
https://s-img.adskeeper.co.uk/g/6288107/328x328/0x18x700x700/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzUwODY1ZGZlZjQ1M2NhMmRjNjVhNGEzODE5MTUzNjRjLmpwZWc.webp?v=1633179914-oNbhL1uyYspUezKUpqSLTS0Rq9wj5qBiyOVnpgfNJnY

153 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
irachan.xyz/ 24 KB
8 KB 160ms
140ms Document
text/html 104.21.4.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://irachan.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.4.172 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a1696d53feff9e760ba219050cc0d06599075b91e42cae0b69728e097b52e85

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: irachan.xyz
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-type: text/html; charset=UTF-8
set-cookie: irachan_xyz=e229e149867eac4665e3b083015c2cf0; path=/; domain=irachan.xyz
expires: Sat, 02 Oct 2021 13:15:12 GMT
cache-control: public
pragma: no-cache
last-modified: Sat, 02 Oct 2021 13:05:12 GMT
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxhp4yy1Ld9tf49ZJo5oqlsDtWaoDnM%2Bmvq8YxuQMiXSPZ40aKKBxwN8rK5%2FEPZmQEuPMQq%2BPtg80ceWdah4SOrDdDuzMpA%2BVG7UZG3UcDlWx37%2B%2F43bRZOmj5iyNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 697e241889d96973-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 50ms
28ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: irachan.xyz
URL: https://irachan.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e51bda654d58478ec0d9a3f0eac2c68248b7461286fce1478b25a4c788c1c268

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50828
x-xss-protection: 0
server: cafe
etag: 13332827968869573103
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 02 Oct 2021 13:05:13 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
7 KB 29ms
13ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: irachan.xyz
URL: https://irachan.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 565, 617, 617
age: 1680334
cdn-cachedat: 2021-06-08 19:04:20
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 5be60cad80d1eecc9ac7a67f88ee3f89
cf-ray: 697e2419ac280625-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
24 KB 31ms
15ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: irachan.xyz
URL: https://irachan.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 756
age: 1680214
cdn-cachedat: 08/11/2021 05:41:31
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 313ad02a214f6bc0a71a4ade9593c82e
cf-ray: 697e2419ac2a0625-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 125 KB
49 KB 78ms
40ms Script
application/javascript 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZKQGJML8NR

Requested by

Host: irachan.xyz
URL: https://irachan.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

21bfa4cc49f70c71ddf5568764b850f3dd4ce50cc0895ec49c445251a423b0fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49881
x-xss-protection: 0
expires: Sat, 02 Oct 2021 13:05:13 GMT

GET
H2 200 style.css
fastcdn.jdi5.com/css/directory.wapkiz.com/ 9 KB
3 KB 111ms
80ms Stylesheet
text/css 104.21.40.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastcdn.jdi5.com/css/directory.wapkiz.com/style.css
Requested by: Host: irachan.xyz
URL: https://irachan.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.40.186 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.0RC6
Resource Hash: 9fe93da8b15e318c34a8c64e4559816f8ed977181ff0f6870e29d3e93327236a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 02 Oct 2021 13:05:13 GMT
server: cloudflare
x-powered-by: PHP/7.4.0RC6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=puTDGk7jYS2N6BPcSo8uyG62%2FCU6faAfzPy7eG%2F2NrMWrQhwqV6pvVIVdDrsbwiwcam2pgUkjCWv%2B2qKbKRCj7xxQUPEMVQygtcn1bTuZxf6RAQR5s4rX8%2FS8Dbe4rh4PCsn"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 697e2419c965411a-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 irachan.xyz.1092870.js Show response
jsc.adskeeper.com/i/r/ 2 KB
1 KB 36ms
16ms Script
text/javascript 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/i/r/irachan.xyz.1092870.js
Requested by: Host: irachan.xyz
URL: https://irachan.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cf6a77b925afb31b827686cb358cb4b59375cc008a3e0c58b9d187c367935aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 122
cf-ray: 697e2419fc364ea3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 744
x-amz-id-2: eNgK9yLNlBSYy/927NPEj7uS6TaA9pfH+e3lQRWaRfL8Ylk+kKIMpMgl9hoR7EAYVgmjqLfI0Dc=
last-modified: Wed, 08 Sep 2021 13:22:17 GMT
server: cloudflare
etag: "1cfa7f0b4c95c38af147f21bdd928a78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 9H9QH6SGFK1A1ADN
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 02 Oct 2021 17:05:13 GMT

GET
H2

200

photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg
dl6.wapkizfile.info/download/4c5b9d223ca30a01d8e4fc1d2acb33b7/51bbbc9982ad1e01f48a79247a035239/directory+wapkiz+com/
Redirect Chain

https://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg
https://dl6.wapkizfile.info/download/4c5b9d223ca30a01d8e4fc1d2acb33b7/51bbbc9982ad1e01f48a79247a035239/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg

12 KB
12 KB

166ms
125ms

Image
image/gif

104.21.234.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl6.wapkizfile.info/download/4c5b9d223ca30a01d8e4fc1d2acb33b7/51bbbc9982ad1e01f48a79247a035239/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg
Requested by: Host: irachan.xyz
URL: https://irachan.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.234.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: e7f9951426a68132d298172f4e8aefa6eb47459370334932220fcb0c4b903d91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Oct 2021 13:05:13 GMT
server: cloudflare
x-powered-by: PHP/5.6.40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dyNLn4%2BSqp8Ac1NuVGyez%2F8drvChIgvK1mQsFzzHji%2BisAPo9FG8%2BmGY3nYwZhvqaRn99kGAuTbZ%2BpinNg3ZXWIIgZqN%2BiOMEGEFtpRI8yAjMi1FMLWZuIJbmSpT%2FuSHavxrNyW%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 697e241ab83027b4-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Pragma: no-cache
Date: Sat, 02 Oct 2021 13:05:13 GMT
Server: nginx
location: https://dl6.wapkizfile.info/download/4c5b9d223ca30a01d8e4fc1d2acb33b7/51bbbc9982ad1e01f48a79247a035239/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 / Show response
d18t35yyry2k49.cloudfront.net/ 158 KB
48 KB 189ms
159ms Script
text/plain 13.224.194.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d18t35yyry2k49.cloudfront.net/?ryytd=914738
Requested by: Host: irachan.xyz
URL: https://irachan.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-224.fra2.r.cloudfront.net
Software: /
Resource Hash: 068a2937e1e5cd737281af4eb119dfae9da9f7bbdb5a731dbe5a1e39b9b120cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: gzip
x-edge-origin-shield-skipped: 0
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
x-amz-cf-pop: FRA2-C1
content-length: 48645
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront)
x-amz-cf-id: KuGF-lJobm-1nKAeA_m4xClXsfhIwGmZMskhzUXVMzyKr7aPjvZKJg==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.0/ 86 KB
31 KB 52ms
14ms Script
text/javascript 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.0/jquery.min.js

Requested by

Host: irachan.xyz
URL: https://irachan.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

sffe /

Resource Hash

0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 15:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 508541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30768
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Sep 2022 15:49:32 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/ 57 KB
16 KB 17ms
16ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: irachan.xyz
URL: https://irachan.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 3411032
cdn-cachedat: 2021-08-02 21:50:12
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 0838fea08fb3e365d8cd8f1eca354a8e
cf-ray: 697e2419dc790625-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 online.js Show response
counter.jdi5.com/ 3 KB
2 KB 19ms
18ms Script
application/javascript 104.21.40.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.jdi5.com/online.js
Requested by: Host: irachan.xyz
URL: https://irachan.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.40.186 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f530bfa2c38b91f1fc244604bb6db7381662a0a44f151bf368d310ced331442

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14023966
cf-polished: origSize=4463
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 19 Mar 2021 16:57:56 GMT
server: cloudflare
etag: W/"6054d814-116f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dt1ziiXUrLMVU6H5q99B0mwdxlMTtNH0DMmZ5gZyW1t8WCvISX5tinN71B8jhv74uezN4rW1odgkKlqDdPulM9dEt70PdU9NR1dQKcfGH7j4z%2Byz931MwkCJ9RNjE9oSWnjM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 697e2419d96c411a-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109280101/ 257 KB
95 KB 78ms
64ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109280101/show_ads_impl_fy2019.js?bust=31062986

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

5ce3f6ea71ea0f7eb1247e5555023217bb60373c178676b4bf86c89c24c8827c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97113
x-xss-protection: 0
server: cafe
etag: 1513850015010547206
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Oct 2021 13:05:13 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/ Frame 9F08 10 KB
5 KB 52ms
15ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210928/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://irachan.xyz/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 01 Oct 2021 23:06:38 GMT
expires: Fri, 15 Oct 2021 23:06:38 GMT
content-type: text/html; charset=UTF-8
etag: 297313706323796346
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4617
x-xss-protection: 0
age: 50315
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 irachan.xyz.1092870.es6.js Show response
jsc.adskeeper.com/i/r/ 226 KB
65 KB 33ms
22ms Script
text/javascript 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/i/r/irachan.xyz.1092870.es6.js
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/i/r/irachan.xyz.1092870.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7035414234982fdadd5d472ac9ad322a29f40a0356e1aa8f03a0f9beaabd770c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 122
cf-ray: 697e241a386ec2c7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 66133
x-amz-id-2: 3pHiUvZoTM0QP6JBVYD7qZyjs6eOl1Z0DXcN8Y2nKSQASiD7XxaIc20XlHRJUCWgIvCJ1xnxpBE=
last-modified: Wed, 08 Sep 2021 13:22:17 GMT
server: cloudflare
etag: "624ed0669f8c16ea42162382ca0ab804"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: ENMFGVSSDDG5D85W
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 02 Oct 2021 17:05:13 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ 65 KB
66 KB 28ms
18ms Font
font/woff2 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Origin: https://irachan.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617, 617, 617
age: 131019
cdn-cachedat: 2021-07-24 16:51:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 66624
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: f008d9f3b06ee41f23fac2dc2a337e8a
accept-ranges: bytes
cf-ray: 697e241a582b68e9-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 204 collect
www.google-analytics.com/g/ 0
365 B 35ms
13ms Ping
text/plain 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-ZKQGJML8NR&gtm=2oe9r0&_p=1385960328&sr=1600x1200&ul=en-us&cid=699647040.1633179913&_s=1&dl=https%3A%2F%2Firachan.xyz%2F&dt=Cerpen%20Mu%20Cerpen%20Ku&sid=1633179913&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZKQGJML8NR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://irachan.xyz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 13:05:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://irachan.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 35ms
21ms Script
application/javascript 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-15

Requested by

Host: irachan.xyz
URL: https://irachan.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

508de954b77d79546376af7ebc0bc9544a3a5b3015a0e347deaf5e317a5ee782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38907
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 02 Oct 2021 13:05:13 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
659 B 39ms
16ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=irachan.xyz&callback=_gfp_s_&client=ca-pub-8649784530043118

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109280101/show_ads_impl_fy2019.js?bust=31062986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

696e0bcf46c01763d5293c509cd4aad25da6112667bb15864aea23859f84b00b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 46ms
16ms Script
application/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=irachan.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109280101/show_ads_impl_fy2019.js?bust=31062986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2018 603 B
68 B 40ms
26ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8649784530043118&output=html&adk=1812271804&adf=3025194257&lmt=1633179912&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Firachan.xyz%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633179913291&bpp=5&bdt=99&idt=123&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2750108737571&frm=20&pv=2&ga_vid=699647040.1633179913&ga_sid=1633179913&ga_hid=1385960328&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062986&oid=2&pvsid=2524957996954334&pem=661&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=137

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109280101/show_ads_impl_fy2019.js?bust=31062986

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8649784530043118&output=html&adk=1812271804&adf=3025194257&lmt=1633179912&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Firachan.xyz%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633179913291&bpp=5&bdt=99&idt=123&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2750108737571&frm=20&pv=2&ga_vid=699647040.1633179913&ga_sid=1633179913&ga_hid=1385960328&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062986&oid=2&pvsid=2524957996954334&pem=661&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=137
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://irachan.xyz/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 02 Oct 2021 13:05:13 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 02-Oct-2021 13:20:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 02 Oct 2021 13:05:13 GMT
cache-control: private

GET
H2 204 utx Show response
unfudgetljbf.xyz/ 0
412 B 125ms
98ms XHR
text/plain 143.204.98.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unfudgetljbf.xyz/utx?cb=ZDjrcORo7tvh&top=irachan.xyz&tid=914738
Requested by: Host: d18t35yyry2k49.cloudfront.net
URL: https://d18t35yyry2k49.cloudfront.net/?ryytd=914738
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-33.fra50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 13:05:13 GMT
via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://irachan.xyz
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: 5blCHdqILENMzE8SDkqtUtuttswp9qdEtoBScMBOqSgIGQIJNN-I9w==

GET
H2 200 OgkBcGc6IiV8YQd4BVJmUR0pVm86CQVjVRB+DXlbWG9xd38fBDt3XzoNF3JmOhMGe3whe3MNcR96KWcEDAgWX0cpLnNzZDIbEQ1mWC4tUVkMCBZceQwaBmNgCxsgZGEECChhcDoCEAZyLxMrGH47AAVSBCoLIAdvEjkLZwUyMxkFdT4vJFFcPiYBXn8sISFzXQQTJ... Show response
unfudgetljbf.xyz/N2hKQzVWCikuClZVKGVARQR3ZgdxTXgFUQZQPnAAThE4OgdcXHNtVlsHPydTRQckNxtZDT5mB3EHBAV/TTEmEW1nOnoGVAcpfQUEDhwIFG9yPR00ZngpCw16XDo8BU9QMRgUZFouDhVfchAiIlZcKSUFBA4DDykBZCwODn9TKhMOe0AEIBVk... Frame 4B63 3 KB
2 KB 109ms
98ms Document
text/html 143.204.98.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unfudgetljbf.xyz/N2hKQzVWCikuClZVKGVARQR3ZgdxTXgFUQZQPnAAThE4OgdcXHNtVlsHPydTRQckNxtZDT5mB3EHBAV/TTEmEW1nOnoGVAcpfQUEDhwIFG9yPR00ZngpCw16XDo8BU9QMRgUZFouDhVfchAiIlZcKSUFBA4DDykBZCwODn9TKhMOe0AEIBVkeh8cLgx/OgkBcGc6IiV8YQd4BVJmUR0pVm86CQVjVRB+DXlbWG9xd38fBDt3XzoNF3JmOhMGe3whe3MNcR96KWcEDAgWX0cpLnNzZDIbEQ1mWC4tUVkMCBZceQwaBmNgCxsgZGEECChhcDoCEAZyLxMrGH47AAVSBCoLIAdvEjkLZwUyMxkFdT4vJFFcPiYBXn8sISFzXQQTJwVyACkSb14gPTAQBS4fG1F1PSANZ3o6LQ1TZS4tEkJyUBgpBVIqeQZycS06EVBQOnIRBFMCC3BNcT0SBnJuDwsHeFs9LQReUwUpLlF2PhIsfW0uHxtUZk4gMFpZGHcnb3sZfBZDVj8LKA0
Requested by: Host: d18t35yyry2k49.cloudfront.net
URL: https://d18t35yyry2k49.cloudfront.net/?ryytd=914738
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-33.fra50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: ebd9f202011f8a926c9544a4ba1f5488e1c12f336d8595ae6595daf4b326fecc

Request headers

:method: GET
:authority: unfudgetljbf.xyz
:scheme: https
:path: /N2hKQzVWCikuClZVKGVARQR3ZgdxTXgFUQZQPnAAThE4OgdcXHNtVlsHPydTRQckNxtZDT5mB3EHBAV/TTEmEW1nOnoGVAcpfQUEDhwIFG9yPR00ZngpCw16XDo8BU9QMRgUZFouDhVfchAiIlZcKSUFBA4DDykBZCwODn9TKhMOe0AEIBVkeh8cLgx/OgkBcGc6IiV8YQd4BVJmUR0pVm86CQVjVRB+DXlbWG9xd38fBDt3XzoNF3JmOhMGe3whe3MNcR96KWcEDAgWX0cpLnNzZDIbEQ1mWC4tUVkMCBZceQwaBmNgCxsgZGEECChhcDoCEAZyLxMrGH47AAVSBCoLIAdvEjkLZwUyMxkFdT4vJFFcPiYBXn8sISFzXQQTJwVyACkSb14gPTAQBS4fG1F1PSANZ3o6LQ1TZS4tEkJyUBgpBVIqeQZycS06EVBQOnIRBFMCC3BNcT0SBnJuDwsHeFs9LQReUwUpLlF2PhIsfW0uHxtUZk4gMFpZGHcnb3sZfBZDVj8LKA0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://irachan.xyz/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/

Response headers

content-type: text/html
content-length: 1230
date: Sat, 02 Oct 2021 13:05:13 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Q6OstyhokaPyo8WUcENsKW17Th8CHmMg8MnHfdVD1-IjSYLumjbKHw==

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 35ms
14ms Script
text/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: counter.jdi5.com
URL: https://counter.jdi5.com/online.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 793
date: Sat, 02 Oct 2021 12:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 02 Oct 2021 14:52:00 GMT

