urlscan.io logo urlscan.io
SecurityTrails logo

www.bacdzteam.com Open in urlscan Pro
95.217.226.12  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.bacdzteam.com/rzlt//17.html
Submission: On October 13 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 7 countries across 21 domains to perform 57 HTTP transactions. The main IP is 95.217.226.12, located in Finland and belongs to HETZNER-AS, DE. The main domain is www.bacdzteam.com.
This is the only time www.bacdzteam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 95.217.226.12 24940 (HETZNER-AS)
5 87.245.235.35 9002 (RETN-AS)
10 139.45.196.206 9002 (RETN-AS)
5 139.45.196.70 9002 (RETN-AS)
1 67.227.184.215 32244 (LIQUIDWEB)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 139.45.195.70 9002 (RETN-AS)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 139.45.195.94 9002 (RETN-AS)
5 2a00:1450:400... 15169 (GOOGLE)
2 139.45.195.162 9002 (RETN-AS)
2 139.45.197.130 9002 (RETN-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 52.208.186.41 16509 (AMAZON-02)
1 178.162.156.33 60781 (LEASEWEB-...)
2 139.45.195.254 9002 (RETN-AS)
1 139.45.196.102 9002 (RETN-AS)
57 21
1    95.217.226.12 (Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.12.226.217.95.clients.your-server.de
www.bacdzteam.com
5    87.245.235.35 (United Kingdom)

ASN9002 (RETN-AS, EU)
in-page-push.com
10    139.45.196.206 (Ascension Island)

ASN9002 (RETN-AS, EU)
iptautup.com
5    139.45.196.70 (Ascension Island)

ASN9002 (RETN-AS, EU)
upgulpinon.com
1    67.227.184.215 (Lansing, United States)

ASN32244 (LIQUIDWEB, US)
wheelchairsagainstguns.org
8    2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
adservice.google.com
googleads.g.doubleclick.net
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:4700:20::681a:dab (United States)

ASN13335 (CLOUDFLARENET, US)
iclickcdn.com
2    2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
www.googletagservices.com
1    139.45.195.70 (Ascension Island)

ASN9002 (RETN-AS, EU)
bedrapiona.com
1    2606:4700:20::681a:97b (United States)

ASN13335 (CLOUDFLARENET, US)
static.lalaping.com
2    139.45.195.94 (Ascension Island)

ASN9002 (RETN-AS, EU)
bestaryua.com
5    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    139.45.195.162 (Ascension Island)

ASN9002 (RETN-AS, EU)
my.rtmark.net
2    139.45.197.130 (Ascension Island)

ASN9002 (RETN-AS, EU)
static.ptoahaistais.com
2    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    52.208.186.41 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-186-41.eu-west-1.compute.amazonaws.com
e2ertt.com
1    178.162.156.33 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com
perf.cdnads.com
2    139.45.195.254 (Ascension Island)

ASN9002 (RETN-AS, EU)
o.wowreality.info
1    139.45.196.102 (Ascension Island)

ASN9002 (RETN-AS, EU)
onstunkyr.com
Domain Requested by
10 iptautup.com www.bacdzteam.com
iptautup.com
5 www.google.com www.bacdzteam.com
5 upgulpinon.com www.bacdzteam.com
upgulpinon.com
5 in-page-push.com www.bacdzteam.com
in-page-push.com
4 pagead2.googlesyndication.com www.bacdzteam.com
pagead2.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 o.wowreality.info static.lalaping.com
2 e2ertt.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 static.ptoahaistais.com in-page-push.com
2 my.rtmark.net www.bacdzteam.com
in-page-push.com
2 bestaryua.com iclickcdn.com
2 connect.facebook.net www.bacdzteam.com
connect.facebook.net
1 onstunkyr.com
1 perf.cdnads.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 static.lalaping.com upgulpinon.com
1 bedrapiona.com iclickcdn.com
1 iclickcdn.com www.bacdzteam.com
1 wheelchairsagainstguns.org www.bacdzteam.com
1 www.bacdzteam.com
57 23

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
Subject Issuer Validity Valid
iptautup.com
Let's Encrypt Authority X3		 2020-09-24 -
2020-12-23		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-09-11 -
2020-12-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-03 -
2021-08-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
bedrapiona.com
Let's Encrypt Authority X3		 2020-10-08 -
2021-01-06		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.rtmark.net
Let's Encrypt Authority X3		 2020-08-28 -
2020-11-26		 3 months crt.sh
in-page-push.com
Let's Encrypt Authority X3		 2020-08-28 -
2020-11-26		 3 months crt.sh
ptoahaistais.com
Let's Encrypt Authority X3		 2020-08-26 -
2020-11-24		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
e2ertt.com
Sectigo RSA Domain Validation Secure Server CA		 2019-10-02 -
2020-10-14		 a year crt.sh
*.onstunkyr.com
Let's Encrypt Authority X3		 2020-10-12 -
2021-01-10		 3 months crt.sh

This page contains 8 frames:

Primary Page: http://www.bacdzteam.com/rzlt//17.html
Frame ID: 27D1DE3E5155FC19653BFF7FA059FFBA
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201008/r20190131/zrt_lookup.html
Frame ID: 6EE1FB0D4ECD06789F33E7DD77A84737
Requests: 1 HTTP requests in this frame