GET
H3 200 fc.php Show response
counter.jdi5.com/ 47 B
573 B 642ms
616ms Script
application/x-javascript 104.21.40.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.jdi5.com/fc.php?id=b2f5104ea8bf7177e1a360f69f232563&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&ref=&pn=https%3A%2F%2Firachan.xyz%2F&wh=1600x1200&rand=95
Requested by: Host: counter.jdi5.com
URL: https://counter.jdi5.com/online.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.40.186 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e9c0760faa5abb9a0ad5e0ba78e3e7b7e2299748efab991011475d27beab3bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FD7CmKo%2FNSRUSB57%2Bf7Wi8GX9PFu%2FAMKq9pubaZ2LRDcv7gcgOywdJJYKa1lv3vnKf0WgBkg1jAEKMZCw3sq5WrO48GcfxCkeFE2X0LwYYAxEvW0DTi7Kw4XPmNgy%2F%2BVUoh5"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cf-ray: 697e241b7be84138-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 47

GET
H2

200

submit.php Show response
1337x2.xyz/ Frame CCB8
Redirect Chain

https://ad.jetx.info/red2.php?rand=hHa8a633527beddab8d54773afed97205c&id=27
https://1337x2.xyz/submit.php

345 B
739 B

104ms
68ms

Document
text/html

104.21.72.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x2.xyz/submit.php
Requested by: Host: irachan.xyz
URL: https://irachan.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.72.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: e9b281d1d3a53a42aaa13f8b0e5b332da80515dd3f010481193953038d8fa7ef

Request headers

:method: GET
:authority: 1337x2.xyz
:scheme: https
:path: /submit.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://irachan.xyz/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=btvQdGWHBixv3qO%2BMWd2hOBtrM%2FSHHr1CKzzwyUCKVwSKJ66PmwBhRoxFjdT2wHTQLcuvbizoJM%2FCLYK8okqmd14v9OsTJ%2F6wixcpsTaWgakeTRuqL%2BNG%2BEud2xs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 697e241be8d427b4-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.30
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=4ru7gsfir8eode6s68mumdpv6r; path=/
location: https://1337x2.xyz/submit.php
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JAFIbYj3XO9hHtYujNnYSIoHAQ8WMOwZ%2B9po6GtMa%2Ft4V7k3Hpwe7%2BTYf1qO5%2F9MT19vIkQTcFYcfA8HvP971PmyNHU4%2BaqmXyQbRv%2Bj4ppQHCtQPxfpF0vfDnGfbfk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 697e241b6fcbc2d1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 / Show response
irachan.xyz/ Frame 7231 24 KB
8 KB 101ms
89ms Document
text/html 104.21.4.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://irachan.xyz/

Requested by

Host: irachan.xyz
URL: https://irachan.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.172 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a1696d53feff9e760ba219050cc0d06599075b91e42cae0b69728e097b52e85

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: irachan.xyz
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://irachan.xyz/
accept-encoding: gzip, deflate, br
cookie: irachan_xyz=e229e149867eac4665e3b083015c2cf0; _ga_ZKQGJML8NR=GS1.1.1633179913.1.0.1633179913.0; _ga=GA1.1.699647040.1633179913
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 02 Oct 2021 13:15:12 GMT
cache-control: public
pragma: no-cache
last-modified: Sat, 02 Oct 2021 13:05:12 GMT
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLyiw1xBMNK9%2BQ5zgqyBr%2BJYROC5xc6sf2udOeNLTNrbh5RrcPJzKFKf0OjSASQ2zsPCYWm6okephJixswO8GZ%2BStbqADlJtyeSqwxfUVyy43vigRPsO9Ui%2BtxdbTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 697e241b6ef74e1a-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 22ms
21ms Script
application/javascript 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-15&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZKQGJML8NR

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

77c542063b51ba9af3ac699ea8d9a52399756ba9c2e8a1a87dea4f5443962025

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38907
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 02 Oct 2021 13:05:13 GMT

GET
H2 200 / Show response
freychang.fun/ 16 B
719 B 155ms
118ms Fetch
text/plain 104.21.45.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/?f=b0174682fa63789a3402a7f7bc361b31
Requested by: Host: d18t35yyry2k49.cloudfront.net
URL: https://d18t35yyry2k49.cloudfront.net/?ryytd=914738
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.45.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14c06c072070cdd81bc629fcc0e61bc442ed21c9bad8bbfda063ea7688a1d443

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://irachan.xyz
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4WcNQcRkM2meFsdc%2BvFUFu29WMxi0Uz0oYCVgA0DPDT0iYvWN1hCjrBoDZtnIQg23PkeLynX%2BoyDNFYhT5P4f62ouxaUjbsGENZ7IQf5mMmXECDdxrcCKKbKuSeh8A1"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 697e241c6be54132-PRG
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 20ms
20ms XHR
text/plain 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1385960328&t=pageview&_s=1&dl=https%3A%2F%2Firachan.xyz%2F&ul=en-us&de=UTF-8&dt=Cerpen%20Mu%20Cerpen%20Ku&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAAC~&jid=1467403353&gjid=1533830858&cid=699647040.1633179913&tid=UA-46789381-10&_gid=1799128876.1633179914&_r=1&_slc=1&z=298286077

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://irachan.xyz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 13:05:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://irachan.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 21ms
20ms XHR
text/plain 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1385960328&t=pageview&_s=1&dl=https%3A%2F%2Firachan.xyz%2F&ul=en-us&de=UTF-8&dt=Cerpen%20Mu%20Cerpen%20Ku&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1574108505&gjid=101063688&cid=699647040.1633179913&tid=UA-46789381-15&_gid=1799128876.1633179914&_r=1&gtm=2ou9r0&z=1407439877

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://irachan.xyz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 13:05:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://irachan.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
13ms Image
image/gif 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1385960328&t=event&_s=2&dl=https%3A%2F%2Firachan.xyz%2F&ul=en-us&de=UTF-8&dt=Cerpen%20Mu%20Cerpen%20Ku&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=irachan.xyz&ea=irachan.xyz&el=irachan.xyz&_u=YADAAUABAAAAAC~&jid=&gjid=&cid=699647040.1633179913&tid=UA-46789381-15&_gid=1799128876.1633179914&gtm=2ou9r0&cg1=irachan.xyz&z=1997285481

Requested by

Host: irachan.xyz
URL: https://irachan.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Oct 2021 22:11:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53653
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UXdBUjNRMRgNfRFgQwE8Rj0eB3EGFEpRegR8R1djA3xFUXEGYgADMlUgGkdmcmdAVXoHZFUXaQ Show response
d18t35yyry2k49.cloudfront.net/oNFJzYlRXPR0Ea0A7F19tBWZEUWwSOAANOkRvFzgYRWQmFDVjExhackAoF19kEj4SDDMJdBYMNwljVQMwVm9HRCBEPRhfIVo2FgQ9WjcXRCFVbx4NLl0+HwNxBhRGTGQRYENKI108Fw0jR3dBUjpAd0FSZQR8Q0dndndBUi... Frame 4B63 444 B
649 B 153ms
152ms Script
text/plain 13.224.194.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d18t35yyry2k49.cloudfront.net/oNFJzYlRXPR0Ea0A7F19tBWZEUWwSOAANOkRvFzgYRWQmFDVjExhackAoF19kEj4SDDMJdBYMNwljVQMwVm9HRCBEPRhfIVo2FgQ9WjcXRCFVbx4NLl0+HwNxBhRGTGQRYENKI108Fw0jR3dBUjpAd0FSZQR8Q0dndndBUiNdPEVWcQcQVlBkTGRHS3EGYh-ISJFg3BAc2XzsHR2ZyZ0BVegdkVlBkHDkbFjlYd0EhcQZiHws/UXdBUjNRMRgNfRFgQwE8Rj0eB3EGFEpRegR8R1djA3xFUXEGYgADMlUgGkdmcmdAVXoHZFUXaQ
Requested by: Host: unfudgetljbf.xyz
URL: https://unfudgetljbf.xyz/N2hKQzVWCikuClZVKGVARQR3ZgdxTXgFUQZQPnAAThE4OgdcXHNtVlsHPydTRQckNxtZDT5mB3EHBAV/TTEmEW1nOnoGVAcpfQUEDhwIFG9yPR00ZngpCw16XDo8BU9QMRgUZFouDhVfchAiIlZcKSUFBA4DDykBZCwODn9TKhMOe0AEIBVkeh8cLgx/OgkBcGc6IiV8YQd4BVJmUR0pVm86CQVjVRB+DXlbWG9xd38fBDt3XzoNF3JmOhMGe3whe3MNcR96KWcEDAgWX0cpLnNzZDIbEQ1mWC4tUVkMCBZceQwaBmNgCxsgZGEECChhcDoCEAZyLxMrGH47AAVSBCoLIAdvEjkLZwUyMxkFdT4vJFFcPiYBXn8sISFzXQQTJwVyACkSb14gPTAQBS4fG1F1PSANZ3o6LQ1TZS4tEkJyUBgpBVIqeQZycS06EVBQOnIRBFMCC3BNcT0SBnJuDwsHeFs9LQReUwUpLlF2PhIsfW0uHxtUZk4gMFpZGHcnb3sZfBZDVj8LKA0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-224.fra2.r.cloudfront.net
Software: /
Resource Hash: e4d214365a0d7dfceab60b926fad32ebbe63f0e05187d70cb50028b2ded0792e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unfudgetljbf.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: gzip
x-edge-origin-shield-skipped: 0
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA2-C1
content-length: 350
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront)
x-amz-cf-id: 8rS0JiooAhmgXzbBGSJ-ZoqQy-xT-Ge-4sz14C6wN0t0dttBZq3Kbg==

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7231 143 KB
50 KB 30ms
30ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: irachan.xyz
URL: https://irachan.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e51bda654d58478ec0d9a3f0eac2c68248b7461286fce1478b25a4c788c1c268

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50828
x-xss-protection: 0
server: cafe
etag: 13332827968869573103
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 02 Oct 2021 13:05:13 GMT

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ Frame 7231 27 KB
7 KB 19ms
18ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: irachan.xyz
URL: https://irachan.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 565, 617, 617
age: 1680334
cdn-cachedat: 2021-06-08 19:04:20
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 5be60cad80d1eecc9ac7a67f88ee3f89
cf-ray: 697e241c4b54d711-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/ Frame 7231 152 KB
24 KB 22ms
21ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: irachan.xyz
URL: https://irachan.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 756
age: 1680214
cdn-cachedat: 08/11/2021 05:41:31
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 313ad02a214f6bc0a71a4ade9593c82e
cf-ray: 697e241c4b55d711-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 7231 125 KB
49 KB 34ms
33ms Script
application/javascript 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZKQGJML8NR

Requested by

Host: irachan.xyz
URL: https://irachan.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

390b575278cb016b7baf6d244c5edd72b6b8b342e73bef767a13c5eb8172c277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49879
x-xss-protection: 0
expires: Sat, 02 Oct 2021 13:05:13 GMT

GET
H3 200 style.css
fastcdn.jdi5.com/css/directory.wapkiz.com/ Frame 7231 8 KB
3 KB 20ms
19ms Stylesheet
text/css 104.21.40.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastcdn.jdi5.com/css/directory.wapkiz.com/style.css
Requested by: Host: irachan.xyz
URL: https://irachan.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.40.186 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.0RC6
Resource Hash: 081e6c3577e482f568b569bb09608c6616bb8988b13e878132bf6df52effa894

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-powered-by: PHP/7.4.0RC6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 02 Oct 2021 13:05:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPv7EGmuY4wMNvrcIr2OvNI1c%2FKYZU3Hj64wynE9J4%2FiTTwA4DJua65ggehQf6lY1jlGxdh0y1GwAcyNnxVg6Wd1Vd7VZkYEGqPmiA2E6FhpBekA6IYPpg9uwQX2s4cUPKYg"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: max-age=14400
cf-polished: origSize=8741
cf-ray: 697e241c4c454138-PRG
cf-bgj: minify

GET
H3 200 irachan.xyz.1092870.js Show response
jsc.adskeeper.com/i/r/ Frame 7231 2 KB
1 KB 16ms
16ms Script
text/javascript 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/i/r/irachan.xyz.1092870.js
Requested by: Host: irachan.xyz
URL: https://irachan.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cf6a77b925afb31b827686cb358cb4b59375cc008a3e0c58b9d187c367935aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 122
cf-ray: 697e241c8b9fc2c7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 744
x-amz-id-2: eNgK9yLNlBSYy/927NPEj7uS6TaA9pfH+e3lQRWaRfL8Ylk+kKIMpMgl9hoR7EAYVgmjqLfI0Dc=
last-modified: Wed, 08 Sep 2021 13:22:17 GMT
server: cloudflare
etag: "1cfa7f0b4c95c38af147f21bdd928a78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 9H9QH6SGFK1A1ADN
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 02 Oct 2021 17:05:13 GMT

GET
H3

200

photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg
dl6.wapkizfile.info/download/4c5b9d223ca30a01d8e4fc1d2acb33b7/51bbbc9982ad1e01f48a79247a035239/directory+wapkiz+com/ Frame 7231
Redirect Chain

https://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg
https://dl6.wapkizfile.info/download/4c5b9d223ca30a01d8e4fc1d2acb33b7/51bbbc9982ad1e01f48a79247a035239/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg

12 KB
12 KB

42ms
21ms

Image
image/gif

104.21.234.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl6.wapkizfile.info/download/4c5b9d223ca30a01d8e4fc1d2acb33b7/51bbbc9982ad1e01f48a79247a035239/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg
Requested by: Host: irachan.xyz
URL: https://irachan.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: e7f9951426a68132d298172f4e8aefa6eb47459370334932220fcb0c4b903d91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Oct 2021 13:05:13 GMT
server: cloudflare
age: 0
x-powered-by: PHP/5.6.40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hu726mY981R4%2BoxXo1NclP6ImtDmLEeOIek%2Fimrp9DqJh9x4RvQlhHMwPVjEVbE%2Bvx5NIaJMt8Kgh5mdGs6%2BC4jLfZ2YxKRY5BGaHdf7Zs4KA9qVfrBIDlZEyMHkmrm12Y3xfKdV"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 697e241d08c0f9da-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Pragma: no-cache
Date: Sat, 02 Oct 2021 13:05:13 GMT
Server: nginx
location: https://dl6.wapkizfile.info/download/4c5b9d223ca30a01d8e4fc1d2acb33b7/51bbbc9982ad1e01f48a79247a035239/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 / Show response
d18t35yyry2k49.cloudfront.net/ Frame 7231 158 KB
48 KB 13ms
12ms Script
text/plain 13.224.194.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d18t35yyry2k49.cloudfront.net/?ryytd=914738
Requested by: Host: irachan.xyz
URL: https://irachan.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-224.fra2.r.cloudfront.net
Software: /
Resource Hash: 068a2937e1e5cd737281af4eb119dfae9da9f7bbdb5a731dbe5a1e39b9b120cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: gzip
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
x-amz-cf-pop: FRA2-C1
content-length: 48645
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront)
x-amz-cf-id: hZZXaKRLL7IInoYcw4RP_SArp2Ixjb1v5WNBXldJwKikwh9isXZ2ew==

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.0/ Frame 7231 86 KB
30 KB 36ms
14ms Script
text/javascript 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.0/jquery.min.js

Requested by

Host: irachan.xyz
URL: https://irachan.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

sffe /

Resource Hash

0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 15:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 508541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30768
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Sep 2022 15:49:32 GMT

GET
H3 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/ Frame 7231 57 KB
16 KB 15ms
15ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: irachan.xyz
URL: https://irachan.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 3411032
cdn-cachedat: 2021-08-02 21:50:12
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 0838fea08fb3e365d8cd8f1eca354a8e
cf-ray: 697e241c8bc9d711-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 online.js Show response
counter.jdi5.com/ Frame 7231 3 KB
2 KB 21ms
20ms Script
application/javascript 104.21.40.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.jdi5.com/online.js
Requested by: Host: irachan.xyz
URL: https://irachan.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.40.186 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f530bfa2c38b91f1fc244604bb6db7381662a0a44f151bf368d310ced331442

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14023966
cf-polished: origSize=4463
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 19 Mar 2021 16:57:56 GMT
server: cloudflare
etag: W/"6054d814-116f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fxfzlB%2BnGenoYGxnkqhj22IZUfUL9XOhgmwUnRr2IAHEWBbEIO4bBv292%2Fa%2B81QQl2TC%2B%2FfdB9h6b0lQHfJGjXUlawrejOryzr%2BSMtDBQxsvEUnhifEJR4nmX9haJI8E1ky"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 697e241c8c714138-PRG
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
458 B 45ms
14ms XHR
text/plain 66.102.1.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-46789381-10&cid=699647040.1633179913&jid=1467403353&gjid=1533830858&_gid=1799128876.1633179914&_u=IADAAEAAAAAAAC~&z=786907462

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://irachan.xyz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 02 Oct 2021 13:05:13 GMT
content-type: text/plain
access-control-allow-origin: https://irachan.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
68 B 45ms
15ms XHR
text/plain 66.102.1.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-46789381-15&cid=699647040.1633179913&jid=1574108505&gjid=101063688&_gid=1799128876.1633179914&_u=YADAAUABAAAAAC~&z=1761682789

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://irachan.xyz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 02 Oct 2021 13:05:13 GMT
content-type: text/plain
access-control-allow-origin: https://irachan.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
1337x2.xyz/ Frame CCB8 452 B
923 B 72ms
48ms Document
text/html 104.21.72.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x2.xyz/
Requested by: Host: irachan.xyz
URL: https://irachan.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.72.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: cceeaf46f4b2d1c5bc73eb5f03ab864be51ac65b52986204cd34ed8af862dac3

Request headers

:method: POST
:authority: 1337x2.xyz
:scheme: https
:path: /
content-length: 24
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://1337x2.xyz
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1337x2.xyz/submit.php
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://1337x2.xyz
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/submit.php

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
set-cookie: sam=sam; expires=Mon, 01-Nov-2021 13:05:13 GMT; Max-Age=2592000; path=/; domain=1337x2.xyz
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FbKS%2BpFLzIh3VoJ5obSjWa8FxGOIuLJ93y3FhSuSLZCOSAcyHcD3kLytxI4T8fh0BJVjrw%2FaV%2BI7ggdmKDvkoz81wWFiNsrk84%2Bokz9YrjDEc%2Fe%2Bhxy49u67%2FGtl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 697e241c997027bc-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109280101/ Frame 7231 257 KB
95 KB 32ms
31ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109280101/show_ads_impl_fy2019.js?bust=31062986

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

5ce3f6ea71ea0f7eb1247e5555023217bb60373c178676b4bf86c89c24c8827c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97113
x-xss-protection: 0
server: cafe
etag: 1513850015010547206
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Oct 2021 13:05:13 GMT

GET
H2 204 utx Show response
unfudgetljbf.xyz/ Frame 7231 0
412 B 98ms
98ms XHR
text/plain 143.204.98.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unfudgetljbf.xyz/utx?cb=STmlIe6ysfAR&top=irachan.xyz&tid=914738
Requested by: Host: d18t35yyry2k49.cloudfront.net
URL: https://d18t35yyry2k49.cloudfront.net/?ryytd=914738
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-33.fra50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 13:05:13 GMT
via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://irachan.xyz
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: H7tEBbPsvlrtjha4QyIhAS6vMqg9GJ0HJKh4prmZsjJENwVkQDlj_Q==

GET
H2 200 LwsJETAeMgdnPC0UCTM3D3YLECgwIhxxGyQpPydMAg4lY0QeEmdnKT0DFAQ Show response
unfudgetljbf.xyz/cVdGUVcQNSU8aBBqJHciAzt7dGU3cnQXM0BvMmJiCC40KGUaY39/NB04MzUxAzgoJXkfMjJ0ZTc6JT8RQDQDAAU5PzUGMgYOHxQCQG4XYQEyBnUpAjYgHzccFh0LGBMWIBQ6BkkdDhsUOgV+YBYiER4QBh4wEmERJR8FBDQ3PC4GHiMgFQIS... Frame FDAC 3 KB
2 KB 101ms
101ms Document
text/html 143.204.98.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unfudgetljbf.xyz/cVdGUVcQNSU8aBBqJHciAzt7dGU3cnQXM0BvMmJiCC40KGUaY39/NB04MzUxAzgoJXkfMjJ0ZTc6JT8RQDQDAAU5PzUGMgYOHxQCQG4XYQEyBnUpAjYgHzccFh0LGBMWIBQ6BkkdDhsUOgV+YBYiER4QBh4wEmERJR8FBDQ3PC4GHiMgFQISNz4DKQIpAx4TAjMGEzcbQW8DFi8gPwATMBMRFRMCMxUUHxwjZwoZFQY4A2AFORkoFzQgAQQSMzc4ARkVRTAOAA42AR4LFDkgAAczGh0HAwFEZxBhHkIBHgsUMz8xNDQaDRMDPTs/FxQSPwUoEzUnEms1FjsGDxMQIwI8Fy88MgEFFSkGPB8RFWcQNwUaDS4AEjczASggNh8EPQEVPQAEBUEWKRYvHgYQCQ0yES4QAz0vdwgCNB12FAUaHw4oPCkBAzJlFwIANwUnYjEDZysUHj8dMwEDNRY/LwsJETAeMgdnPC0UCTM3D3YLECgwIhxxGyQpPydMAg4lY0QeEmdnKT0DFAQ
Requested by: Host: d18t35yyry2k49.cloudfront.net
URL: https://d18t35yyry2k49.cloudfront.net/?ryytd=914738
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-33.fra50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: ced25c7361eb959608d58b7d56e6ee09f8e080960f08c23c536a8876a6e5d32e

Request headers

:method: GET
:authority: unfudgetljbf.xyz
:scheme: https
:path: /cVdGUVcQNSU8aBBqJHciAzt7dGU3cnQXM0BvMmJiCC40KGUaY39/NB04MzUxAzgoJXkfMjJ0ZTc6JT8RQDQDAAU5PzUGMgYOHxQCQG4XYQEyBnUpAjYgHzccFh0LGBMWIBQ6BkkdDhsUOgV+YBYiER4QBh4wEmERJR8FBDQ3PC4GHiMgFQISNz4DKQIpAx4TAjMGEzcbQW8DFi8gPwATMBMRFRMCMxUUHxwjZwoZFQY4A2AFORkoFzQgAQQSMzc4ARkVRTAOAA42AR4LFDkgAAczGh0HAwFEZxBhHkIBHgsUMz8xNDQaDRMDPTs/FxQSPwUoEzUnEms1FjsGDxMQIwI8Fy88MgEFFSkGPB8RFWcQNwUaDS4AEjczASggNh8EPQEVPQAEBUEWKRYvHgYQCQ0yES4QAz0vdwgCNB12FAUaHw4oPCkBAzJlFwIANwUnYjEDZysUHj8dMwEDNRY/LwsJETAeMgdnPC0UCTM3D3YLECgwIhxxGyQpPydMAg4lY0QeEmdnKT0DFAQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://irachan.xyz/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/

Response headers

content-type: text/html
content-length: 1234
date: Sat, 02 Oct 2021 13:05:13 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ybWoTevZ3ogU4MJ1MqWG5vQ-fHfE2WGlAzX_9xu__QiIy7pDomKGdQ==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 40ms
17ms Image
image/gif 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-46789381-10&cid=699647040.1633179913&jid=1467403353&_u=IADAAEAAAAAAAC~&z=1609410388

Requested by

Host: irachan.xyz
URL: https://irachan.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 13:05:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 43ms
21ms Image
image/gif 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-46789381-15&cid=699647040.1633179913&jid=1574108505&_u=YADAAUABAAAAAC~&z=699627917

Requested by

Host: irachan.xyz
URL: https://irachan.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 13:05:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 irachan.xyz.1092870.es6.js Show response
jsc.adskeeper.com/i/r/ Frame 7231 226 KB
65 KB 16ms
16ms Script
text/javascript 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/i/r/irachan.xyz.1092870.es6.js
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/i/r/irachan.xyz.1092870.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7035414234982fdadd5d472ac9ad322a29f40a0356e1aa8f03a0f9beaabd770c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 122
cf-ray: 697e241cbbe1c2c7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 66133
x-amz-id-2: 3pHiUvZoTM0QP6JBVYD7qZyjs6eOl1Z0DXcN8Y2nKSQASiD7XxaIc20XlHRJUCWgIvCJ1xnxpBE=
last-modified: Wed, 08 Sep 2021 13:22:17 GMT
server: cloudflare
etag: "624ed0669f8c16ea42162382ca0ab804"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: ENMFGVSSDDG5D85W
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 02 Oct 2021 17:05:13 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 7231 48 KB
19 KB 14ms
13ms Script
text/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: counter.jdi5.com
URL: https://counter.jdi5.com/online.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 793
date: Sat, 02 Oct 2021 12:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 02 Oct 2021 14:52:00 GMT

GET
H3 200 fc.php Show response
counter.jdi5.com/ Frame 7231 47 B
569 B 509ms
509ms Script
application/x-javascript 104.21.40.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.jdi5.com/fc.php?id=b2f5104ea8bf7177e1a360f69f232563&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&ref=https%3A%2F%2Firachan.xyz%2F&pn=https%3A%2F%2Firachan.xyz%2F%23&wh=1600x1200&rand=5
Requested by: Host: counter.jdi5.com
URL: https://counter.jdi5.com/online.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.40.186 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e9c0760faa5abb9a0ad5e0ba78e3e7b7e2299748efab991011475d27beab3bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cUVTeyn%2FGLJN0UX6sa6Sy2sfa%2B%2BWrl8B5wuApovUMtl27TUkVMegpUJSROTMM0icdcr8MHEKUcoZ6tBh3WjnndWsI68p8msRU7xCkD2el2QbaQQJROD%2FFZp6z1JpboYhOH1O"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cf-ray: 697e241cec9e4138-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 47

GET
H2 200 / Show response
freychang.fun/ Frame 7231 16 B
320 B 115ms
115ms Fetch
text/plain 104.21.45.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/?f=b0174682fa63789a3402a7f7bc361b31
Requested by: Host: d18t35yyry2k49.cloudfront.net
URL: https://d18t35yyry2k49.cloudfront.net/?ryytd=914738
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.45.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a870d464b030428277550a379c34c1414b360884a053328d25ae5ce88498d696

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://irachan.xyz
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RB2tHPz%2BPefIPsy6aZw5IfvqGwGEJz5jcs8%2FgBGYFn24qM3drbL5FloDxsiKn2UNoyyfUdISofDj0T3659R3Pq%2B%2FXxEB6xwaaA%2F4ItZPS92indtzTcltAxH2Xhwl0YTU"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 697e241d1c894132-PRG
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 7231 12 B
53 B 34ms
15ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=irachan.xyz&callback=_gfp_s_&client=ca-pub-8649784530043118&cookie=ID%3D9567595a23e15a44-22a4034ce3ca0048%3AT%3D1633179913%3ART%3D1633179913%3AS%3DALNI_MbrvWlHlqvkQcWgWYKhfCbsaAWtEw

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109280101/show_ads_impl_fy2019.js?bust=31062986

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7231 0
20 B 16ms
16ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Firachan.xyz%2F&tn=DIV&cls=hHa8a633527beddab8d54773afed97205c1&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: irachan.xyz
URL: https://irachan.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 13:05:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7231 107 B
122 B 32ms
16ms Script
application/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=irachan.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109280101/show_ads_impl_fy2019.js?bust=31062986

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BC80 603 B
69 B 29ms
28ms Document
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8649784530043118&output=html&adk=1812271804&adf=3279755401&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Firachan.xyz%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633179913690&bpp=2&bdt=94&idt=105&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&cookie=ID%3D9567595a23e15a44-22a4034ce3ca0048%3AT%3D1633179913%3ART%3D1633179913%3AS%3DALNI_MbrvWlHlqvkQcWgWYKhfCbsaAWtEw&nras=1&correlator=2750108737571&frm=23&ife=1&pv=1&ga_vid=699647040.1633179913&ga_sid=1633179914&ga_hid=631963850&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3489720953&scr_x=0&scr_y=0&eid=31062945%2C31062986&oid=2&pvsid=4210810601138915&pem=661&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.ad53kuxhpmdk&fsb=1&dtd=112

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109280101/show_ads_impl_fy2019.js?bust=31062986

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8649784530043118&output=html&adk=1812271804&adf=3279755401&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Firachan.xyz%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633179913690&bpp=2&bdt=94&idt=105&shv=r20210928&mjsv=m202109280101&ptt=9&saldr=aa&cookie=ID%3D9567595a23e15a44-22a4034ce3ca0048%3AT%3D1633179913%3ART%3D1633179913%3AS%3DALNI_MbrvWlHlqvkQcWgWYKhfCbsaAWtEw&nras=1&correlator=2750108737571&frm=23&ife=1&pv=1&ga_vid=699647040.1633179913&ga_sid=1633179914&ga_hid=631963850&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3489720953&scr_x=0&scr_y=0&eid=31062945%2C31062986&oid=2&pvsid=4210810601138915&pem=661&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.ad53kuxhpmdk&fsb=1&dtd=112
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://irachan.xyz/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 02 Oct 2021 13:05:13 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: IDE=AHWqTUnrzGDQRWn4lk0E4c3wYrED09e7_byNtxb5HT5gsWVh03twNvC0rsLSRYORHkM; expires=Mon, 02-Oct-2023 13:05:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 02 Oct 2021 13:05:13 GMT
cache-control: private

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 7231 96 KB
38 KB 21ms
20ms Script
application/javascript 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-15

Requested by

Host: irachan.xyz
URL: https://irachan.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6892b23d97c197227dac51fb0f2c64584108a7dd73c4e9ff04278df22426f5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38905
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 02 Oct 2021 13:05:13 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 7231 2 B
22 B 20ms
20ms XHR
text/plain 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=631963850&t=pageview&_s=1&dl=https%3A%2F%2Firachan.xyz%2F&ul=en-us&de=UTF-8&dt=Cerpen%20Mu%20Cerpen%20Ku&sd=24-bit&sr=1600x1200&vp=&je=0&_u=AACAAEABAAAAAC~&jid=&gjid=&cid=699647040.1633179913&tid=UA-46789381-10&_gid=1799128876.1633179914&_slc=1&z=1216694385

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://irachan.xyz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 13:05:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://irachan.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

submit.php Show response
1337x2.xyz/ Frame CD96
Redirect Chain

https://ad.jetx.info/red2.php?rand=hHa8a633527beddab8d54773afed97205c&id=27
https://1337x2.xyz/submit.php

345 B
700 B

43ms
43ms

Document
text/html

104.21.72.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x2.xyz/submit.php
Requested by: Host: irachan.xyz
URL: https://irachan.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.72.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: e9b281d1d3a53a42aaa13f8b0e5b332da80515dd3f010481193953038d8fa7ef

Request headers

:method: GET
:authority: 1337x2.xyz
:scheme: https
:path: /submit.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://irachan.xyz/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f08WFeKGkaSOQhfYBDhRFKiQ0kpTG3kgKec92NFreNP7KM6uoKcyaexhXSsATVZwo%2BCJmUdzUfxsRdTjvLkohgdZqd0CUQ3d8Toidri%2Fbl80wDrJGLgcV0Xu4nYI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 697e241dfa9327bc-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.30
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=1nu57em9cn6c51ien65scibtfa; path=/
location: https://1337x2.xyz/submit.php
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lxkio5yUFswlraxEZNwX83iz5LHK4CVgWoQ5xFRVCDa9z3OuN6RrctI4NDFWOQ3hIzIgzO0AZUBpS0S8wD8iM19JKXg2uNS0ATIB11xNz1BLyubdbap1nMMjc9yx9RA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 697e241d9b230eab-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 7231 96 KB
38 KB 20ms
19ms Script
application/javascript 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-15&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZKQGJML8NR

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1ee8ef7e6b19406ef06a1245b4851d4b6465cbe38d30182bc2f03b1711e7f603

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38905
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 02 Oct 2021 13:05:13 GMT

POST
H3 200 / Show response
1337x2.xyz/torrent/5002906/You-May-Be-Pretty-But-I-Am-Beautiful-The-Adrian-Street-Story-2019-1080p-WEBRip-x264-RARBG/ Frame CCB8 3 KB
2 KB 49ms
48ms Document
text/html 104.21.72.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x2.xyz/torrent/5002906/You-May-Be-Pretty-But-I-Am-Beautiful-The-Adrian-Street-Story-2019-1080p-WEBRip-x264-RARBG/
Requested by: Host: irachan.xyz
URL: https://irachan.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.72.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 4981f50cde36b6f5acdc4756695c4cf63661951c033b149deb88cf876eb3957d