Frame: http://bestaryua.com/fac.php
Frame ID: 6A2EDE6A1FC302AAD1051E9A6B8A374D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8499207190248103&output=html&h=250&slotname=7365479675&adk=2420345359&adf=1671876784&w=970&lmt=1602540346&psa=0&guci=1.2.0.0.2.2.0.0&format=970x250&url=http%3A%2F%2Fwww.bacdzteam.com%2Frzlt%2F%2F17.html&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602587512708&bpp=14&bdt=56&idt=142&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1789656874150&frm=20&pv=2&ga_vid=467584791.1602587513&ga_sid=1602587513&ga_hid=2015327403&ga_fc=0&iag=0&icsg=44040320&dssz=17&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067584&oid=3&pvsid=2701583427302152&pem=745&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=KnV4rg2zQn&p=http%3A//www.bacdzteam.com&dtd=159
Frame ID: 5711C67BE1FE8B5EBCB09C3AA2B88E9A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8499207190248103&output=html&adk=1812271804&adf=3025194257&lmt=1602540346&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.bacdzteam.com%2Frzlt%2F%2F17.html&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602587512722&bpp=3&bdt=69&idt=154&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&nras=1&correlator=1789656874150&frm=20&pv=1&ga_vid=467584791.1602587513&ga_sid=1602587513&ga_hid=2015327403&ga_fc=0&iag=0&icsg=178258048&dssz=18&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067584&oid=3&pvsid=2701583427302152&pem=745&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=159
Frame ID: 2A29246C306C16C590BF599770FD4764
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 71E711CB67740E14AF18C24FE606A177
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 9DC69A0D8B667C98B2C0F5F54A8CA26E
Requests: 1 HTTP requests in this frame

Frame: https://static.ptoahaistais.com/contents/s/2a/a3/91/e7f052d79c0c021ef2fff38db2/0276441336168.png
Frame ID: CCE073E5415A20E3D382B9412DBDCD68
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

57
Requests

67 %
HTTPS

35 %
IPv6

21
Domains

23
Subdomains

21
IPs

7
Countries

643 kB
Transfer

1658 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://connect.facebook.net/ar_AR/sdk.js HTTP 307
  • https://connect.facebook.net/ar_AR/sdk.js

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 17.html
www.bacdzteam.com/rzlt// 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.bacdzteam.com/rzlt//17.html
Protocol
HTTP/1.1
Server
95.217.226.12 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.12.226.217.95.clients.your-server.de
Software
DZ-HTTP /
Resource Hash
7ecfc86ff1af3bd1396e03d8bbef397bce540b3f2f08d58d76827d73da27556a

Request headers

Host
www.bacdzteam.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Type
text/html
Last-Modified
Mon, 12 Oct 2020 22:05:46 GMT
Accept-Ranges
bytes
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Length
1616
Date
Tue, 13 Oct 2020 11:11:52 GMT
Server
DZ-HTTP
3620929
in-page-push.com/400/ 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://in-page-push.com/400/3620929
Requested by
Host: www.bacdzteam.com
URL: http://www.bacdzteam.com/rzlt//17.html
Protocol
HTTP/1.1
Server
87.245.235.35 , United Kingdom, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
23d668fa18d93fbcc960e7ee3ec09353e050b5c9f87d7df78775f170c03543d0
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id
7a9ce6621ecb23f60ca97c6c17a4d358
Pragma
no-cache
Date
Tue, 13 Oct 2020 11:11:52 GMT
Content-Encoding
gzip
Vary
Origin
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/javascript
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
Expires
Wed, 31 Dec 1969 19:00:00 EST
tag.min.js
iptautup.com/pfe/current/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iptautup.com/pfe/current/tag.min.js?z=3620937
Requested by
Host: www.bacdzteam.com
URL: http://www.bacdzteam.com/rzlt//17.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.206 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
47b2ffc47245545d1292b0193e7edef9770d9075f1a008675a217c19b710a48c

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Oct 2020 11:11:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Oct 2020 09:55:41 GMT
Server
nginx
ETag
W/"5f7aed9d-a30e"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
1
upgulpinon.com/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://upgulpinon.com/1?z=3620940
Requested by
Host: www.bacdzteam.com
URL: http://www.bacdzteam.com/rzlt//17.html
Protocol
HTTP/1.1
Server
139.45.196.70 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
0225bd58084fc53a691ba95c426b68ab48c0bee6265595c8d31c12449de4a39b

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Oct 2020 11:11:52 GMT
Content-Encoding
gzip
X-Sc
B0kcNmOZDUvYVIFMK712V6trvUs5q5yCBVH4sp7gd30WbHcDgBW1_m5_yh1u6eusUeDvdeFypq0zIWZ5mT-yyTH7f50=
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/javascript
Access-Control-Allow-Origin
Access-Control-Expose-Headers
X-Sc
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires
Mon, 26 Jul 1997 05:00:00 GMT
button-fb.png
wheelchairsagainstguns.org/wp-content/uploads/2015/04/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wheelchairsagainstguns.org/wp-content/uploads/2015/04/button-fb.png
Requested by
Host: www.bacdzteam.com
URL: http://www.bacdzteam.com/rzlt//17.html
Protocol
HTTP/1.1
Server
67.227.184.215 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
Software
Apache/2.4.46 (cPanel) OpenSSL/1.1.1h mod_bwlimited/1.4 /
Resource Hash
bfb2ac0b6e90d6f7dec0fed4162eb09281eddee0059ae8a5839ff058d0048fd2

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 13 Oct 2020 11:11:52 GMT
Last-Modified
Tue, 28 Apr 2015 23:01:01 GMT
Server
Apache/2.4.46 (cPanel) OpenSSL/1.1.1h mod_bwlimited/1.4
ETag
"39dfd4-c573-514d0d614e540"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=100
Content-Length
50547
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		131 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.bacdzteam.com
URL: http://www.bacdzteam.com/rzlt//17.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
894d54e1f44d34168594255fc4dec591aa9b58e5df2a0b420cbeabd10c82b398
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Tue, 13 Oct 2020 11:11:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
5967886754044667461
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
45800
X-XSS-Protection
0
Expires
Tue, 13 Oct 2020 11:11:52 GMT
sdk.js
connect.facebook.net/ar_AR/
Redirect Chain
  • http://connect.facebook.net/ar_AR/sdk.js
  • https://connect.facebook.net/ar_AR/sdk.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ar_AR/sdk.js
Requested by
Host: www.bacdzteam.com
URL: http://www.bacdzteam.com/rzlt//17.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e8fd3d5385557d07c7d47bf1b61e64b763db45d570faa7087dfe2f10ad76c801
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
T6OKSiznMwGhlezZuYhuXw==
status
200
cross-origin-resource-policy
cross-origin
expires
Tue, 13 Oct 2020 11:24:04 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1780
etag
"fbe254e2b664a1d513fafac6157281b2"
x-fb-debug
UxtOBZvgrukWg16Y5ggCouBJDd68AwNxZmHfRuGyb/TVrM3zCkZYwolzDv2LlxOv5imwqqZUqS6Bw1gEPqgzCQ==
x-fb-trip-id
664085054
x-fb-content-md5
1845f808f87c7a868a651815e98c76d9
date
Tue, 13 Oct 2020 11:11:52 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5

Redirect headers

Location
https://connect.facebook.net/ar_AR/sdk.js#xfbml=1&version=v2.6
Non-Authoritative-Reason
HSTS
tag.min.js
iclickcdn.com/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iclickcdn.com/tag.min.js
Requested by
Host: www.bacdzteam.com
URL: http://www.bacdzteam.com/rzlt//17.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:dab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f50523037ef65967a0ad29059cf17036edea07c866162b80d93db49ca521363

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 11:11:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*
age
52709
status
200
access-control-allow-methods
GET, POST, OPTIONS
cf-request-id
05c341e76a00002b2288945200000001
x-trace-id
ed78f6c324759d83fa6187d782565af1
pragma
no-cache
last-modified
Thu, 08 Oct 2020 14:23:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602587513"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
5e189f524c4e2b22-FRA
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 13 Oct 2020 20:33:23 GMT
sdk.js
connect.facebook.net/ar_AR/ 		201 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ar_AR/sdk.js?hash=be016ac7b996a134326049bbb66b5459&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/ar_AR/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bd6ad8c73b08afa9dba209b440a43d67361db3c064e6325ec953fbfb35ace9ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
http://www.bacdzteam.com
Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
SvmfnZ1snuYK1Is1lfJnMw==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
62485
etag
"4a9c3aecdb5cfe201d5aba1d437e7494"
x-fb-debug
c3tO+xeWI5YoTsDK/OOfIZJ0OYStllxC0PmEVbZYU6ubI6IXArqktTOKFnvtVxOZZvQpGX87pbJUzrq2EizYpw==
x-fb-trip-id
664085054
x-fb-content-md5
9574da8c680f65f05b7647b7b6e2f550
x-frame-options
DENY
date
Tue, 13 Oct 2020 11:11:52 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Wed, 13 Oct 2021 10:34:35 GMT
8f395e8b492cdc5aba57254a9ff7bf5e
upgulpinon.com/27/ 		360 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://upgulpinon.com/27/8f395e8b492cdc5aba57254a9ff7bf5e
Requested by
Host: upgulpinon.com
URL: http://upgulpinon.com/1?z=3620940
Protocol
HTTP/1.1
Server
139.45.196.70 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
d1a772ee487577d614860d261bad0fb67d590c10cdfba34f65dffc5aef39befe
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 13 Oct 2020 11:11:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 29 Sep 2020 07:12:55 GMT
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
Cache-Control
max-age:290304000, public
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires
Tue, 29 Oct 2080 07:12:55 GMT
38
upgulpinon.com/42/ 		0
834 B 		Script
General
Check archive.org
Download Go to
Full URL
http://upgulpinon.com/42/38?z=3620940
Requested by
Host: upgulpinon.com
URL: http://upgulpinon.com/1?z=3620940
Protocol
HTTP/1.1
Server
139.45.196.70 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Oct 2020 11:11:52 GMT
X-Sc
Dc3RH7AyMXSOitRiVfUUn2eolmItg_Ge3Xh0XAjIHhIcu4wpI1S2hxYBkegu_kL4lV4Ml8qDGUZ21BcWaOTVRHHGhm8=
Server
nginx
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
Access-Control-Expose-Headers
X-Sc
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Content-Length
0
Expires
Mon, 26 Jul 1997 05:00:00 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/ 		230 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9387b372acec4b3b43903e7597b064818972267299879c050f584f625b122cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 11:11:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
88670
x-xss-protection
0
server
cafe
etag
13373283986949850894
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Oct 2020 11:11:52 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201008/r20190131/ Frame 6EE1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20201008/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20201008/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.bacdzteam.com/rzlt//17.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.bacdzteam.com/rzlt//17.html

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Tue, 13 Oct 2020 03:54:38 GMT
expires
Tue, 27 Oct 2020 03:54:38 GMT
content-type
text/html; charset=UTF-8
etag
7382719332125555894
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4731
x-xss-protection
0
age
26234
cache-control
public, max-age=1209600
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
zone
iptautup.com/ 		717 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://iptautup.com/zone?pub=0&zone_id=3620937&is_mobile=false&domain=www.bacdzteam.com&var=&ymid=&var_3=
Requested by
Host: iptautup.com
URL: https://iptautup.com/pfe/current/tag.min.js?z=3620937
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.206 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
6992999182eee375a64eb7cb861d2135748cbe4fdf5b63670b47d8c5ea846607
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id
44c35daeb64d26873794215efc4e2f23
Date
Tue, 13 Oct 2020 11:11:52 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://www.bacdzteam.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
717
universal.min.js
iptautup.com/pfe/current/ 		193 KB
58 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://iptautup.com/pfe/current/universal.min.js?v=3.1.267
Requested by
Host: iptautup.com
URL: https://iptautup.com/pfe/current/tag.min.js?z=3620937
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.206 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
b4222dcbd259eb8f2ec1dda6422091da77d6cf3c566b21081b298d63919fb2ea