Request headers

:method: POST
:authority: 1337x2.xyz
:scheme: https
:path: /torrent/5002906/You-May-Be-Pretty-But-I-Am-Beautiful-The-Adrian-Street-Story-2019-1080p-WEBRip-x264-RARBG/
content-length: 30
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://1337x2.xyz
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1337x2.xyz/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://1337x2.xyz
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
set-cookie: sam=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=1337x2.xyz
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9D0G%2BfpNO6sbEzhSWGGhK9g2rMb9YPGJqwJZ11lEd0sabAz3UmEOK8ElAvAa3V8aJw8V1hVylZlOqMfru2UJgHGJ8wM10ugxsg4UiwoDR5QPoP6wvSfhcZLpX5LU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 697e241d8a4a27bc-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 d0AYVWEqAEVYd38ERAt6aVJTCCVkRRARLj1JD1RzbkcOQzJkRQVTfmxEAFx3bUEAVHJqTBADNGRFEBF6b0QGQypkRhALNGRFEAsjKUkHQyYqHQtUYSsRUFgvLQBGFmJqNRNXAXxGcAw1OBdeBCl3DE8fYmsyE1d0fxtFF3owBlcGLzgaGB0+I1JcFjNkTBAAKStJB... Show response
unfudgetljbf.xyz/NmVHWXQZAys2FUIANWYXRVgWai5ZBHUPDWckLBIiWBEFGiJ4PQ0MEFM9EQ8OEAQlLUkHQzU8EAtUYSoZC110fx8LBiIrBFMLYS9JBkt/ Frame 7231 6 KB
4 KB 587ms
587ms XHR
text/plain 143.204.98.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unfudgetljbf.xyz/NmVHWXQZAys2FUIANWYXRVgWai5ZBHUPDWckLBIiWBEFGiJ4PQ0MEFM9EQ8OEAQlLUkHQzU8EAtUYSoZC110fx8LBiIrBFMLYS9JBkt/d0AYVWEqAEVYd38ERAt6aVJTCCVkRRARLj1JD1RzbkcOQzJkRQVTfmxEAFx3bUEAVHJqTBADNGRFEBF6b0QGQypkRhALNGRFEAsjKUkHQyYqHQtUYSsRUFgvLQBGFmJqNRNXAXxGcAw1OBdeBCl3DE8fYmsyE1d0fxtFF3owBlcGLzgaGB0+I1JcFjNkTBAAKStJBkMrOgFXWCo2Dl8JKzhRBCNyd0QTV3dxA18LIzYDRUB1aRpCQHVpRQZLd3xHdEB1aQNfC3FtUQUnYmtETlNzcFEEVSYpBFoAMDwWXQwzfEZwUHRuWgVTYmtEHg4vLRlaQHUaUQRVKzAfU0B1aRNTBiw2XRNXdzocRAoqPFEEI35qWgZLc2xDAUtxalEEVTQ4ElcXLnxGcFB0bloFU2EtDlJYd38BWgokZFJfA3ppUlcEei0QB1UYNh0HOg&crc=1
Requested by: Host: d18t35yyry2k49.cloudfront.net
URL: https://d18t35yyry2k49.cloudfront.net/?ryytd=914738
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-33.fra50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 662182153a6df35277a679198acc21e29e810a4ae43b1e2394d543bae33c3d22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 13:05:14 GMT
content-encoding: gzip
server: openresty/1.17.8.2
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://irachan.xyz
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
content-type: text/plain
content-length: 3613
via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
x-amz-cf-id: j4m7bH1F7DfuXV1BFS-ihqsoYfcKHAUL3t90Z-6qHOU0py_pZIr5AQ==

GET
H2 200 mcnF1cEQRHhsWewYYEU19Q0VCQ3xUGwYfKgJMIDgwRkQ8JHJCKR81ASFXAQogT0FTHCUcFkhWIRwSSEFiExUXTXBUBQUfL08EGxQhFBgbFSBUBBRNKR0LHBwoE1RHNnFcQVBCdFoGHB4gHQYGVXZCHwFVdkJARV50V0I3VXZCBhweckZURjJhQEENRnBbVE-dAJQI... Show response
d18t35yyry2k49.cloudfront.net/ Frame FDAC 446 B
649 B 153ms
152ms Script
text/plain 13.224.194.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d18t35yyry2k49.cloudfront.net/mcnF1cEQRHhsWewYYEU19Q0VCQ3xUGwYfKgJMIDgwRkQ8JHJCKR81ASFXAQogT0FTHCUcFkhWIRwSSEFiExUXTXBUBQUfL08EGxQhFBgbFSBUBBRNKR0LHBwoE1RHNnFcQVBCdFoGHB4gHQYGVXZCHwFVdkJARV50V0I3VXZCBhweckZURjJhQEENRnBbVE-dAJQIBGRUzFxMeGTBXQzNFd0VfRkZhQEFdGywGHBlVdjFUR0AoGxoQVXZCFhATLx1YUEJ0ERkHHykXVEc2fUFfRV5wR0ZCXnJBVEdANxMXFAItV0MzRXdFX0ZGYgdM
Requested by: Host: unfudgetljbf.xyz
URL: https://unfudgetljbf.xyz/cVdGUVcQNSU8aBBqJHciAzt7dGU3cnQXM0BvMmJiCC40KGUaY39/NB04MzUxAzgoJXkfMjJ0ZTc6JT8RQDQDAAU5PzUGMgYOHxQCQG4XYQEyBnUpAjYgHzccFh0LGBMWIBQ6BkkdDhsUOgV+YBYiER4QBh4wEmERJR8FBDQ3PC4GHiMgFQISNz4DKQIpAx4TAjMGEzcbQW8DFi8gPwATMBMRFRMCMxUUHxwjZwoZFQY4A2AFORkoFzQgAQQSMzc4ARkVRTAOAA42AR4LFDkgAAczGh0HAwFEZxBhHkIBHgsUMz8xNDQaDRMDPTs/FxQSPwUoEzUnEms1FjsGDxMQIwI8Fy88MgEFFSkGPB8RFWcQNwUaDS4AEjczASggNh8EPQEVPQAEBUEWKRYvHgYQCQ0yES4QAz0vdwgCNB12FAUaHw4oPCkBAzJlFwIANwUnYjEDZysUHj8dMwEDNRY/LwsJETAeMgdnPC0UCTM3D3YLECgwIhxxGyQpPydMAg4lY0QeEmdnKT0DFAQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-224.fra2.r.cloudfront.net
Software: /
Resource Hash: 9fbc15345a623e3db90c650b14c0e65d07280a431f85cfd5e0f8cdf6f5bf79e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unfudgetljbf.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: gzip
x-edge-origin-shield-skipped: 0
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA2-C1
content-length: 351
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront)
x-amz-cf-id: AcOpDiYvt0k6ZYlTnisdthqobtie3-Pgv1qLPxU2cXiuebcuZulQmQ==

GET
H3 200 collect
www.google-analytics.com/ Frame 7231 35 B
55 B 14ms
13ms Image
image/gif 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=631963850&t=pageview&_s=1&dl=https%3A%2F%2Firachan.xyz%2F&ul=en-us&de=UTF-8&dt=Cerpen%20Mu%20Cerpen%20Ku&sd=24-bit&sr=1600x1200&vp=&je=0&_u=SACAAUABAAAAAC~&jid=&gjid=&cid=699647040.1633179913&tid=UA-46789381-15&_gid=1799128876.1633179914&gtm=2ou9r0&z=1706785654

Requested by

Host: irachan.xyz
URL: https://irachan.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Oct 2021 22:11:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53653
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 7231 35 B
55 B 14ms
13ms Image
image/gif 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=631963850&t=event&_s=2&dl=https%3A%2F%2Firachan.xyz%2F&ul=en-us&de=UTF-8&dt=Cerpen%20Mu%20Cerpen%20Ku&sd=24-bit&sr=1600x1200&vp=&je=0&ec=irachan.xyz&ea=irachan.xyz&el=irachan.xyz&_u=SACAAUABAAAAAC~&jid=&gjid=&cid=699647040.1633179913&tid=UA-46789381-15&_gid=1799128876.1633179914&gtm=2ou9r0&cg1=irachan.xyz&z=1468381244

Requested by

Host: irachan.xyz
URL: https://irachan.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Oct 2021 22:11:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53653
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
c.adskeeper.com/pv/ 0
283 B 55ms
55ms Script
text/plain 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adskeeper.com/pv/?pv=5&cbuster=1633179913883205151014&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Firachan.xyz%2F&lu=https%3A%2F%2Firachan.xyz%2F&sessionId=6158590a-1743f&pageView=1&pvid=17c411bce9ca7de7c8a&site=674005&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/i/r/irachan.xyz.1092870.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 13:05:13 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 697e241dcc604ea3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame CCB8 96 KB
38 KB 22ms
21ms Script
application/javascript 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-59

Requested by

Host: 1337x2.xyz
URL: https://1337x2.xyz/torrent/5002906/You-May-Be-Pretty-But-I-Am-Beautiful-The-Adrian-Street-Story-2019-1080p-WEBRip-x264-RARBG/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4e02b5fb8c787479689cf488df6a981dd203e22f3ed2ac38d8e060451e6bd441

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38907
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 02 Oct 2021 13:05:13 GMT

GET
H2 200 waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNTQwMjksInNyYyI6Mn0=eyJ.js Show response
msgose.com/pw/ Frame CCB8 146 KB
56 KB 55ms
36ms Script
application/javascript 172.67.176.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://msgose.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNTQwMjksInNyYyI6Mn0=eyJ.js
Requested by: Host: 1337x2.xyz
URL: https://1337x2.xyz/torrent/5002906/You-May-Be-Pretty-But-I-Am-Beautiful-The-Adrian-Street-Story-2019-1080p-WEBRip-x264-RARBG/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.176.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5280a16ad1d4adda987d3325c2c2bc292439d8d907967bcc0642c2df7f0c17b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
e-tag: b281d2c737282f5b9611da1abf4d6e7c
age: 4109
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 02 Oct 2021 11:56:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QCd2q3rWwquCHGfH%2BHrqiVyi%2FncFOHhg%2FwD30u9Srs3HU67Zn9zEeHYU1MiwuesNkXa4%2F%2FWTwfN71%2Bw8KViYez0Fg0XmjjYnWMZNorJDKzt2oP0H1AtR3juAyvyV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://1337x2.xyz
cache-control: max-age=14400
cf-ray: 697e241df8d1d6e9-FRA

GET
H2 200 lazysizes.min.js Show response
afarkas.github.io/lazysizes/ Frame CCB8 8 KB
4 KB 22ms
6ms Script
application/javascript 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://afarkas.github.io/lazysizes/lazysizes.min.js
Requested by: Host: 1337x2.xyz
URL: https://1337x2.xyz/torrent/5002906/You-May-Be-Pretty-But-I-Am-Beautiful-The-Adrian-Street-Story-2019-1080p-WEBRip-x264-RARBG/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-111-153.github.com
Software: GitHub.com /
Resource Hash: 3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: 5e14398a61b967d00474c8be36059fac06ac6493
date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: gzip
age: 358
x-cache: HIT
content-length: 3497
x-served-by: cache-hhn4046-HHN
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 09:28:46 GMT
server: GitHub.com
x-github-request-id: B4FC:7FE0:1678C:1FF81:61429E76
x-timer: S1633179914.917236,VS0,VE0
etag: W/"60a2374e-1ed1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Thu, 16 Sep 2021 01:24:02 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: HIT
x-cache-hits: 4

GET
H2 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 4 KB
2 KB 45ms
26ms Image
image/svg+xml 104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by: Host: irachan.xyz
URL: https://irachan.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.130.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 4211
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: XXQX9JBSCH0N5JS5
x-amz-id-2: CWQcblvkNgl841zhni5fxo9UtrMY0Uhwn5zh1oLPU16Poqdim6PAdvDXGiizTIG8dmF0P9kScEk=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 697e241e2adf4e80-FRA
expires: Sat, 02 Oct 2021 17:05:13 GMT

GET
H2 200 a-ads.php Show response
ipldekho.cyou/ Frame A7E8 177 B
727 B 72ms
52ms Document
text/html 172.67.182.2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipldekho.cyou/a-ads.php

Requested by

Host: afarkas.github.io
URL: https://afarkas.github.io/lazysizes/lazysizes.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.182.2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5455e79cc0ddd6f900b3dda50ef7815c41d9b1fa0a5f8e8eb04efdc272d871a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: ipldekho.cyou
:scheme: https
:path: /a-ads.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1337x2.xyz/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=3600
expires: Sat, 02 Oct 2021 14:05:13 GMT
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5wvY0yHf9u55TZsA31%2FM4pS8B%2Ff2MOHx0WOkJV4Kxu05N5f99TYsEbT8goG0YK2R7So98MBRuFetb1H5g1RqtNpPEfshoqB%2F8%2FfEizkdxM9kuuTK0%2FZRBCdrs7yuF4YZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 697e241e39604eaa-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame CCB8 48 KB
19 KB 14ms
13ms Script
text/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-59

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 793
date: Sat, 02 Oct 2021 12:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 02 Oct 2021 14:52:00 GMT

POST
H3 200 / Show response
1337x2.xyz/ Frame CD96 355 B
784 B 46ms
46ms Document
text/html 104.21.72.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x2.xyz/
Requested by: Host: irachan.xyz
URL: https://irachan.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.72.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 5183e8686cc20c1163b6f88b76a0a186066d6c4a2a69e56d89b9f3a4924df29f

Request headers

:method: POST
:authority: 1337x2.xyz
:scheme: https
:path: /
content-length: 24
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://1337x2.xyz
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1337x2.xyz/submit.php
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://1337x2.xyz
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/submit.php

Response headers

date: Sat, 02 Oct 2021 13:05:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
set-cookie: sam=sam; expires=Mon, 01-Nov-2021 13:05:13 GMT; Max-Age=2592000; path=/; domain=1337x2.xyz
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1iGC1NZA28fQKSzETOmMDS2H2ZONTSvHEQQLGmh2T2Bdcur1%2BjFhe1zzaXzWb9vzTUmHhjc2B8trMqEJPEl36YkaEH%2BHVYI7Oe0pS%2FWvCTe7vZZp0UtVOW8FqxSh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 697e241e4ac327bc-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 wnload Show response
yfetyg.com/ Frame CCB8 373 B
470 B 270ms
214ms Fetch
application/javascript 185.162.85.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://yfetyg.com/wnload?a=1&e=aeyJwaWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNTQwMjksImQiOiIxMzM3eDIueHl6IiwibGkiOjF9&tz=0&if=1
Requested by: Host: msgose.com
URL: https://msgose.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNTQwMjksInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.162.85.1 , United Kingdom, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: bd5fcd4480ba75fe57180413beaaeb69986a4a9649f7638d2bbab905e6830690

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 02 Oct 2021 13:05:14 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 trace Show response
cloudflare.com/cdn-cgi/ Frame CCB8 277 B
426 B 55ms
15ms Fetch
text/plain 104.16.133.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflare.com/cdn-cgi/trace

Requested by

Host: msgose.com
URL: https://msgose.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNTQwMjksInNyYyI6Mn0=eyJ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.229 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cc824892c836c2d34a161e79c6f62e506871ccf29f926b24d990dea4d7a3b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 697e241fd8c83240-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 FF0000.png
imgcdn1.jdi5.com/img/ 128 B
519 B 18ms
17ms Image
image/png 104.21.40.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgcdn1.jdi5.com/img/FF0000.png
Requested by: Host: irachan.xyz
URL: https://irachan.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.40.186 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: f55305c1eb95d27c0b58235590a184a11b5093f7481b48862645b2dc45d458cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14016603
x-powered-by: PHP/5.6.40
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 128
last-modified: Fri, 23 Apr 2021 07:35:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ywkNqVMgViRi7lWxu4QHeI3xcj7wkdm%2FaXmhGhxKFLvrGirUJMlLpsKcYx0rr%2FyXMTAdo6ovAWNZciEnOT%2Bxeo%2BN2ue5NHapYvxDZkgXsA4f9RuPX4lSZuwHHTA2QX%2BlO%2BPU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 697e241fbd3b411a-PRG
expires: Sat, 23 Apr 2022 07:35:11 GMT

GET
BLOB 200
OK 5e5926aa-7946-44f1-b203-e84c4fe8f008
https://1337x2.xyz/ Frame CCB8 91 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://1337x2.xyz/5e5926aa-7946-44f1-b203-e84c4fe8f008
Requested by: Host: 1337x2.xyz
URL: https://1337x2.xyz/torrent/5002906/You-May-Be-Pretty-But-I-Am-Beautiful-The-Adrian-Street-Story-2019-1080p-WEBRip-x264-RARBG/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 91
Content-Type: application/javascript

GET
H/1.1 200
OK 1800606 Show response
acceptable.a-ads.com/ Frame 4B66 23 KB
5 KB 60ms
28ms Document
text/html 148.251.13.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://acceptable.a-ads.com/1800606

Requested by

Host: ipldekho.cyou
URL: https://ipldekho.cyou/a-ads.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.251.13.139 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.139.13.251.148.clients.your-server.de

Software

nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

8439e68fce03abf2957e1bdc09ad48b00585e15a0ef5d263cfa314b0ddfb51f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: acceptable.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ipldekho.cyou/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ipldekho.cyou/

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 02 Oct 2021 13:05:14 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://ipldekho.cyou/
Content-Encoding: gzip

POST
H3 200 / Show response
1337x2.xyz/sub/42/0/ Frame CD96 3 KB
2 KB 48ms
47ms Document
text/html 104.21.72.248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1337x2.xyz/sub/42/0/
Requested by: Host: irachan.xyz
URL: https://irachan.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.72.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 6cab770e1de574bec2e5c620b1f58b95e8d8e163bb926ba8656a3230753c287e

Request headers

:method: POST
:authority: 1337x2.xyz
:scheme: https
:path: /sub/42/0/
content-length: 30
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://1337x2.xyz
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1337x2.xyz/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://1337x2.xyz
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/