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Oct 2020 11:11:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Oct 2020 09:55:41 GMT
Server
nginx
ETag
W/"5f7aed9d-30562"
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
http://www.bacdzteam.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
apu.php
bedrapiona.com/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bedrapiona.com/apu.php?oo=1&zoneid=3620934
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.195.70 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
3898aa86481003285cea642c65820af26f119ebbfb9be82f7ad4492b3a5ed6f7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 13 Oct 2020 11:11:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-Trace-Id
a21284bdeacdc0e488a4416b2cb451d8
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
http://www.bacdzteam.com
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Expires
Tue, 11 Jan 1994 10:00:00 GMT
9
upgulpinon.com/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
http://upgulpinon.com/9?z=3620940&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Fwww.bacdzteam.com%2Frzlt%2F%2F17.html&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&sah=1200&drf=&hil=2&ist=0
Protocol
HTTP/1.1
Server
139.45.196.70 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://www.bacdzteam.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Tue, 13 Oct 2020 11:11:52 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
http://www.bacdzteam.com
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Pragma
no-cache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Mon, 26 Jul 1997 05:00:00 GMT
online.js
static.lalaping.com/ 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.lalaping.com/online.js?ver=2.0.0
Requested by
Host: upgulpinon.com
URL: http://upgulpinon.com/27/8f395e8b492cdc5aba57254a9ff7bf5e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:97b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 11:11:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
395
status
200
cf-request-id
05c341e80e0000d6cd4bad0200000001
last-modified
Mon, 12 Oct 2020 13:24:03 GMT
server
cloudflare
etag
W/"5f8458f3-14f3c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602587513"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
5e189f534cf7d6cd-FRA
9
upgulpinon.com/ 		0
885 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://upgulpinon.com/9?z=3620940&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Fwww.bacdzteam.com%2Frzlt%2F%2F17.html&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&sah=1200&drf=&hil=2&ist=0
Requested by
Host: upgulpinon.com
URL: http://upgulpinon.com/27/8f395e8b492cdc5aba57254a9ff7bf5e
Protocol
HTTP/1.1
Server
139.45.196.70 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Tue, 13 Oct 2020 11:11:52 GMT
X-Sc
xPj-YvASk1NrY7tpDdbdUEFnV3Ml37b2yLm5D0giyOsLkReLvo8Qviog47veDZbDux2uX_Uzwd6Zk6d5XaX8yJYy6-0=
Server
nginx
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
http://www.bacdzteam.com
Access-Control-Expose-Headers
X-Sc
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires
Mon, 26 Jul 1997 05:00:00 GMT
options
bestaryua.com/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://bestaryua.com/options?option_args=CMaA3QESIDNjN2E2ODJlZDE3YTRhYTE4YmYwOTEzNGIwMjgwNjg3GjFodHRwOi8vYmVkcmFwaW9uYS5jb20vYXB1LnBocD9vbz0xJnpvbmVpZD0zNjIwOTM0IiZodHRwOi8vd3d3LmJhY2R6dGVhbS5jb20vcnpsdC8vMTcuaHRtbA==
Protocol
HTTP/1.1
Server
139.45.195.94 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://www.bacdzteam.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Tue, 13 Oct 2020 11:11:52 GMT
Connection
keep-alive
Access-Control-Allow-Origin
http://www.bacdzteam.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Pragma
no-cache
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin
* *
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
options
bestaryua.com/ 		0
0
fac.php
bestaryua.com/ Frame 6A2E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://bestaryua.com/fac.php
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
HTTP/1.1
Server
139.45.195.94 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Host
bestaryua.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.bacdzteam.com/rzlt//17.html
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.bacdzteam.com/rzlt//17.html

Response headers

Server
nginx
Date
Tue, 13 Oct 2020 11:11:52 GMT
Content-Type
text/html; charset=utf8
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Pragma
no-cache
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin
* *
X-Trace-Id
26c75e35e6270bb86bcdfefe25762d39
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
integrator.js
adservice.google.de/adsid/ 		109 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.bacdzteam.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 13 Oct 2020 11:11:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
246 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bacdzteam.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 13 Oct 2020 11:11:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5711 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8499207190248103&output=html&h=250&slotname=7365479675&adk=2420345359&adf=1671876784&w=970&lmt=1602540346&psa=0&guci=1.2.0.0.2.2.0.0&format=970x250&url=http%3A%2F%2Fwww.bacdzteam.com%2Frzlt%2F%2F17.html&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602587512708&bpp=14&bdt=56&idt=142&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1789656874150&frm=20&pv=2&ga_vid=467584791.1602587513&ga_sid=1602587513&ga_hid=2015327403&ga_fc=0&iag=0&icsg=44040320&dssz=17&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067584&oid=3&pvsid=2701583427302152&pem=745&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=KnV4rg2zQn&p=http%3A//www.bacdzteam.com&dtd=159
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8499207190248103&output=html&h=250&slotname=7365479675&adk=2420345359&adf=1671876784&w=970&lmt=1602540346&psa=0&guci=1.2.0.0.2.2.0.0&format=970x250&url=http%3A%2F%2Fwww.bacdzteam.com%2Frzlt%2F%2F17.html&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602587512708&bpp=14&bdt=56&idt=142&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=1789656874150&frm=20&pv=2&ga_vid=467584791.1602587513&ga_sid=1602587513&ga_hid=2015327403&ga_fc=0&iag=0&icsg=44040320&dssz=17&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067584&oid=3&pvsid=2701583427302152&pem=745&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=KnV4rg2zQn&p=http%3A//www.bacdzteam.com&dtd=159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.bacdzteam.com/rzlt//17.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.bacdzteam.com/rzlt//17.html

Response headers

status
400
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 13 Oct 2020 11:11:52 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 13-Oct-2020 11:26:52 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
405f8354addef1122e5aa8e0792ff65778ae3ee2f4092be9d875b4c6ff8f5192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 11:11:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1602502693699453"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27594
x-xss-protection
0
expires
Tue, 13 Oct 2020 11:11:52 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 2A29 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8499207190248103&output=html&adk=1812271804&adf=3025194257&lmt=1602540346&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.bacdzteam.com%2Frzlt%2F%2F17.html&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602587512722&bpp=3&bdt=69&idt=154&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&nras=1&correlator=1789656874150&frm=20&pv=1&ga_vid=467584791.1602587513&ga_sid=1602587513&ga_hid=2015327403&ga_fc=0&iag=0&icsg=178258048&dssz=18&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067584&oid=3&pvsid=2701583427302152&pem=745&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=159
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8499207190248103&output=html&adk=1812271804&adf=3025194257&lmt=1602540346&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.bacdzteam.com%2Frzlt%2F%2F17.html&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602587512722&bpp=3&bdt=69&idt=154&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&nras=1&correlator=1789656874150&frm=20&pv=1&ga_vid=467584791.1602587513&ga_sid=1602587513&ga_hid=2015327403&ga_fc=0&iag=0&icsg=178258048&dssz=18&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067584&oid=3&pvsid=2701583427302152&pem=745&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.bacdzteam.com/rzlt//17.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.bacdzteam.com/rzlt//17.html

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 13 Oct 2020 11:11:52 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 13-Oct-2020 11:26:52 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 13 Oct 2020 11:11:52 GMT
cache-control
private
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: www.bacdzteam.com
URL: http://www.bacdzteam.com/rzlt//17.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 13 Oct 2020 11:11:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 22 Oct 2019 18:30:00 GMT
Server
sffe
Content-Type
image/png
Cache-Control
private, max-age=31536000
Accept-Ranges
bytes
Content-Length
5087
X-XSS-Protection
0
Expires
Tue, 13 Oct 2020 11:11:52 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: www.bacdzteam.com
URL: http://www.bacdzteam.com/rzlt//17.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 13 Oct 2020 11:11:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 22 Oct 2019 18:30:00 GMT
Server
sffe
Content-Type
image/png
Cache-Control
private, max-age=31536000
Accept-Ranges
bytes
Content-Length
5969
X-XSS-Protection
0
Expires
Tue, 13 Oct 2020 11:11:52 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: www.bacdzteam.com
URL: http://www.bacdzteam.com/rzlt//17.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 13 Oct 2020 11:11:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 22 Oct 2019 18:30:00 GMT
Server
sffe
Content-Type
image/png
Cache-Control
private, max-age=31536000
Accept-Ranges
bytes
Content-Length
13504
X-XSS-Protection
0
Expires
Tue, 13 Oct 2020 11:11:52 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Requested by
Host: www.bacdzteam.com
URL: http://www.bacdzteam.com/rzlt//17.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 13 Oct 2020 11:11:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 22 Oct 2019 18:30:00 GMT
Server
sffe
Content-Type
image/png
Cache-Control
private, max-age=31536000
Accept-Ranges
bytes
Content-Length
7048
X-XSS-Protection
0
Expires
Tue, 13 Oct 2020 11:11:52 GMT
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: www.bacdzteam.com
URL: http://www.bacdzteam.com/rzlt//17.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 13 Oct 2020 11:11:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 22 Oct 2019 18:30:00 GMT
Server
sffe
Content-Type
image/png
Cache-Control
private, max-age=31536000
Accept-Ranges
bytes
Content-Length
3934
X-XSS-Protection
0
Expires
Tue, 13 Oct 2020 11:11:52 GMT
custom
iptautup.com/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://iptautup.com/custom
Protocol
HTTP/1.1
Server
139.45.196.206 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://www.bacdzteam.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Tue, 13 Oct 2020 11:11:53 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
http://www.bacdzteam.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age
86400
custom
iptautup.com/ 		39 B
491 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://iptautup.com/custom
Requested by
Host: www.bacdzteam.com
URL: http://www.bacdzteam.com/rzlt//17.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.206 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
cd5968ef9ba6a88e6f7ec0bcb696b266
Date
Tue, 13 Oct 2020 11:11:53 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://www.bacdzteam.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
gid.js
my.rtmark.net/ 		65 B
774 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=7d593e3fd3824efc9dc3b0f123a5e226&zoneId=3620937&checkDuplicate=true&ymid=&var=
Requested by
Host: www.bacdzteam.com
URL: http://www.bacdzteam.com/rzlt//17.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.195.162 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
43b528cea5e70b83aa41da49b5f06f85bc5fe4fe6373fc62adbc24c122c7a04c
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 13 Oct 2020 11:11:53 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://www.bacdzteam.com
Access-Control-Expose-Headers
Authorization
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length
65
defaultSkin.min.js
iptautup.com/pfe/current/ 		56 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://iptautup.com/pfe/current/defaultSkin.min.js
Requested by
Host: www.bacdzteam.com
URL: http://www.bacdzteam.com/rzlt//17.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.206 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
c357f597ae58b89b41335942c7de0b7082db6f6807e4f49c54def56673155488