Response headers

date: Sat, 02 Oct 2021 13:05:14 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
set-cookie: sam=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=1337x2.xyz
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2FY6Ebj4zaznmh8FFbLtpwAV30vTNkjWz0qaY0mK4Fg0ennywrUvfSH20u26uO4LD9WhuS5RzM0ZIQzoIbMaGsQvNO5dmfDZZrrDwRUskVUq2StgX0t9nQN5qh0k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 697e241fec0927bc-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 adManager.js Show response
js.wpadmngr.com/static/ Frame CCB8 217 B
429 B 21ms
6ms Script
application/javascript 213.174.135.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.js
Requested by: Host: msgose.com
URL: https://msgose.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNTQwMjksInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 80de47821654fdda2f463506ec525ef1e5f3788e5aa8638793034fe79162935e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:14 GMT
content-encoding: gzip
last-modified: Thu, 02 Sep 2021 08:45:08 GMT
server: nginx/1.18.0
etag: W/"61308f14-d9"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 02 Oct 2021 14:05:14 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H3 200 FF0000.png
imgcdn1.jdi5.com/img/ Frame 7231 128 B
746 B 28ms
28ms Image
image/png 104.21.40.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgcdn1.jdi5.com/img/FF0000.png
Requested by: Host: counter.jdi5.com
URL: https://counter.jdi5.com/online.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.40.186 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: f55305c1eb95d27c0b58235590a184a11b5093f7481b48862645b2dc45d458cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14016603
x-powered-by: PHP/5.6.40
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 128
last-modified: Fri, 23 Apr 2021 07:35:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F15CoZ0bs%2F7q2QrCTlR0d7SC6r%2FE0xC%2B%2FOiY3vHICkYa5%2FKUnV1M2wUgm1c1ngLS9W1OUWjQPvczPt3pQZiveiDnGZV5mRplgWQKxhZEkrwE1TjJRXeb8nbUx6vNrVzU2%2FBT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 697e24201e584138-PRG
expires: Sat, 23 Apr 2022 07:35:11 GMT

GET
H2 200 popunder.gif
hireprecially.space/ 35 B
368 B 122ms
97ms Image
image/gif 13.224.193.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hireprecially.space/popunder.gif
Requested by: Host: irachan.xyz
URL: https://irachan.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-5.fra2.r.cloudfront.net
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: public
date: Sat, 02 Oct 2021 13:05:14 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
content-length: 58
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
x-amz-cf-id: SBm-JpFI6Zb714hQZrXbXHSx2-inIaBAw5iRIHClRuNU28snuyWMIQ==

GET
H2 200 adManager.m.js Show response
js.wpadmngr.com/static/ Frame CCB8 64 KB
25 KB 20ms
6ms Script
application/javascript 213.174.135.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 850a5427b601f5d72a7b54a033c7240d48a406c19a4c445a9cc52ad36d88cc35

Request headers

Referer: https://1337x2.xyz/
Origin: https://1337x2.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:14 GMT
content-encoding: gzip
last-modified: Fri, 01 Oct 2021 15:35:33 GMT
server: nginx/1.18.0
etag: W/"61572ac5-fef5"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 02 Oct 2021 14:05:14 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame CD96 96 KB
38 KB 21ms
20ms Script
application/javascript 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46789381-59

Requested by

Host: 1337x2.xyz
URL: https://1337x2.xyz/sub/42/0/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c35a8727353488851341b6eb311b790f6ddcc85b904a9754a5541c0451b67a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38906
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 02 Oct 2021 13:05:14 GMT

GET
H3 200 waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNTQwMjksInNyYyI6Mn0=eyJ.js Show response
msgose.com/pw/ Frame CD96 146 KB
56 KB 32ms
21ms Script
application/javascript 172.67.176.37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://msgose.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNTQwMjksInNyYyI6Mn0=eyJ.js
Requested by: Host: 1337x2.xyz
URL: https://1337x2.xyz/sub/42/0/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.176.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5280a16ad1d4adda987d3325c2c2bc292439d8d907967bcc0642c2df7f0c17b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
e-tag: b281d2c737282f5b9611da1abf4d6e7c
age: 4110
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 02 Oct 2021 11:56:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucRyJBf%2Bb7KwDjeOKLhyEwUjRTdU39tcFtC4TPD6djjrO1cpitSiipxRYjXgQXZya%2BK3aE7apVzMK2XnaL33ghtESNSEtgE3EqDMgevk0MFXYkN46MoL6ot%2Bvidi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://1337x2.xyz
cache-control: max-age=14400
cf-ray: 697e24204b4f0eaf-FRA

GET
H2 200 lazysizes.min.js Show response
afarkas.github.io/lazysizes/ Frame CD96 8 KB
4 KB 7ms
6ms Script
application/javascript 185.199.111.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://afarkas.github.io/lazysizes/lazysizes.min.js
Requested by: Host: 1337x2.xyz
URL: https://1337x2.xyz/sub/42/0/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-111-153.github.com
Software: GitHub.com /
Resource Hash: 3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: daa4b58120bff3b877110820b8bfd96d8ba53f35
date: Sat, 02 Oct 2021 13:05:14 GMT
content-encoding: gzip
age: 359
x-cache: HIT
content-length: 3497
x-served-by: cache-hhn4046-HHN
access-control-allow-origin: *
last-modified: Mon, 17 May 2021 09:28:46 GMT
server: GitHub.com
x-github-request-id: B4FC:7FE0:1678C:1FF81:61429E76
x-timer: S1633179914.278894,VS0,VE0
etag: W/"60a2374e-1ed1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Thu, 16 Sep 2021 01:24:02 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: HIT
x-cache-hits: 5

GET
H/1.1 200
OK 320x50
static.a-ads.com/a-ads-banners/118226/ Frame 4B66 95 KB
0 50ms
20ms Image
image/gif 148.251.13.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/118226/320x50?region=eu-central-1
Requested by: Host: acceptable.a-ads.com
URL: https://acceptable.a-ads.com/1800606
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.13.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.139.13.251.148.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acceptable.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 13:05:14 GMT
Last-Modified: Sun, 26 Apr 2020 07:21:07 GMT
Server: nginx/1.18.0 (Ubuntu)
x-amz-request-id: W12V12JJ6XPN6Q0W
ETag: "d7fec3a205b1f352278aacb8980577ed"
Content-Type: image/gif
Cache-Control: max-age=315360000
Content-Length: 407238
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: mhRRB_FtHZd1saqOLsgEX7B051Cwx1HQ
x-amz-id-2: 1wI8qj/SsqkO5AfGgLAxbgT79PmUOTbYzhE+voYwDwRS8BHmIvSeqXE5LqImOuBFrZQMUiMU4rI=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5380 Show response
na.nawpush.com/tags/ Frame CCB8 242 B
363 B 26ms
9ms XHR
text/plain 213.174.135.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/5380
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 986fe81e4162a6bdfcbede74172e415c2862eabebd9276a422bbf40888dd25da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 02 Oct 2021 13:05:14 GMT
cache-control: max-age=300, public
content-type: text/plain; charset=utf-8
server: nginx/1.18.0
content-encoding: gzip
x-proxy-cache: HIT

GET
H2 200 wp-banners.js Show response
js.wpadmngr.com/npc/sdk/ Frame CCB8 0
238 B 8ms
8ms Script
application/javascript 213.174.135.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:14 GMT
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
server: nginx/1.18.0
etag: "611fc6d7-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 02 Oct 2021 14:05:14 GMT
cache-control: max-age=3600
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

GET
H3 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame 7231 4 KB
2 KB 34ms
19ms Image
image/svg+xml 104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/i/r/irachan.xyz.1092870.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.130.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 4212
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: XXQX9JBSCH0N5JS5
x-amz-id-2: CWQcblvkNgl841zhni5fxo9UtrMY0Uhwn5zh1oLPU16Poqdim6PAdvDXGiizTIG8dmF0P9kScEk=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 697e242088354ee0-FRA
expires: Sat, 02 Oct 2021 17:05:14 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame CD96 48 KB
19 KB 13ms
13ms Script
text/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46789381-59

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 794
date: Sat, 02 Oct 2021 12:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 02 Oct 2021 14:52:00 GMT

GET
H2 200 wnload Show response
yfetyg.com/ Frame CD96 373 B
470 B 213ms
213ms Fetch
application/javascript 185.162.85.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://yfetyg.com/wnload?a=1&e=aeyJwaWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNTQwMjksImQiOiIxMzM3eDIueHl6IiwibGkiOjF9&tz=0&if=1
Requested by: Host: msgose.com
URL: https://msgose.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNTQwMjksInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.162.85.1 , United Kingdom, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e053cff9c7aa010cf47335ef98c06ee36360609cd1b9153335956aa7237557f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 02 Oct 2021 13:05:14 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 trace Show response
cloudflare.com/cdn-cgi/ Frame CD96 277 B
303 B 10ms
10ms Fetch
text/plain 104.16.133.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflare.com/cdn-cgi/trace

Requested by

Host: msgose.com
URL: https://msgose.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNTQwMjksInNyYyI6Mn0=eyJ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.229 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0134c24343b9c4586ad584a05f316a1bb61ba42e160234c6e374b07214bf9c8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 697e24221c033240-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
DATA 200
OK truncated
/ Frame 4B66 68 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/gif

GET
BLOB 200
OK e22bd470-07f0-4389-a68e-b9cca69ab9b5
https://1337x2.xyz/ Frame CD96 91 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://1337x2.xyz/e22bd470-07f0-4389-a68e-b9cca69ab9b5
Requested by: Host: 1337x2.xyz
URL: https://1337x2.xyz/sub/42/0/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 91
Content-Type: application/javascript

GET
H2 200 floater Show response
unfudgetljbf.xyz/ 5 KB
3 KB 589ms
588ms XHR
text/plain 143.204.98.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unfudgetljbf.xyz/floater?cs=Tjl4Mm5%2FDxlTXXYOGQVdd11LUF5%2B&abt=0&red=1&sm=83&k=cerpen&v=0.8.4.0&sts=0&prn=0&emb=0&tid=914738&u=1556166152707250&fs=1&t=600&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Firachan.xyz%2F&jst=0&enr=0&lcua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F93.0.4577.63%20safari%2F537.36&tzd=0&uloc=&if=0&aa=td10_oi1_&_Weqq=1633179914596&crc=1
Requested by: Host: d18t35yyry2k49.cloudfront.net
URL: https://d18t35yyry2k49.cloudfront.net/?ryytd=914738
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-33.fra50.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: eb96e7a7a34a269aca8926e595ad0add431e4dead7b9fcc83522a3e6ffa8cb61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 13:05:15 GMT
content-encoding: gzip
server: openresty/1.17.8.2
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://irachan.xyz
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
content-type: text/plain
content-length: 2869
via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
x-amz-cf-id: wwdEKDI0tFzMZrpIsVPVEPU1dFuO4ksNTfZPa0AKOStJUQtF2yboBA==

GET
H2 200 csub.js Show response
js.wpushsdk.com/npc/sdk/wpu/ Frame CCB8 8 KB
3 KB 22ms
6ms Script
application/javascript 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 4e6e557e3330ec122ad4205be0aa8f4c5fbc5fdd77990d49eb16c802c9ef9b57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:14 GMT
content-encoding: gzip
last-modified: Mon, 23 Aug 2021 06:06:24 GMT
server: nginx/1.18.0
etag: W/"61233ae0-1e8b"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 02 Oct 2021 14:05:14 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 wnrw
yfetyg.com/ Frame CCB8 0
0 14ms
14ms Fetch 185.162.85.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://yfetyg.com/wnrw?aid=4694471745433125012&a=1
Requested by: Host: msgose.com
URL: https://msgose.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNTQwMjksInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.162.85.1 , United Kingdom, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: https://1337x2.xyz
date: Sat, 02 Oct 2021 13:05:14 GMT
server: nginx/1.18.0
content-length: 0

GET
H2 200 PJzI7vofYMkLJlsDDrdgJwFN4G_V58EZ.png
i.wmgtr.com/cic/ Frame 62AD 26 KB
26 KB 23ms
7ms Image
image/png 213.174.135.33
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.wmgtr.com/cic/PJzI7vofYMkLJlsDDrdgJwFN4G_V58EZ.png

Requested by

Host: irachan.xyz
URL: https://irachan.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.174.135.33 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

9fde03655b9f5938e00f62de44515d21599c415e7b503ce6b4b31e2f6a152ae0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:14 GMT
content-encoding: gzip
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
expires: Sun, 03 Oct 2021 01:05:14 GMT
cache-control: max-age=43200
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7231 11 KB
8 KB 37ms
23ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210928&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109280101/show_ads_impl_fy2019.js?bust=31062986

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

0f0d4c197fce59ce7a72be4f40e9df71381c7c166b627082ed92b2cb68eb6777

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Oct 2021 13:05:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8467
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 38ms
25ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210928&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109280101/show_ads_impl_fy2019.js?bust=31062986

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e87563474afdf1556961153621ee2d4f460297daae3a9cd393ecb680e69f43eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Oct 2021 13:05:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8589
x-xss-protection: 0

GET
H2 200 adManager.js Show response
js.wpadmngr.com/static/ Frame CD96 217 B
428 B 6ms
6ms Script
application/javascript 213.174.135.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.js
Requested by: Host: msgose.com
URL: https://msgose.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNTQwMjksInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 80de47821654fdda2f463506ec525ef1e5f3788e5aa8638793034fe79162935e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:14 GMT
content-encoding: gzip
last-modified: Thu, 02 Sep 2021 08:45:08 GMT
server: nginx/1.18.0
etag: W/"61308f14-d9"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 02 Oct 2021 14:05:14 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 1 Show response
servicer.adskeeper.com/1092870/ 3 KB
2 KB 64ms
63ms Script
application/x-javascript 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.com/1092870/1?pv=5&cbuster=1633179914683534685319&niet=4g&nisd=false&jsv=es6&w=1570&h=327&cols=4&ref=&cxurl=https%3A%2F%2Firachan.xyz%2F&lu=https%3A%2F%2Firachan.xyz%2F&sessionId=6158590a-1743f&pageView=1&pvid=17c411bce9ca7de7c8a&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/i/r/irachan.xyz.1092870.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c5bca251ca7d50a8d8e8b04bd5c4707f2964d89c310f3f5ae1a7a61edb76761

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 13:05:14 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 697e2422cda84ea3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 adManager.m.js Show response
js.wpadmngr.com/static/ Frame CD96 64 KB
25 KB 7ms
7ms Script
application/javascript 213.174.135.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 850a5427b601f5d72a7b54a033c7240d48a406c19a4c445a9cc52ad36d88cc35

Request headers

Referer: https://1337x2.xyz/
Origin: https://1337x2.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:14 GMT
content-encoding: gzip
last-modified: Fri, 01 Oct 2021 15:35:33 GMT
server: nginx/1.18.0
etag: W/"61572ac5-fef5"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 02 Oct 2021 14:05:14 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 5380 Show response
na.nawpush.com/tags/ Frame CD96 242 B
362 B 7ms
7ms XHR
text/plain 213.174.135.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/5380
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 986fe81e4162a6bdfcbede74172e415c2862eabebd9276a422bbf40888dd25da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 02 Oct 2021 13:05:14 GMT
cache-control: max-age=300, public
content-type: text/plain; charset=utf-8
server: nginx/1.18.0
content-encoding: gzip
x-proxy-cache: HIT

GET
H2 200 wp-banners.js Show response
js.wpadmngr.com/npc/sdk/ Frame CD96 0
238 B 6ms
6ms Script
application/javascript 213.174.135.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:14 GMT
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
server: nginx/1.18.0
etag: "611fc6d7-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 02 Oct 2021 14:05:14 GMT
cache-control: max-age=3600
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7231 17 KB
7 KB 44ms
20ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109280101/show_ads_impl_fy2019.js?bust=31062986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 02 Oct 2021 13:05:14 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 61ms
58ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109280101/show_ads_impl_fy2019.js?bust=31062986

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 02 Oct 2021 13:05:14 GMT

GET
H2 200 csub.js Show response
js.wpushsdk.com/npc/sdk/wpu/ Frame CD96 8 KB
3 KB 6ms
6ms Script
application/javascript 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 4e6e557e3330ec122ad4205be0aa8f4c5fbc5fdd77990d49eb16c802c9ef9b57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:14 GMT
content-encoding: gzip
last-modified: Mon, 23 Aug 2021 06:06:24 GMT
server: nginx/1.18.0
etag: W/"61233ae0-1e8b"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 02 Oct 2021 14:05:14 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3B18 12 KB
5 KB 23ms
7ms Document
text/html 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://irachan.xyz/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Fri, 01 Oct 2021 17:43:22 GMT
expires: Sat, 01 Oct 2022 17:43:22 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 69712
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 749D 783 B
535 B 35ms
18ms Document
text/html 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f4.1e100.net