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Oct 2020 11:11:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Oct 2020 09:55:41 GMT
Server
nginx
ETag
W/"5f7aed9d-de6b"
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
http://www.bacdzteam.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
gid.js
my.rtmark.net/ 		65 B
774 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: in-page-push.com
URL: http://in-page-push.com/400/3620929
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.195.162 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
c9c6addd6b859c78c43c28d0cd3eed8815c0ab707282083b9cae9978e2dff8e9
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 13 Oct 2020 11:11:53 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://www.bacdzteam.com
Access-Control-Expose-Headers
Authorization
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length
65
3620929
in-page-push.com/500/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://in-page-push.com/500/3620929?excludes=&oaid=78712468d88e4b088d70ee67868b0cd1&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=http%3A%2F%2Fwww.bacdzteam.com%2Frzlt%2F%2F17.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
HTTP/1.1
Server
87.245.235.35 , United Kingdom, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
http://www.bacdzteam.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Tue, 13 Oct 2020 11:11:53 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
http://www.bacdzteam.com
Access-Control-Max-Age
300
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
Timing-Allow-Origin
*
3620929
in-page-push.com/500/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://in-page-push.com/500/3620929?excludes=&oaid=78712468d88e4b088d70ee67868b0cd1&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=http%3A%2F%2Fwww.bacdzteam.com%2Frzlt%2F%2F17.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Requested by
Host: in-page-push.com
URL: http://in-page-push.com/400/3620929
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
87.245.235.35 , United Kingdom, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
145a17cdc7e1db702af520730630e35c9f863c755497f32b811d6c1aadaa9a79
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 13 Oct 2020 11:11:53 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-Trace-Id
2d20c1d26b159ccace590fff4b456097
Pragma
no-cache
Server
nginx
Vary
Origin
Strict-Transport-Security
max-age=1
Content-Type
application/javascript
Access-Control-Allow-Origin
http://www.bacdzteam.com
Access-Control-Expose-Headers
Link
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*
Expires
Wed, 31 Dec 1969 19:00:00 EST
truncated
/ Frame 71E7 		255 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
custom
iptautup.com/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://iptautup.com/custom
Protocol
HTTP/1.1
Server
139.45.196.206 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://www.bacdzteam.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Tue, 13 Oct 2020 11:11:53 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
http://www.bacdzteam.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age
86400
custom
iptautup.com/ 		39 B
491 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://iptautup.com/custom
Requested by
Host: www.bacdzteam.com
URL: http://www.bacdzteam.com/rzlt//17.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.206 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
ac7441d3ce8c973cbbf288afc25094e8
Date
Tue, 13 Oct 2020 11:11:53 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://www.bacdzteam.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
custom
iptautup.com/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://iptautup.com/custom
Protocol
HTTP/1.1
Server
139.45.196.206 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://www.bacdzteam.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Tue, 13 Oct 2020 11:11:53 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
http://www.bacdzteam.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age
86400
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201008&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
59108e8fb585ae723b793432878e6239d564610b0e604cb00467b56a0a4a2e47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 13 Oct 2020 11:11:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6423
x-xss-protection
0
custom
iptautup.com/ 		39 B
491 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://iptautup.com/custom
Requested by
Host: www.bacdzteam.com
URL: http://www.bacdzteam.com/rzlt//17.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.206 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
59fd684ba4590e72017c666f7a58fb90
Date
Tue, 13 Oct 2020 11:11:53 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://www.bacdzteam.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
0276441336168.png
static.ptoahaistais.com/contents/s/2a/a3/91/e7f052d79c0c021ef2fff38db2/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ptoahaistais.com/contents/s/2a/a3/91/e7f052d79c0c021ef2fff38db2/0276441336168.png
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.130 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
0b3e928c0bf59b7e48ad949290f60585d1cbe2f43fe80aa8b560af4c7ff5d159

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 13 Oct 2020 11:11:53 GMT
Last-Modified
Fri, 07 Feb 2020 15:37:35 GMT
Server
nginx
ETag
"5e3d843f-1962"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
6498
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 13 Oct 2020 11:11:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1601061966610483"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6293
x-xss-protection
0
expires
Tue, 13 Oct 2020 11:11:53 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 9DC6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/217/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.bacdzteam.com/rzlt//17.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.bacdzteam.com/rzlt//17.html