Software

GSE /

Resource Hash

0d9ef3c2a0326cf0f9a837748677216cef3764de69c96127d92ebd0a22fde8eb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dGmJ1TW9DUx3dvFxJyvN1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://irachan.xyz/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 02 Oct 2021 13:05:14 GMT
date: Sat, 02 Oct 2021 13:05:14 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-dGmJ1TW9DUx3dvFxJyvN1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 4 KB
2 KB 20ms
20ms Image
image/svg+xml 104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/i/r/irachan.xyz.1092870.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.130.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 4212
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: XXQX9JBSCH0N5JS5
x-amz-id-2: CWQcblvkNgl841zhni5fxo9UtrMY0Uhwn5zh1oLPU16Poqdim6PAdvDXGiizTIG8dmF0P9kScEk=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 697e24235d064ee0-FRA
expires: Sat, 02 Oct 2021 17:05:14 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2Y2MDliMTliNzY4ZmQ2YzcwNzBjNmM0NDAzMzBkNGM3LmpwZWc.webp
s-img.adskeeper.com/g/3973211/492x328/0x251x1804x1202/ 13 KB
13 KB 242ms
222ms Image
image/webp 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/3973211/492x328/0x251x1804x1202/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2Y2MDliMTliNzY4ZmQ2YzcwNzBjNmM0NDAzMzBkNGM3LmpwZWc.webp?v=1633179914-Lr-PJQIBqv4oD6uIhGIFo_s8q06NmY06PGaSDuNqBeo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14ffffacf06bf47be099d6ee727cdf1c5bf860f687a79d33504e176a9fcaa4f4

Request headers

Referer: https://irachan.xyz/
Origin: https://irachan.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:14 GMT
cf-cache-status: MISS
last-modified: Fri, 01 Oct 2021 14:27:18 GMT
x-mg-request-uuid: 72f26481-987a-4adc-87e9-72f6fceaf8b5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 697e24237e782bf2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12830
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzY4MTM3YWVmOWYzOGUwMWUwYjFlYTA5ZjZlZjY0ZjJlLmpwZWc.webp
s-img.adskeeper.com/g/5097645/492x328/0x0x980x653/ 24 KB
24 KB 304ms
285ms Image
image/webp 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/5097645/492x328/0x0x980x653/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzY4MTM3YWVmOWYzOGUwMWUwYjFlYTA5ZjZlZjY0ZjJlLmpwZWc.webp?v=1633179914-QWEiC7lWn7gasRItJ1L6KF4v2ulSrW5nytn0yFdJc8w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a66e0f11eb13b75e303b30e66585112808d9979916c955beb706ed5060de7ca4

Request headers

Referer: https://irachan.xyz/
Origin: https://irachan.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:15 GMT
cf-cache-status: MISS
last-modified: Fri, 01 Oct 2021 14:23:13 GMT
x-mg-request-uuid: cbb36aea-000a-4c36-acea-1e294671c6f3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 697e24237e7a2bf2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 24644
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzEwMTkyNC9hNDA1NGQ4ZGJjNjZmZWVmN...
s-img.adskeeper.com/g/10839579/492x328/-/ 58 KB
58 KB 385ms
366ms Image
image/webp 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/10839579/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA5LzEwMTkyNC9hNDA1NGQ4ZGJjNjZmZWVmNGFmYzBhMjZjNGEyNjQzMC5qcGc.webp?v=1633179914-IMAdMGblMQcGPda-zJPQ_LWOgS48lxTXMSsAoeQPor4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0f365f4637cb6affcc024e62d7d426a3db7d8ef0b76cfa87ea8fd4bedd58416

Request headers

Referer: https://irachan.xyz/
Origin: https://irachan.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:15 GMT
cf-cache-status: MISS
last-modified: Fri, 01 Oct 2021 16:28:56 GMT
x-mg-request-uuid: 11505fd6-7ff2-4681-bb6e-506a80526b96
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 697e24237e7b2bf2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 59312
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF8zNzkseV8xMjgvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDgvMTAxOTI0LzlhY2NiM...
s-img.adskeeper.com/g/10839628/492x328/-/ 23 KB
23 KB 303ms
284ms Image
image/webp 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/10839628/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF8zNzkseV8xMjgvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDgvMTAxOTI0LzlhY2NiM2JiNGQwYzRmMmJkMzQ4NTg1NGM0YzMyZmUwLmpwZWc.webp?v=1633179914-lr61iWkQQsaNFEYMBUoKfnzX3yNYNAcsq3Eiz_m8I0M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3b00a705afd0f953cf47e40d8d89b27607e6ba5d51bce6650820f9801647813

Request headers

Referer: https://irachan.xyz/
Origin: https://irachan.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:15 GMT
cf-cache-status: MISS
last-modified: Fri, 01 Oct 2021 16:28:12 GMT
x-mg-request-uuid: 8a5ed412-20c4-4501-9f7a-be0b2618b1cc
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 697e24237e7c2bf2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23476
server: cloudflare

GET PJzI7vofYMkLJlsDDrdgJwFN4G_V58EZ.png
i.wmgtr.com/cic/ Frame CD96 0
0

GET
H2 200 PJzI7vofYMkLJlsDDrdgJwFN4G_V58EZ.png
i.wmgtr.com/cic/ Frame E9E0 26 KB
26 KB 10ms
10ms Image
image/png 213.174.135.33
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.wmgtr.com/cic/PJzI7vofYMkLJlsDDrdgJwFN4G_V58EZ.png

Requested by

Host: msgose.com
URL: https://msgose.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNTQwMjksInNyYyI6Mn0=eyJ.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.174.135.33 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

9fde03655b9f5938e00f62de44515d21599c415e7b503ce6b4b31e2f6a152ae0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:14 GMT
content-encoding: gzip
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
expires: Sun, 03 Oct 2021 01:05:14 GMT
cache-control: max-age=43200
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

GET
H2 200 wnrw
yfetyg.com/ Frame CD96 0
0 17ms
17ms Fetch 185.162.85.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://yfetyg.com/wnrw?aid=8557564426816080391&a=1
Requested by: Host: msgose.com
URL: https://msgose.com/pw/waWQiOjEwNTEyMDUsInNpZCI6MTEwODk1MSwid2lkIjoyNTQwMjksInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.162.85.1 , United Kingdom, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1337x2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: https://1337x2.xyz
date: Sat, 02 Oct 2021 13:05:14 GMT
server: nginx/1.18.0
content-length: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 85BF 12 KB
5 KB 7ms
7ms Document
text/html 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://irachan.xyz/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Fri, 01 Oct 2021 17:43:22 GMT
expires: Sat, 01 Oct 2022 17:43:22 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 69712
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3453 783 B
535 B 18ms
18ms Document
text/html 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f4.1e100.net

Software

GSE /

Resource Hash

d62701b584f298ae6dbd0c474449c48fd8b1efe9732a76ccec70a8ac014ac5fb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Qc3nCykKNtYfGqfe9hH6Iw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://irachan.xyz/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 02 Oct 2021 13:05:14 GMT
date: Sat, 02 Oct 2021 13:05:14 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-Qc3nCykKNtYfGqfe9hH6Iw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 749D 0
0 31ms
31ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210928&jk=4210810601138915&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js Show response
pagead2.googlesyndication.com/bg/ Frame 3B18 35 KB
13 KB 7ms
6ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 17:43:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13343
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 10:18:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 01 Oct 2022 17:43:24 GMT

GET
H2 200 i.js Show response
cm.adskeeper.com/ 19 B
197 B 99ms
98ms Script
application/javascript 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i.js?&cbuster=1633179914874961429537
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/i/r/irachan.xyz.1092870.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 13:05:14 GMT
content-encoding: gzip
cf-cache-status: MISS
x-mg-request-uuid: 20a7b5be-ac6b-4728-a056-1952c1e4954b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 697e2423ff8b4ea3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H3 200 BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js Show response
pagead2.googlesyndication.com/bg/ Frame 85BF 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 17:43:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13343
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 10:18:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 01 Oct 2022 17:43:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3453 0
0 48ms
47ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210928&jk=2524957996954334&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 1 Show response
servicer.adskeeper.com/1092870/ Frame 7231 3 KB
2 KB 60ms
59ms Script
application/x-javascript 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.com/1092870/1?w=0&h=-1&wrongImageSize=1&cols=4&pv=5&cbuster=1633179914887494042435&niet=4g&nisd=false&jsv=es6&iframe=1&ref=https%3A%2F%2Firachan.xyz%2F&cxurl=https%3A%2F%2Firachan.xyz%2F&lu=https%3A%2F%2Firachan.xyz%2F&sessionId=6158590a-1743f&pageView=0&pvid=17c411bce9ca7de7c8a&implVersion=11&dpr=1&muid=l92dm4zdQz56
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/i/r/irachan.xyz.1092870.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db98311961b27208db93e5b89402fee332e966e64adcead12d2acea513c78f8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 13:05:14 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 697e24240e7ec2c7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 i-noref.js Show response
cm.adskeeper.com/ Frame B150 19 B
127 B 89ms
89ms Script
application/javascript 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i-noref.js?cbuster=1633179914894242190506
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/i/r/irachan.xyz.1092870.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 13:05:14 GMT
content-encoding: gzip
cf-cache-status: MISS
x-mg-request-uuid: 7d523d2d-be46-4e8e-a05e-eb94b60ac322
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 697e24241fd54ea3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H3 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame 7231 4 KB
2 KB 15ms
14ms Image
image/svg+xml 104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/i/r/irachan.xyz.1092870.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.130.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:15 GMT
content-encoding: br
cf-cache-status: HIT
age: 4213
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: XXQX9JBSCH0N5JS5
x-amz-id-2: CWQcblvkNgl841zhni5fxo9UtrMY0Uhwn5zh1oLPU16Poqdim6PAdvDXGiizTIG8dmF0P9kScEk=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 697e2424dfde4ee0-FRA
expires: Sat, 02 Oct 2021 17:05:15 GMT

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF8zNzkseV8xMjgvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDgvMTAxOTI0LzlhY2NiM...
s-img.adskeeper.com/g/10839628/492x328/-/ Frame 7231 23 KB
23 KB 70ms
56ms Image
image/webp 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/10839628/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF8zNzkseV8xMjgvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDgvMTAxOTI0LzlhY2NiM2JiNGQwYzRmMmJkMzQ4NTg1NGM0YzMyZmUwLmpwZWc.webp?v=1633179914-lr61iWkQQsaNFEYMBUoKfnzX3yNYNAcsq3Eiz_m8I0M
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/i/r/irachan.xyz.1092870.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3b00a705afd0f953cf47e40d8d89b27607e6ba5d51bce6650820f9801647813

Request headers

Referer: https://irachan.xyz/
Origin: https://irachan.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:15 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 16:28:12 GMT
x-mg-request-uuid: 8a5ed412-20c4-4501-9f7a-be0b2618b1cc
age: 1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 697e2424e8e0694f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23476
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF8zNjcseV8xNTkvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDgvMTAxOTI0L2E0MDVmM...
s-img.adskeeper.com/g/10839594/492x328/-/ Frame 7231 25 KB
26 KB 320ms
307ms Image
image/webp 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/10839594/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF8zNjcseV8xNTkvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDgvMTAxOTI0L2E0MDVmMTEzNjA5NjEyNGY0NGE3MjczZTQwN2ZkZjcxLmpwZWc.webp?v=1633179914-HTmurmvKeAAPe7zVDuNkpV9ZpmS5jtr7i4IjbJ1DeS8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bf5b63cb6813d7469b5e3404170149408167aa96d124b935a01c42d99110d8f

Request headers

Referer: https://irachan.xyz/
Origin: https://irachan.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:15 GMT
cf-cache-status: MISS
last-modified: Fri, 01 Oct 2021 16:30:09 GMT
x-mg-request-uuid: a1819756-31bb-4814-8bee-43e6cf01c491
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 697e2424e8e7694f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 25876
server: cloudflare

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2QzZjQxMWMyNGJkODEzYzQxODdmOGNmM2NmNjI3MTMyLmpwZWc.webp
s-img.adskeeper.com/g/5097651/492x328/0x15x820x546/ Frame 7231 30 KB
30 KB 307ms
295ms Image
image/webp 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/5097651/492x328/0x15x820x546/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2QzZjQxMWMyNGJkODEzYzQxODdmOGNmM2NmNjI3MTMyLmpwZWc.webp?v=1633179914-Bd__vC3TmtyxypoZtyv_oREGOhG_ygyP0oekvLGTG5k
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4bc51dd1031eccaf38a0943a5cb489175672def80568391d00bbcfb46842a34

Request headers

Referer: https://irachan.xyz/
Origin: https://irachan.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:15 GMT
cf-cache-status: MISS
last-modified: Fri, 01 Oct 2021 14:23:23 GMT
x-mg-request-uuid: 7e9e3976-1038-4901-9e4d-e701d5e9a180
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 697e2424e8e3694f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30276
server: cloudflare

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzZkNjRkNGQ2NDhhMWFiMDFlYzk0YWYyZDgzNjBiM2NmLnBuZw.webp
s-img.adskeeper.com/g/5097658/492x328/0x105x650x433/ Frame 7231 15 KB
15 KB 313ms
301ms Image
image/webp 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/5097658/492x328/0x105x650x433/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzZkNjRkNGQ2NDhhMWFiMDFlYzk0YWYyZDgzNjBiM2NmLnBuZw.webp?v=1633179914-gBaTUNbT10Vhlotv1yyTbA9LMfLOcHTqCX2ggJSF61k
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e38b415c34bc287e5f207b929aa1a732dcc1fc58e757a7f077719a84d7c059c

Request headers

Referer: https://irachan.xyz/
Origin: https://irachan.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:15 GMT
cf-cache-status: MISS
last-modified: Fri, 01 Oct 2021 14:23:22 GMT
x-mg-request-uuid: 9c43f3cc-63b9-4875-b96b-3223346f054f
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 697e2424e8e6694f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14944
server: cloudflare

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7231 0
0 34ms
33ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210928&jk=4210810601138915&bg=!qqmlqe3NAAZE-GIIRPg7ACkAdvg8Wg5V9lnOh4zOyNJg6DatLgtLTYmM2zmpVPnm8pvqIcRWTeQTNgIAAACGUgAAADNoAQeZAs90py1YAmYTcY9FdeVVhgyl_-odc6PDcAiAt2IHzgu6wiEoBmRmRo93O9_jb6XZpItNw4dDG4GIz61u9HXA-Hcb9-I2kDUhbb5CeWninLUMLuCszCWSxoKPx54nz2J5X-JKo0XLQ89i1cmfGNIhfazBPAEsPnwtycdEYIW2HAeLd_7ltCvwD6fHPR1U87uDtNi_fFSQQbc567JGZqkV4R4OnQzd_cGnnaYRjsoI3fqmS_nUqmFG8-NeaW-X2KFl3jy6rJNhX3IwBjliEi2nxEIoSsKg-dymUpz3x7dRpKt9Z84CiF4ootSk0kRG5DcNNBmLyiGNzwc69i0xb_uRC-PrF8V4k7ts5VQUdqU7om6xgkcNgAZ9HprBTp9mLpzZQxGcfPW3SQqUW-sl3DToJpRzmPiqtNSwzyGJFjU_EwncL6KXknNVOTNFL-eezH7_6SJmciAmv8x5F2hjkEcjmzHpKi8Pzhkjut1Ek6Ea_HbZsX0Jst5W9jDlGFfuUgkxfnm2mJBsftmB7YJSWlLSF8qeU16OfU_1H2VM6c1rlYOJYb4uQg-uZCwmLml614jOUSN4JXiDC0kJz1fGEgfl4IBb3ql-rbMloo2NuOBXt7MDB5gBV1vkugzy_A6GxI3VgZ9njpdPEAVZi0QNQEnN7fdsvrnxbK6cJbI6oDYFfmP9y7rIvhF-xuJRJWp7RtGdKB3hj8FTnSUlpZDavCkcC8MepFErRMFscNU-ygT0yy0ysuGGpR0fzmomcXpr1g5hh1CQy1V1B254_vfYcR4sfUXvIWeuhTUICXz7Mc9ENpOPNQyeMW5TJ-sWDiCr4MIBFi8pYtt2tJeVyk2fsrxHIZ-aHp8_3AWvmH01hHrXaxX_WG8aT4ipUe9CPIbqPZ8J27Ac936QuL0Y5-QO5ceWZ73OT1_Zy7wWXMEsGUYS0oeY3nOLSmr9iT5Bgpv8vPT-pQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 48ms
48ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210928&jk=2524957996954334&bg=!kJOlk9fNAAZE-GIIRPg7ACkAdvg8WgPNVrbMUTE2we3_BFnrFLsiU08qhWRYD0KjCFM2f2Ql-DIK4QIAAACOUgAAAAtoAQeZApsdD75vH3ONV5xEOb8TpAHptQlzLO7sJUT4OxajM-U-cyWk4T_JBkvLuce_LG6A1lLZNEmCAyg5AIeNWXdCgMdDmZ7mOv1OhwKmIlT_TUKdsLQpGdT-qNAxfPjoV0Ev8mp1ICLTphRgtyL2bd3y1HjVn4xUEcchxifwIqkbRUkdCXGNs20fSWgkpPu6fBBRoNlWBzUhwa4-g2SAQCjpZUl7RU5wFsk-ZNgfVIHEuY4TWX-IC0wiz6YhXvaSgklCDwzJ1J_2_K86xebDknwPXp94PvJEs7z2U_M8tN0lWYTYtManbhb1I2I3Oigxt91ZOh8oCzQeQWWwZyGSj_yR-OgeUyUmiQZJnwIhE40Df2DZ0dxvX8k4IuT4gNkcvg8nSHNpYfpHtwBeUs8AVY5ymqhYoAo660kELQUBI_zE5mT2SqKbHWUtlS3hafTQ9JjIopJYBldu3STSiNbKUy5VbKF8Aft3A9dT8KYwcsdvJmqQp6ohJVXWLZvOQvvmWY8z9CLRjG5bxD38zn3jP1mD2wa9KMyzuOlSoBf4EH3CY6NuR3oqJZwGMrQTjBhpbJgKC7CuOFwmlNbu0gX09bD3rnmISQyOpftj0tB4vxvUwENXgXnCKKIQeHA3RKFcZqLI3WJ5YxwJ6ict8CwB2gaMLYfIt6eEQ6sRJSgbCCx5SsO0b5D_1_M0tEIGkD-ipPHLWeXzgfatEe6SuVPmoyex_q2KftngGZSMTa2m48qJsExqFYXeqFZeFnT1IGIU2Qu6UdgIV7wEHZW2JKE13hwdQSh5jGrZXb0mUFItezlbCTKwSdmcGonUTuxCtaX5qWBIcV10ezoyeUwPHM1DUmGWL28PmyAa9Qkb_zQ0UgH0f6aBcHa9v68xl4LpnAyN
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 i.js Show response
cm.adskeeper.com/ Frame 7231 19 B
443 B 70ms
69ms Script
application/javascript 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i.js?muid=l92dm4zdQz56&cbuster=1633179915074722098883
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/i/r/irachan.xyz.1092870.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 13:05:15 GMT
content-encoding: gzip
cf-cache-status: MISS
x-mg-request-uuid: f92c4945-3a7d-45a0-8e86-ae7b968e728f
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 697e24253820c2c7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H3 200 i-noref.js Show response
cm.adskeeper.com/ Frame 26A5 19 B
442 B 59ms
59ms Script
application/javascript 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i-noref.js?cbuster=1633179915089247176196
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/i/r/irachan.xyz.1092870.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 13:05:15 GMT
content-encoding: gzip
cf-cache-status: MISS
x-mg-request-uuid: a3cc3ccc-b814-43e1-98ee-cc75a5fc3772
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 697e24255845c2c7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF8zNzkseV8xMjgvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDgvMTAxOTI0LzlhY2NiM...
s-img.adskeeper.com/g/10839628/492x328/-/ Frame 7231 23 KB
23 KB 14ms
13ms Image
image/webp 104.18.17.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/10839628/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF8zNzkseV8xMjgvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDgvMTAxOTI0LzlhY2NiM2JiNGQwYzRmMmJkMzQ4NTg1NGM0YzMyZmUwLmpwZWc.webp?v=1633179914-lr61iWkQQsaNFEYMBUoKfnzX3yNYNAcsq3Eiz_m8I0M
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/i/r/irachan.xyz.1092870.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.17.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3b00a705afd0f953cf47e40d8d89b27607e6ba5d51bce6650820f9801647813

Request headers

Referer: https://irachan.xyz/
Origin: https://irachan.xyz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:15 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 16:28:12 GMT
x-mg-request-uuid: 8a5ed412-20c4-4501-9f7a-be0b2618b1cc
age: 1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 697e24258a9e694f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23476
server: cloudflare

GET c
c.adskeeper.co.uk/ Frame 7231 0
0

GET
H2

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8xODRjNzBkZDRmYWVkZGY5MTU1YTdiZGQ3MmFjNTE5My5qcGVn.webp
s-img.adskeeper.co.uk/g/3805664/328x328/96x0x480x480/ Frame 53A9
Redirect Chain

https://c.adskeeper.co.uk/c?pv=2&v=0|0|0|F2CGdMNtP5elUVBQF7p8sT00_X3aDMnTdBgnOD2-rgmH7z2-9AkqJ-FIXzgh5Yqv&cid=770363&f=1&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=61bb1461-2381-11ec-82bb-...
https://s-img.adskeeper.co.uk/g/3805664/328x328/96x0x480x480/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8xODRjNzBkZDRmYWVkZGY5MTU1YTdiZGQ3MmFjNTE5My5qcGVn.webp?v=1633179913-q-8jFKX3pbbugGH6X...

19 KB
19 KB

27ms
27ms

Image
image/webp

104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/3805664/328x328/96x0x480x480/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8xODRjNzBkZDRmYWVkZGY5MTU1YTdiZGQ3MmFjNTE5My5qcGVn.webp?v=1633179913-q-8jFKX3pbbugGH6XCIq6lwMxoysuJ33yyKi3_VHxEA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.130.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2542c98586eff5f599e43ad3a9afe1cb9d076085c45e73fc9348f7f2743dc4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:15 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 14:23:12 GMT
x-mg-request-uuid: 7ded24c0-825c-41b1-a439-7adb9af2959f
age: 81507
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 697e2429c9a14e80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19366
server: cloudflare

Redirect headers

pragma: no-cache
date: Sat, 02 Oct 2021 13:05:15 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 588b0ecb-13a3-47e9-a451-2ccc25e983d4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.adskeeper.co.uk/g/3805664/328x328/96x0x480x480/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8xODRjNzBkZDRmYWVkZGY5MTU1YTdiZGQ3MmFjNTE5My5qcGVn.webp?v=1633179913-q-8jFKX3pbbugGH6XCIq6lwMxoysuJ33yyKi3_VHxEA
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 697e242928334e80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H2

200

aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3Xzk2MCx4XzY1OCx5XzQ3NS9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNi8xMDE5MjQvZTQ1N2JhZ...
s-img.adskeeper.co.uk/g/10839605/328x328/-/ Frame 53A9
Redirect Chain

https://c.adskeeper.co.uk/c?pv=2&v=0|0|0|F2CGdMNtP5elUVBQF7p8sd7BOHbfZDOfdXhME5shQN_Jssy2j9BKGAT3Jo528Po3&cid=770363&f=1&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=61bb17e7-2381-11ec-a757-...
https://s-img.adskeeper.co.uk/g/10839605/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3Xzk2MCx4XzY1OCx5XzQ3NS9odHRwOi...

11 KB
12 KB

12ms
12ms

Image
image/webp

104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/10839605/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3Xzk2MCx4XzY1OCx5XzQ3NS9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNi8xMDE5MjQvZTQ1N2JhZDRiOGZiYjEyNGRiMjgxNzA1OTg4MTUwZmMuanBlZw.webp?v=1633179913-CEs9SepZJOl7UnlhbTJvgXIosvUfC9WYSOKv-cOmgi8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.130.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28a5d1001a9bd9a1fc5b1b9130680636e5698bfc42fff98053557e87d8506f1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:15 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 16:28:38 GMT
x-mg-request-uuid: e18df6a9-7d9d-4d43-84a6-ee86701aed45
age: 73538
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 697e2429c9854e80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11726
server: cloudflare

Redirect headers

pragma: no-cache
date: Sat, 02 Oct 2021 13:05:15 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 1a79d1d9-b0c4-4f0a-890b-c03b460bdd7f
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.adskeeper.co.uk/g/10839605/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3Xzk2MCx4XzY1OCx5XzQ3NS9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNi8xMDE5MjQvZTQ1N2JhZDRiOGZiYjEyNGRiMjgxNzA1OTg4MTUwZmMuanBlZw.webp?v=1633179913-CEs9SepZJOl7UnlhbTJvgXIosvUfC9WYSOKv-cOmgi8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 697e242928344e80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET c
c.adskeeper.co.uk/ 0
0

GET
H3 200 c
c.adskeeper.com/ 43 B
440 B 58ms
57ms Image
image/gif 104.18.16.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.com/c?f=1&pv=3&v=377|288|40|n2-maPZ__wF9jfgne51Hh-WRQdhNTeTn72SKYrhJgymGvbVisr5qhWcfQOBbVcNJ&fw=1&extjs=66044&v=377|288|24|n2-maPZ__wF9jfgne51Hh9QEWCb-WoCUrojVaPtf7GGuw4gcvP46x568f37gWdxw&v=377|288|8|n2-maPZ__wF9jfgne51Hh0YyYG2uFZnmjteX4AOiTcna8qDROWZQPB2-GNXkzJIz&v=377|288|8|n2-maPZ__wF9jfgne51Hh00iDvA8Tzjvg0jCyfHBKzhQEg9Xpn6tDq1L4gPsZwPS&cid=1092870&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=62379649-2381-11ec-ace9-d094662c1c35&tt=Direct&iv=11&pageImp=1&pvid=17c411bce9ca7de7c8a&muid=l92dm4zdQz56&cbuster=1633179916272337884386&tpl=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://irachan.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 13:05:16 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: ab40e30a-a9cc-44a3-8293-00ebe5c22d3c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 697e242cbabac2c7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H3

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2FmMzdiMTIxM2YxYTQyNjkzZWE1YjYyY2ZlNjg4OTA3LmpwZWc.webp
s-img.adskeeper.co.uk/g/4023138/328x328/37x0x535x535/ Frame E948
Redirect Chain

https://c.adskeeper.co.uk/c?pv=2&v=0|0|0|tdw23LMBPTSQK2Vadc4VM7qXwI4QYzPPW0squ9nVASk0BuTummoO3nRJi5qnURjV&cid=770363&f=1&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=622dc15b-2381-11ec-9fce-...
https://s-img.adskeeper.co.uk/g/4023138/328x328/37x0x535x535/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2FmMzdiMTIxM2YxYTQyNjkzZWE1YjYyY2ZlNjg4OTA3LmpwZWc.webp?v=1633179914-7lOpaMyjS5E5I_Evvz...

9 KB
9 KB

12ms
12ms

Image
image/webp

104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/4023138/328x328/37x0x535x535/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2FmMzdiMTIxM2YxYTQyNjkzZWE1YjYyY2ZlNjg4OTA3LmpwZWc.webp?v=1633179914-7lOpaMyjS5E5I_EvvzCFSxKiTKGbt6S59FXjlU9KVeM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.130.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 844cd7c95dbfa6c8ab7014f23addfb85542bb59564c58a35e737584becf8db7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:16 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 14:24:59 GMT
x-mg-request-uuid: 29cf7e26-a001-40a8-941f-dedb6fa923a6
age: 80675
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 697e242d8e714ee0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9334
server: cloudflare

Redirect headers

pragma: no-cache
date: Sat, 02 Oct 2021 13:05:16 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: a4ff83d9-25d0-4e92-a876-f99f9d14f2aa
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.adskeeper.co.uk/g/4023138/328x328/37x0x535x535/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2FmMzdiMTIxM2YxYTQyNjkzZWE1YjYyY2ZlNjg4OTA3LmpwZWc.webp?v=1633179914-7lOpaMyjS5E5I_EvvzCFSxKiTKGbt6S59FXjlU9KVeM
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 697e242ced674ee0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H3

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzUwODY1ZGZlZjQ1M2NhMmRjNjVhNGEzODE5MTUzNjRjLmpwZWc.webp
s-img.adskeeper.co.uk/g/6288107/328x328/0x18x700x700/ Frame E948
Redirect Chain

https://c.adskeeper.co.uk/c?pv=2&v=0|0|0|tdw23LMBPTSQK2Vadc4VMxZMksiJbsy3SqCuXhNGq5L8vpbknaSJIeMfd3EYAaiq&cid=770363&f=1&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=622dc614-2381-11ec-a757-...
https://s-img.adskeeper.co.uk/g/6288107/328x328/0x18x700x700/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzUwODY1ZGZlZjQ1M2NhMmRjNjVhNGEzODE5MTUzNjRjLmpwZWc.webp?v=1633179914-oNbhL1uyYspUezKUpq...

23 KB
24 KB

12ms
12ms

Image
image/webp

104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/6288107/328x328/0x18x700x700/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzUwODY1ZGZlZjQ1M2NhMmRjNjVhNGEzODE5MTUzNjRjLmpwZWc.webp?v=1633179914-oNbhL1uyYspUezKUpqSLTS0Rq9wj5qBiyOVnpgfNJnY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.130.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7af8ab858198a1f6414c6edd1d7eb64b24ca3e8d89a7453ed66d32260f47f72f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:05:16 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 14:23:04 GMT
x-mg-request-uuid: 338c5ee9-66e2-4edc-a7c6-046167a04507
age: 80816
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 697e242d9e754ee0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23970
server: cloudflare

Redirect headers

pragma: no-cache
date: Sat, 02 Oct 2021 13:05:16 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 8a5f45e0-460a-4cad-a28d-66cd53edd9a2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.adskeeper.co.uk/g/6288107/328x328/0x18x700x700/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzUwODY1ZGZlZjQ1M2NhMmRjNjVhNGEzODE5MTUzNjRjLmpwZWc.webp?v=1633179914-oNbhL1uyYspUezKUpqSLTS0Rq9wj5qBiyOVnpgfNJnY
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 697e242ced694ee0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
DATA 200
OK truncated
/ Frame E948 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63a428de16700f13f745cca888ee6d19b8c9470c623116b647c2a0cb431549a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E948 814 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01258ad47ff93fa506eeeeb68d76394891dd70751c894e3bb1cd1823e34e0a84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 21ms
20ms Ping
text/plain 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-ZKQGJML8NR&gtm=2oe9r0&_p=1385960328&sr=1600x1200&ul=en-us&cid=699647040.1633179913&_s=2&dl=https%3A%2F%2Firachan.xyz%2F&dt=Cerpen%20Mu%20Cerpen%20Ku&sid=1633179913&sct=1&seg=0&en=irachan.xyz&_et=95&ep.event_category=irachan.xyz&ep.event_label=irachan.xyz
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZKQGJML8NR
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://irachan.xyz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 13:05:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://irachan.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ Frame 7231 0
17 B 20ms
20ms Ping
text/plain 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-ZKQGJML8NR&gtm=2oe9r0&_p=631963850&sr=1600x1200&ul=en-us&cid=699647040.1633179913&dl=https%3A%2F%2Firachan.xyz%2F&dr=https%3A%2F%2Firachan.xyz%2F&dt=Cerpen%20Mu%20Cerpen%20Ku&sid=1633179913&sct=1&seg=1&_s=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZKQGJML8NR
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://irachan.xyz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 13:05:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://irachan.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: i.wmgtr.com
URL: https://i.wmgtr.com/cic/PJzI7vofYMkLJlsDDrdgJwFN4G_V58EZ.png

Domain: c.adskeeper.co.uk
URL: https://c.adskeeper.co.uk/c?pv=2&v=0|0|0|F2CGdMNtP5elUVBQF7p8sT00_X3aDMnTdBgnOD2-rgmH7z2-9AkqJ-FIXzgh5Yqv&cid=770363&f=1&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=61bb1461-2381-11ec-82bb-e4434b374cb2&psid=914738&iub=aHR0cHM6Ly9zLWltZy5hZHNrZWVwZXIuY28udWsvZy8zODA1NjY0LzMyOHgzMjgvOTZ4MHg0ODB4NDgwL2FIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBZeTh5TURFNUxUQTJMekV3TVRreU5DOHhPRFJqTnpCa1pEUm1ZV1ZrWkdZNU1UVTFZVGRpWkdRM01tRmpOVEU1TXk1cWNHVm4ud2VicD92PTE2MzMxNzk5MTMtcS04akZLWDNwYmJ1Z0dINlhDSXE2bHdNeG95c3VKMzN5eUtpM19WSHhFQQ==

Domain: c.adskeeper.co.uk
URL: https://c.adskeeper.co.uk/c?pv=2&v=0|0|0|F2CGdMNtP5elUVBQF7p8sd7BOHbfZDOfdXhME5shQN_Jssy2j9BKGAT3Jo528Po3&cid=770363&f=1&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=61bb17e7-2381-11ec-a757-e4434b374bc6&psid=914738&iub=aHR0cHM6Ly9zLWltZy5hZHNrZWVwZXIuY28udWsvZy8xMDgzOTYwNS8zMjh4MzI4Ly0vYUhSMGNEb3ZMMk5zTG1sdFoyaHZjM1J6TG1OdmJTOXBiV2RvTDJsdFlXZGxMMlpsZEdOb0wyRnlYekU2TVN4algyWnBiR3dzWlY5emFHRnljR1Z1T2pFd01DeG1YMnB3Wnl4blgzaDVYMk5sYm5SbGNpeDNYemsyTUN4NFh6WTFPQ3g1WHpRM05TOW9kSFJ3T2k4dmFXMW5hRzl6ZEhNdVkyOXRMM1F2TWpBeU1TMHdOaTh4TURFNU1qUXZaVFExTjJKaFpEUmlPR1ppWWpFeU5HUmlNamd4TnpBMU9UZzRNVFV3Wm1NdWFuQmxady53ZWJwP3Y9MTYzMzE3OTkxMy1DRXM5U2VwWkpPbDdVbmxoYlRKdmdYSW9zdlVmQzlXWVNPS3YtY09tZ2k4