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Tue, 13 Oct 2020 10:12:30 GMT
expires
Wed, 13 Oct 2021 10:12:30 GMT
last-modified
Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3563
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gda_r20201008&jk=2701583427302152&bg=!mZqlmrrNAAWqWepuqljGGx4ixIsWngIAAABQUgAAAA0KAQZQfM0VdQJgAf4IrbyJJVOdzpvw3BjNRBZPPcjWSsrclb7Q2Q2zUtWeATUMNdfaTB8-e9kxifE30KP4Pno9b5DT7V6j6h-daLx26MaQA-p7BOhO2AId7kykz1oMegGYe_wmHyKykmg1a3BD41nlg8a8yI0BBoYAVWNQyESWqKKgKaU7tPXhAh-VGKN_Bk3M1qpTpYNb25zj2EYZyVzDQ73DPZE7zeURQgeq6vsDnLfBrq47F5jHEE85jKP9ZcTa6ygCZlEW6Cmorrh46JS3JSVTdJEtPtGNX5KuDjeooEXZQ3Cqr0sClF-gUWn-mOGaVMElxAhbNmX80u_L6KBAxgqMI6AXFxcimQGp_Hqk0B_mDac6iN94W-LUbj3kHIM00e63qY94U-dfWTdg4_zrrFsBV3uh1nd2FwB5xXu1WtEWR7RdJg0GTQhJMbQitejNJUhDgBo4ZzIT_7E6zYjd2_D5VibxR-KkBAozwzY-a4bp3UZ3IJwpY1N1k67uUsBHBLeRNPRHCJ5YVHv6JJ4p9GKXmWsj-fKmP3c0JKZFizi5GtSBRsMH3aPvBGF3CQ48ZqN_2Kfc_k9CDSr9CmJN6wxHK_qpWqlsfkAPzx6vWI-7GZlijlM7MWryzJaoNAifyy-x1zxZyj9ablh8qj-qUr0b322OVKAHF8O3OdO6dnbzMzcHX4Ukas_Q3XkZ-UT98yytp-_1HmjYyIyevLb4VNtcoSdlmsoZiZfHiSoYplYOjqbqYFTPYo_q9CKadGsbhpt0h9s_3hZRQDf8bsZv8lygUQDGiNHECP_UHSWXGuP4ilPxU2a0K5esAVkp4SHU1CQh6_rrfo3fcBOR6RXkioLSl4T-nLYdU5O8B1jV5Rcb1eL3hsgogmbpst8Qacx_KpmkAa8dLJcTyh-uy9KD_o7CtUc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Oct 2020 11:11:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
e2ertt.com/ 		0
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e2ertt.com/?jsonKey=%7B%22scriptLoadPerformance%22%3A%7B%22name%22%3A%22https%3A%2F%2Ficlickcdn.com%2Ftag.min.js%22%2C%22entryType%22%3A%22resource%22%2C%22startTime%22%3A105.40499910712242%2C%22duration%22%3A42.980000376701355%2C%22initiatorType%22%3A%22script%22%2C%22nextHopProtocol%22%3A%22h2%22%2C%22workerStart%22%3A0%2C%22redirectStart%22%3A0%2C%22redirectEnd%22%3A0%2C%22fetchStart%22%3A105.40499910712242%2C%22domainLookupStart%22%3A105.82499951124191%2C%22domainLookupEnd%22%3A113.97499963641167%2C%22connectStart%22%3A113.97499963641167%2C%22connectEnd%22%3A128.96999903023243%2C%22secureConnectionStart%22%3A119.23999898135662%2C%22requestStart%22%3A129.06000018119812%2C%22responseStart%22%3A147.2249999642372%2C%22responseEnd%22%3A148.38499948382378%2C%22transferSize%22%3A23064%2C%22encodedBodySize%22%3A22268%2C%22decodedBodySize%22%3A83064%2C%22serverTiming%22%3A%5B%5D%2C%22workerTiming%22%3A%5B%5D%7D%2C%22partner%22%3A%22pa%22%2C%22zoneId%22%3A3620934%2C%22type%22%3A%22onclick%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.186.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-186-41.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 13 Oct 2020 11:11:54 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Strict-Transport-Security
max-age=15768000
Content-Type
image/gif
perf.gif
perf.cdnads.com/ 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://perf.cdnads.com/perf.gif
Protocol
HTTP/1.1
Server
178.162.156.33 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 13 Oct 2020 11:11:53 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
max-age=86400
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
Expires
Wed, 14 Oct 2020 11:11:53 GMT
/
e2ertt.com/ 		0
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e2ertt.com/?jsonKey=%7B%22imgLoadPerformance%22%3A%7B%22name%22%3A%22http%3A%2F%2Fperf.cdnads.com%2Fperf.gif%22%2C%22entryType%22%3A%22resource%22%2C%22startTime%22%3A1432.0049993693829%2C%22duration%22%3A30.774999409914017%2C%22initiatorType%22%3A%22img%22%2C%22nextHopProtocol%22%3A%22http%2F1.1%22%2C%22workerStart%22%3A0%2C%22redirectStart%22%3A0%2C%22redirectEnd%22%3A0%2C%22fetchStart%22%3A1432.0049993693829%2C%22domainLookupStart%22%3A1432.5299989432096%2C%22domainLookupEnd%22%3A1433.4299992769957%2C%22connectStart%22%3A1433.4299992769957%2C%22connectEnd%22%3A1445.8699990063906%2C%22secureConnectionStart%22%3A0%2C%22requestStart%22%3A1445.9199998527765%2C%22responseStart%22%3A1462.2699990868568%2C%22responseEnd%22%3A1462.7799987792969%2C%22transferSize%22%3A323%2C%22encodedBodySize%22%3A43%2C%22decodedBodySize%22%3A43%2C%22serverTiming%22%3A%5B%5D%2C%22workerTiming%22%3A%5B%5D%7D%2C%22partner%22%3A%22pa%22%2C%22zoneId%22%3A3620934%2C%22type%22%3A%22onclick%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.186.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-186-41.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 13 Oct 2020 11:11:54 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Strict-Transport-Security
max-age=15768000
Content-Type
image/gif
add
o.wowreality.info/api/log/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
http://o.wowreality.info/api/log/add
Protocol
HTTP/1.1
Server
139.45.195.254 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://www.bacdzteam.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Tue, 13 Oct 2020 11:11:54 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
http://www.bacdzteam.com
add
o.wowreality.info/api/log/ 		0
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://o.wowreality.info/api/log/add
Requested by
Host: static.lalaping.com
URL: https://static.lalaping.com/online.js?ver=2.0.0
Protocol
HTTP/1.1
Server
139.45.195.254 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json

Response headers

Date
Tue, 13 Oct 2020 11:11:54 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
http://www.bacdzteam.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Content-Length
0
H-WE9-WLilpnVUdxUhkN2Oy53LL4R0pbyNLQyvdQExWKkKWZpRiy60lifXUoKha-VcclG5--SPk4t5wjoIurx5KYpvYTSppQwj0NWoAFUBtfOE4eTU9fXr60KkHAvmRnEm_z3FPuzlbRbZr_uVqpoFG0guw2s7SUIf0TQ6kAFxZazL2AqGC8EWRBP7wpsHlb4O_uN...
onstunkyr.com/impression/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onstunkyr.com/impression/H-WE9-WLilpnVUdxUhkN2Oy53LL4R0pbyNLQyvdQExWKkKWZpRiy60lifXUoKha-VcclG5--SPk4t5wjoIurx5KYpvYTSppQwj0NWoAFUBtfOE4eTU9fXr60KkHAvmRnEm_z3FPuzlbRbZr_uVqpoFG0guw2s7SUIf0TQ6kAFxZazL2AqGC8EWRBP7wpsHlb4O_uNnmvdZInjnSs93DE6vpJYNXq7YIY?z=3620929&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=6&pl=http%3A%2F%2Fwww.bacdzteam.com%2Frzlt%2F%2F17.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.196.102 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id
d4f2ff90e21d3989607004a6a5e5b756
Pragma
no-cache
Date
Tue, 13 Oct 2020 11:12:03 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
image/gif
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Vary
Origin
Content-Length
43
Expires
Wed, 31 Dec 1969 19:00:00 EST
0276441336168.png
static.ptoahaistais.com/contents/s/2a/a3/91/e7f052d79c0c021ef2fff38db2/ Frame CCE0 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ptoahaistais.com/contents/s/2a/a3/91/e7f052d79c0c021ef2fff38db2/0276441336168.png
Requested by
Host: in-page-push.com
URL: http://in-page-push.com/400/3620929
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.130 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
0b3e928c0bf59b7e48ad949290f60585d1cbe2f43fe80aa8b560af4c7ff5d159

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 13 Oct 2020 11:12:03 GMT
Last-Modified
Fri, 07 Feb 2020 15:37:35 GMT
Server
nginx
ETag
"5e3d843f-1962"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
6498
3620929
in-page-push.com/500/ 		0
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in-page-push.com/500/3620929?excludes=6762719&oaid=78712468d88e4b088d70ee67868b0cd1&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=7&pl=http%3A%2F%2Fwww.bacdzteam.com%2Frzlt%2F%2F17.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Requested by
Host: in-page-push.com
URL: http://in-page-push.com/400/3620929
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
87.245.235.35 , United Kingdom, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://www.bacdzteam.com/rzlt//17.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
107dbaa2431d246a43f2c058ebc3ad1b
Pragma
no-cache
Date
Tue, 13 Oct 2020 11:12:03 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Origin
http://www.bacdzteam.com
Access-Control-Expose-Headers
Link
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Vary
Origin
Expires
Wed, 31 Dec 1969 19:00:00 EST
3620929
in-page-push.com/500/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://in-page-push.com/500/3620929?excludes=6762719&oaid=78712468d88e4b088d70ee67868b0cd1&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=7&pl=http%3A%2F%2Fwww.bacdzteam.com%2Frzlt%2F%2F17.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
HTTP/1.1
Server
87.245.235.35 , United Kingdom, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
http://www.bacdzteam.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Tue, 13 Oct 2020 11:12:03 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
http://www.bacdzteam.com
Access-Control-Max-Age
300
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
Timing-Allow-Origin
*

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bestaryua.com
URL
https://bestaryua.com/options?option_args=CMaA3QESIDNjN2E2ODJlZDE3YTRhYTE4YmYwOTEzNGIwMjgwNjg3GjFodHRwOi8vYmVkcmFwaW9uYS5jb20vYXB1LnBocD9vbz0xJnpvbmVpZD0zNjIwOTM0IiZodHRwOi8vd3d3LmJhY2R6dGVhbS5jb20vcnpsdC8vMTcuaHRtbA==

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| trustedTypes object| adsbygoogle object| FB object| zfgformats boolean| zfgloadednative boolean| _retranberw object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_redemption_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| _0x5c20 function| _0x271e object| _0x16b7 function| _0x10b4 object| _0x346d function| _0xb387 function| onClickTrigger object| 0h5zrtrpemn8 boolean| zfgloadedpopup object| regeneratorRuntime function| _retranber number| wm string| oaid function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| _0x3882 function| _0x100c object| sdk object| _0x2efe function| _0x2200 function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| webpushlogs boolean| installOnFly boolean| zfgloadedpush boolean| zfgloadedpushopt boolean| zfgloadedpushcode object| onClickExcludes object| GoogleGcLKhOms object| google_image_requests

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bedrapiona.com
bestaryua.com
connect.facebook.net
e2ertt.com
googleads.g.doubleclick.net
iclickcdn.com
in-page-push.com
iptautup.com
my.rtmark.net
o.wowreality.info
onstunkyr.com
pagead2.googlesyndication.com
perf.cdnads.com
static.lalaping.com
static.ptoahaistais.com
tpc.googlesyndication.com
upgulpinon.com
wheelchairsagainstguns.org
www.bacdzteam.com
www.google.com
www.googletagservices.com
bestaryua.com
139.45.195.162
139.45.195.254
139.45.195.70
139.45.195.94
139.45.196.102
139.45.196.206
139.45.196.70
139.45.197.130
178.162.156.33
2606:4700:20::681a:97b
2606:4700:20::681a:dab
2a00:1450:4001:803::2004
2a00:1450:4001:809::2001
2a00:1450:4001:818::2002
2a00:1450:4001:825::2002
2a03:2880:f01c:8012:face:b00c:0:3
52.208.186.41
67.227.184.215
87.245.235.35
95.217.226.12
0225bd58084fc53a691ba95c426b68ab48c0bee6265595c8d31c12449de4a39b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0b3e928c0bf59b7e48ad949290f60585d1cbe2f43fe80aa8b560af4c7ff5d159
145a17cdc7e1db702af520730630e35c9f863c755497f32b811d6c1aadaa9a79
23d668fa18d93fbcc960e7ee3ec09353e050b5c9f87d7df78775f170c03543d0
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
3898aa86481003285cea642c65820af26f119ebbfb9be82f7ad4492b3a5ed6f7
405f8354addef1122e5aa8e0792ff65778ae3ee2f4092be9d875b4c6ff8f5192
40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3
43b528cea5e70b83aa41da49b5f06f85bc5fe4fe6373fc62adbc24c122c7a04c
47b2ffc47245545d1292b0193e7edef9770d9075f1a008675a217c19b710a48c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
59108e8fb585ae723b793432878e6239d564610b0e604cb00467b56a0a4a2e47
6992999182eee375a64eb7cb861d2135748cbe4fdf5b63670b47d8c5ea846607
7ecfc86ff1af3bd1396e03d8bbef397bce540b3f2f08d58d76827d73da27556a
894d54e1f44d34168594255fc4dec591aa9b58e5df2a0b420cbeabd10c82b398
8f50523037ef65967a0ad29059cf17036edea07c866162b80d93db49ca521363
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
b4222dcbd259eb8f2ec1dda6422091da77d6cf3c566b21081b298d63919fb2ea
bd6ad8c73b08afa9dba209b440a43d67361db3c064e6325ec953fbfb35ace9ce
bfb2ac0b6e90d6f7dec0fed4162eb09281eddee0059ae8a5839ff058d0048fd2
c357f597ae58b89b41335942c7de0b7082db6f6807e4f49c54def56673155488
c9c6addd6b859c78c43c28d0cd3eed8815c0ab707282083b9cae9978e2dff8e9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1a772ee487577d614860d261bad0fb67d590c10cdfba34f65dffc5aef39befe
d9387b372acec4b3b43903e7597b064818972267299879c050f584f625b122cc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fd3d5385557d07c7d47bf1b61e64b763db45d570faa7087dfe2f10ad76c801
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881