Domain: c.adskeeper.co.uk
URL: https://c.adskeeper.co.uk/c?pv=2&v=0|0|0|tdw23LMBPTSQK2Vadc4VM7qXwI4QYzPPW0squ9nVASk0BuTummoO3nRJi5qnURjV&cid=770363&f=1&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=622dc15b-2381-11ec-9fce-e4434b374c8a&psid=914738&iub=aHR0cHM6Ly9zLWltZy5hZHNrZWVwZXIuY28udWsvZy80MDIzMTM4LzMyOHgzMjgvMzd4MHg1MzV4NTM1L2FIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TVRrdE1EZ3ZNVEF4T1RJMEwyRm1NemRpTVRJeE0yWXhZVFF5TmprelpXRTFZall5WTJabE5qZzRPVEEzTG1wd1pXYy53ZWJwP3Y9MTYzMzE3OTkxNC03bE9wYU15alM1RTVJX0V2dnpDRlN4S2lUS0didDZTNTlGWGpsVTlLVmVN

Domain: c.adskeeper.co.uk
URL: https://c.adskeeper.co.uk/c?pv=2&v=0|0|0|tdw23LMBPTSQK2Vadc4VMxZMksiJbsy3SqCuXhNGq5L8vpbknaSJIeMfd3EYAaiq&cid=770363&f=1&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=622dc614-2381-11ec-a757-e4434b374bc6&psid=914738&iub=aHR0cHM6Ly9zLWltZy5hZHNrZWVwZXIuY28udWsvZy82Mjg4MTA3LzMyOHgzMjgvMHgxOHg3MDB4NzAwL2FIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpBdE1EWXZNVEF4T1RJMEx6VXdPRFkxWkdabFpqUTFNMk5oTW1Sak5qVmhOR0V6T0RFNU1UVXpOalJqTG1wd1pXYy53ZWJwP3Y9MTYzMzE3OTkxNC1vTmJoTDF1eVlzcFVlektVcHFTTFRTMFJxOXdqNXFCaXlPVm5wZ2ZOSm5Z

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.irachan.xyz/	1969-12-31 23:59:59	Name: irachan_xyz Value: e229e149867eac4665e3b083015c2cf0
.irachan.xyz/	1970-01-20 07:01:15	Name: __gads Value: ID=9567595a23e15a44-22a4034ce3ca0048:T=1633179913:RT=1633179913:S=ALNI_MbrvWlHlqvkQcWgWYKhfCbsaAWtEw
.irachan.xyz/	1970-01-19 21:41:06	Name: _gid Value: GA1.2.1799128876.1633179914
.irachan.xyz/	1970-01-19 21:39:39	Name: _gat Value: 1
.irachan.xyz/	1970-01-19 21:39:39	Name: _gat_gtag_UA_46789381_15 Value: 1
.irachan.xyz/	1970-01-20 15:10:51	Name: _ga Value: GA1.2.699647040.1633179913
.doubleclick.net/	1970-01-20 15:10:51	Name: IDE Value: AHWqTUnrzGDQRWn4lk0E4c3wYrED09e7_byNtxb5HT5gsWVh03twNvC0rsLSRYORHkM
.adskeeper.com/	1970-01-25 20:31:23	Name: muidn Value: l92dm4zdQz56
.irachan.xyz/	1970-01-20 15:10:51	Name: _ga_ZKQGJML8NR Value: GS1.1.1633179913.1.1.1633179914.0
servicer.adskeeper.com/	1970-01-19 21:39:40	Name: __mglb Value: cbeb893f26be92ee4d57b414fbc5f82c
irachan.xyz/	1969-12-31 23:59:59	Name: AdskeeperStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22na1rpxTF*%22%7D%2C%22C1092870%22%3A%7B%22page%22%3A1%2C%22time%22%3A1633179915000%7D%7D
.adskeeper.co.uk/	1970-01-25 20:31:23	Name: muidn Value: l92f5150EY56

48 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://irachan.xyz/ Message: Mixed Content: The page at 'https://irachan.xyz/' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/ Message: Mixed Content: The page at 'https://irachan.xyz/' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/ Message: Mixed Content: The page at 'https://irachan.xyz/' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/ Message: Mixed Content: The page at 'https://irachan.xyz/' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/ Message: Mixed Content: The page at 'https://irachan.xyz/' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/ Message: Mixed Content: The page at 'https://irachan.xyz/' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/ Message: Mixed Content: The page at 'https://irachan.xyz/' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/ Message: Mixed Content: The page at 'https://irachan.xyz/' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/ Message: Mixed Content: The page at 'https://irachan.xyz/' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/ Message: Mixed Content: The page at 'https://irachan.xyz/' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/ Message: Mixed Content: The page at 'https://irachan.xyz/' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/ Message: Mixed Content: The page at 'https://irachan.xyz/' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/ Message: Mixed Content: The page at 'https://irachan.xyz/' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/ Message: Mixed Content: The page at 'https://irachan.xyz/' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/ Message: Mixed Content: The page at 'https://irachan.xyz/' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/ Message: Mixed Content: The page at 'https://irachan.xyz/' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/ Message: Mixed Content: The page at 'https://irachan.xyz/' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/ Message: Mixed Content: The page at 'https://irachan.xyz/' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/ Message: Mixed Content: The page at 'https://irachan.xyz/' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/ Message: Mixed Content: The page at 'https://irachan.xyz/' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/ Message: Mixed Content: The page at 'https://irachan.xyz/' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/ Message: Mixed Content: The page at 'https://irachan.xyz/' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/ Message: Mixed Content: The page at 'https://irachan.xyz/' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/ Message: Mixed Content: The page at 'https://irachan.xyz/' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/# Message: Mixed Content: The page at 'https://irachan.xyz/#' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/# Message: Mixed Content: The page at 'https://irachan.xyz/#' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/# Message: Mixed Content: The page at 'https://irachan.xyz/#' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/# Message: Mixed Content: The page at 'https://irachan.xyz/#' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/# Message: Mixed Content: The page at 'https://irachan.xyz/#' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/# Message: Mixed Content: The page at 'https://irachan.xyz/#' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/# Message: Mixed Content: The page at 'https://irachan.xyz/#' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/# Message: Mixed Content: The page at 'https://irachan.xyz/#' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/# Message: Mixed Content: The page at 'https://irachan.xyz/#' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/# Message: Mixed Content: The page at 'https://irachan.xyz/#' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/# Message: Mixed Content: The page at 'https://irachan.xyz/#' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/# Message: Mixed Content: The page at 'https://irachan.xyz/#' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/# Message: Mixed Content: The page at 'https://irachan.xyz/#' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/# Message: Mixed Content: The page at 'https://irachan.xyz/#' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/# Message: Mixed Content: The page at 'https://irachan.xyz/#' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/# Message: Mixed Content: The page at 'https://irachan.xyz/#' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/# Message: Mixed Content: The page at 'https://irachan.xyz/#' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/# Message: Mixed Content: The page at 'https://irachan.xyz/#' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/# Message: Mixed Content: The page at 'https://irachan.xyz/#' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/# Message: Mixed Content: The page at 'https://irachan.xyz/#' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/# Message: Mixed Content: The page at 'https://irachan.xyz/#' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/# Message: Mixed Content: The page at 'https://irachan.xyz/#' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/# Message: Mixed Content: The page at 'https://irachan.xyz/#' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://irachan.xyz/# Message: Mixed Content: The page at 'https://irachan.xyz/#' was loaded over HTTPS, but requested an insecure element 'http://directory.wapkiz.com/download/dl6/4c5b9d223ca30a01d8e4fc1d2acb33b7/directory+wapkiz+com/photo-1597809259188-0e5ffcbb0ba9-(directory.wapkiz.com).jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1337x2.xyz
acceptable.a-ads.com
ad.jetx.info
adservice.google.com
afarkas.github.io
ajax.googleapis.com
c.adskeeper.co.uk
c.adskeeper.com
cdn.adskeeper.co.uk
cloudflare.com
cm.adskeeper.com
counter.jdi5.com
d18t35yyry2k49.cloudfront.net
directory.wapkiz.com
dl6.wapkizfile.info
fastcdn.jdi5.com
freychang.fun
googleads.g.doubleclick.net
hireprecially.space
i.wmgtr.com
imgcdn1.jdi5.com
ipldekho.cyou
irachan.xyz
js.wpadmngr.com
js.wpushsdk.com
jsc.adskeeper.com
maxcdn.bootstrapcdn.com
msgose.com
na.nawpush.com
pagead2.googlesyndication.com
partner.googleadservices.com
s-img.adskeeper.co.uk
s-img.adskeeper.com
servicer.adskeeper.com
static.a-ads.com
stats.g.doubleclick.net
tpc.googlesyndication.com
unfudgetljbf.xyz
www.google-analytics.com
www.google.com
www.googletagmanager.com
yfetyg.com
c.adskeeper.co.uk
i.wmgtr.com
104.16.133.229
104.18.11.207
104.18.16.65
104.18.17.65
104.19.130.80
104.21.23.173
104.21.234.68
104.21.4.172
104.21.40.186
104.21.45.207
104.21.72.248
13.224.193.5
13.224.194.224
142.250.184.226
142.250.185.202
142.250.185.68
142.250.185.98
142.250.186.142
142.250.186.162
142.250.186.34
142.250.74.200
143.204.98.33
148.251.13.139
172.217.18.97
172.67.176.37
172.67.182.2
185.162.85.1
185.199.111.153
213.174.135.24
213.174.135.25
213.174.135.33
45.14.224.146
66.102.1.155
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01258ad47ff93fa506eeeeb68d76394891dd70751c894e3bb1cd1823e34e0a84
0134c24343b9c4586ad584a05f316a1bb61ba42e160234c6e374b07214bf9c8d
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
068a2937e1e5cd737281af4eb119dfae9da9f7bbdb5a731dbe5a1e39b9b120cd
081e6c3577e482f568b569bb09608c6616bb8988b13e878132bf6df52effa894
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0c5bca251ca7d50a8d8e8b04bd5c4707f2964d89c310f3f5ae1a7a61edb76761
0d9ef3c2a0326cf0f9a837748677216cef3764de69c96127d92ebd0a22fde8eb
0f0d4c197fce59ce7a72be4f40e9df71381c7c166b627082ed92b2cb68eb6777
14c06c072070cdd81bc629fcc0e61bc442ed21c9bad8bbfda063ea7688a1d443
14ffffacf06bf47be099d6ee727cdf1c5bf860f687a79d33504e176a9fcaa4f4
1e38b415c34bc287e5f207b929aa1a732dcc1fc58e757a7f077719a84d7c059c
1e9c0760faa5abb9a0ad5e0ba78e3e7b7e2299748efab991011475d27beab3bb
1ee8ef7e6b19406ef06a1245b4851d4b6465cbe38d30182bc2f03b1711e7f603
21bfa4cc49f70c71ddf5568764b850f3dd4ce50cc0895ec49c445251a423b0fd
28a5d1001a9bd9a1fc5b1b9130680636e5698bfc42fff98053557e87d8506f1f
2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
390b575278cb016b7baf6d244c5edd72b6b8b342e73bef767a13c5eb8172c277
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3cc824892c836c2d34a161e79c6f62e506871ccf29f926b24d990dea4d7a3b6e
3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b
4981f50cde36b6f5acdc4756695c4cf63661951c033b149deb88cf876eb3957d
4e02b5fb8c787479689cf488df6a981dd203e22f3ed2ac38d8e060451e6bd441
4e6e557e3330ec122ad4205be0aa8f4c5fbc5fdd77990d49eb16c802c9ef9b57
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
508de954b77d79546376af7ebc0bc9544a3a5b3015a0e347deaf5e317a5ee782
5183e8686cc20c1163b6f88b76a0a186066d6c4a2a69e56d89b9f3a4924df29f
5280a16ad1d4adda987d3325c2c2bc292439d8d907967bcc0642c2df7f0c17b4
5a1696d53feff9e760ba219050cc0d06599075b91e42cae0b69728e097b52e85
5ce3f6ea71ea0f7eb1247e5555023217bb60373c178676b4bf86c89c24c8827c
5cf6a77b925afb31b827686cb358cb4b59375cc008a3e0c58b9d187c367935aa
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
63a428de16700f13f745cca888ee6d19b8c9470c623116b647c2a0cb431549a0
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
662182153a6df35277a679198acc21e29e810a4ae43b1e2394d543bae33c3d22
6892b23d97c197227dac51fb0f2c64584108a7dd73c4e9ff04278df22426f5db
696e0bcf46c01763d5293c509cd4aad25da6112667bb15864aea23859f84b00b
6cab770e1de574bec2e5c620b1f58b95e8d8e163bb926ba8656a3230753c287e
7035414234982fdadd5d472ac9ad322a29f40a0356e1aa8f03a0f9beaabd770c
77c542063b51ba9af3ac699ea8d9a52399756ba9c2e8a1a87dea4f5443962025
7af8ab858198a1f6414c6edd1d7eb64b24ca3e8d89a7453ed66d32260f47f72f
80de47821654fdda2f463506ec525ef1e5f3788e5aa8638793034fe79162935e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8439e68fce03abf2957e1bdc09ad48b00585e15a0ef5d263cfa314b0ddfb51f2
844cd7c95dbfa6c8ab7014f23addfb85542bb59564c58a35e737584becf8db7a
850a5427b601f5d72a7b54a033c7240d48a406c19a4c445a9cc52ad36d88cc35
8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6
8bf5b63cb6813d7469b5e3404170149408167aa96d124b935a01c42d99110d8f
8f530bfa2c38b91f1fc244604bb6db7381662a0a44f151bf368d310ced331442
986fe81e4162a6bdfcbede74172e415c2862eabebd9276a422bbf40888dd25da
9fbc15345a623e3db90c650b14c0e65d07280a431f85cfd5e0f8cdf6f5bf79e5
9fde03655b9f5938e00f62de44515d21599c415e7b503ce6b4b31e2f6a152ae0
9fe93da8b15e318c34a8c64e4559816f8ed977181ff0f6870e29d3e93327236a
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a3b00a705afd0f953cf47e40d8d89b27607e6ba5d51bce6650820f9801647813
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4bc51dd1031eccaf38a0943a5cb489175672def80568391d00bbcfb46842a34
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a66e0f11eb13b75e303b30e66585112808d9979916c955beb706ed5060de7ca4
a870d464b030428277550a379c34c1414b360884a053328d25ae5ce88498d696
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bd5fcd4480ba75fe57180413beaaeb69986a4a9649f7638d2bbab905e6830690
c2542c98586eff5f599e43ad3a9afe1cb9d076085c45e73fc9348f7f2743dc4e
c35a8727353488851341b6eb311b790f6ddcc85b904a9754a5541c0451b67a39
cceeaf46f4b2d1c5bc73eb5f03ab864be51ac65b52986204cd34ed8af862dac3
ced25c7361eb959608d58b7d56e6ee09f8e080960f08c23c536a8876a6e5d32e
d0f365f4637cb6affcc024e62d7d426a3db7d8ef0b76cfa87ea8fd4bedd58416
d62701b584f298ae6dbd0c474449c48fd8b1efe9732a76ccec70a8ac014ac5fb
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
db98311961b27208db93e5b89402fee332e966e64adcead12d2acea513c78f8b
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e053cff9c7aa010cf47335ef98c06ee36360609cd1b9153335956aa7237557f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d214365a0d7dfceab60b926fad32ebbe63f0e05187d70cb50028b2ded0792e
e51bda654d58478ec0d9a3f0eac2c68248b7461286fce1478b25a4c788c1c268
e5455e79cc0ddd6f900b3dda50ef7815c41d9b1fa0a5f8e8eb04efdc272d871a
e7f9951426a68132d298172f4e8aefa6eb47459370334932220fcb0c4b903d91
e87563474afdf1556961153621ee2d4f460297daae3a9cd393ecb680e69f43eb
e9b281d1d3a53a42aaa13f8b0e5b332da80515dd3f010481193953038d8fa7ef
eb96e7a7a34a269aca8926e595ad0add431e4dead7b9fcc83522a3e6ffa8cb61
ebd9f202011f8a926c9544a4ba1f5488e1c12f336d8595ae6595daf4b326fecc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f55305c1eb95d27c0b58235590a184a11b5093f7481b48862645b2dc45d458cf
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

irachan.xyz Open in urlscan Pro 104.21.4.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

153 Requests

95 %HTTPS

0 %IPv6

30 Domains

42 Subdomains

32 IPs

5 Countries

1837 kBTransfer

4531 kBSize

12 Cookies

6 Outgoing links

Redirected requests

153 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

irachan.xyz Open in urlscan Pro
104.21.4.172 Public Scan

Screenshot
Live screenshot

Full Image

153
Requests

95 %
HTTPS

0 %
IPv6

30
Domains

42
Subdomains

32
IPs

5
Countries

1837 kB
Transfer

4531 kB
Size

12
Cookies

153 HTTP transactions
2 data transactions