urlscan.io logo urlscan.io
SecurityTrails logo

1haft.com Open in urlscan Pro
192.185.6.227  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://fitshow.me/
Effective URL: https://1haft.com/fitshow24/Home
Submission: On June 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 14 domains to perform 81 HTTP transactions. The main IP is 192.185.6.227, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is 1haft.com.
TLS certificate: Issued by R3 on May 16th 2024. Valid for: 3 months.
This is the only time 1haft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

14    192.185.6.227 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: pss4d.win.hostgator.com
fitshow.me
1haft.com
2    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net
sc-static.net
5    23.33.238.33 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-33-238-33.deploy.static.akamaitechnologies.com
analytics.tiktok.com
4    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
1    2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
5    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
1    2600:1901:0:7628:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
tr6.snapchat.com
2    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
4    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    2606:4700:3034::6815:1adf (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
Apex Domain
Subdomains		 Transfer
10 1haft.com
1haft.com
517 KB
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
tpc.googlesyndication.com — Cisco Umbrella Rank: 174
214 KB
6 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 2099
ka-f.fontawesome.com — Cisco Umbrella Rank: 5386
177 KB
6 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 957
tr6.snapchat.com — Cisco Umbrella Rank: 1289
704 B
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 780
143 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 260
97 KB
4 fitshow.me
fitshow.me
53 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2406
1 KB
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3163
629 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
210 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 8139
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
250 B
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1295
20 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 70 Failed
2 KB
81 14
Domain Requested by
10 1haft.com 1haft.com
5 ka-f.fontawesome.com kit.fontawesome.com
1haft.com
5 tr.snapchat.com sc-static.net
5 analytics.tiktok.com fitshow.me
analytics.tiktok.com
5 pagead2.googlesyndication.com fitshow.me
pagead2.googlesyndication.com
analytics.tiktok.com
4 cdnjs.cloudflare.com 1haft.com
4 fitshow.me fitshow.me
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 region1.google-analytics.com fitshow.me
2 region1.analytics.google.com 2 redirects
2 www.googletagmanager.com fitshow.me
1haft.com
1 kit.fontawesome.com 1haft.com
1 tr6.snapchat.com sc-static.net
1 www.google.de fitshow.me
1 stats.g.doubleclick.net www.googletagmanager.com
1 sc-static.net fitshow.me
1 fonts.googleapis.com fitshow.me
1haft.com
81 17

This site contains links to these domains. Also see Links.

Domain
ifbb.com
sbbf-ksa.com
medan.sa
Subject Issuer Validity Valid
fitshow.me
R3		 2024-05-27 -
2024-08-25		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
sc-static.net
Amazon RSA 2048 M03		 2023-12-21 -
2025-01-18		 a year crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.google.de
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-21 -
2025-02-20		 a year crt.sh
1haft.com
R3		 2024-05-16 -
2024-08-14		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-04 -
2025-01-03		 a year crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
ka-f.fontawesome.com
GTS CA 1P5		 2024-05-03 -
2024-08-01		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://1haft.com/fitshow24/Home
Frame ID: 68D9448697EEB24E349713D11FD1F7E9
Requests: 83 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=6c2c462f-4eeb-429c-8b8f-bfd91bd69bb7&u_scsid=c96956fd-e69c-41eb-9d94-51ab27599082&u_sclid=6aa52b07-760c-458d-8f09-76bfa834fc83
Frame ID: B269A5AD74067773C9557234384F81B0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240605/r20110914/zrt_lookup_fy2021.html
Frame ID: DE7BFD069A3D4195E46EC16D9CFA2870
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-6896462464434985&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1717524612&plat=3%3A16%2C4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffitshow.me%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~28~30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=32~28~30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=32_18~28_13~30_5~27_14~29_10&aiixl=32_9~28_4~30_6~27_3~29_5&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717820974327&bpp=3&bdt=276&idt=103&shv=r20240605&mjsv=m202406030101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=7841471845921&frm=20&pv=2&ga_vid=1993886051.1717820974&ga_sid=1717820974&ga_hid=517617125&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31084199%2C31084257%2C42531705%2C95334511%2C95334529%2C95334564%2C95334572%2C95334581%2C95334829%2C95335262%2C95334052%2C95334160%2C31078668&oid=2&pvsid=4404632958543040&tmod=1894687501&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=136
Frame ID: FB834A18627864629B4B163CEC5E0166
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A8DF0FED1D786D30AFF07CF0021783B8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

- Home

Page URL History Show full URLs

  1. https://fitshow.me/ Page URL
  2. https://1haft.com/fitshow24/Home Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /Chart(?:\.bundle)?(?:\.min)?\.js
  • cdnjs\.cloudflare\.com/ajax/libs/Chart\.js/([\d.]+(?:-[^/]+)?)/Chart.*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

81
Requests

59 %
HTTPS

73 %
IPv6

14
Domains

17
Subdomains

16
IPs

3
Countries

1434 kB
Transfer

4644 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fitshow.me/ Page URL
  2. https://1haft.com/fitshow24/Home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://region1.analytics.google.com/g/collect?v=2&tid=G-6QXWGFZYE9&gtm=45je4650v9186258148za200&_p=1717820974302&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1993886051.1717820974&ecid=1307437452&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717820974&sct=1&seg=0&dl=https%3A%2F%2Ffitshow.me%2F&dt=FITSHOW&en=page_view&_fv=2&_nsi=1&_ss=2&_c=1&_ee=1&tfd=1490 HTTP 302
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1993886051.1717820974&dbk=4207465626183496078&dma=1&dma_cps=sypham&en=page_view&gtm=45je4650v9186258148za200&npa=1&tid=G-6QXWGFZYE9&dl=https%3A%2F%2Ffitshow.me%3F
Request Chain 12
  • https://region1.analytics.google.com/g/collect?v=2&tid=G-6QXWGFZYE9&gtm=45je4650v9186258148za200&_p=1717820974302&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1993886051.1717820974&ecid=1307437452&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1717820974&sct=1&seg=0&dl=https%3A%2F%2Ffitshow.me%2F&dt=FITSHOW&en=scroll&_c=1&epn.percent_scrolled=90&_et=5&tfd=1499 HTTP 302
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1993886051.1717820974&dbk=1055979459550384601&dma=1&dma_cps=sypham&en=scroll&gtm=45je4650v9186258148za200&npa=1&tid=G-6QXWGFZYE9&dl=https%3A%2F%2Ffitshow.me%3F

81 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
fitshow.me/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fitshow.me/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.185.6.227 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
pss4d.win.hostgator.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e0d16d4e797dd900cac089c1fcd46dd1b59d895281a575ae94e0a50ea632179f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
1367
content-type
text/html
date
Sat, 08 Jun 2024 04:29:33 GMT
etag
"01a2871aab6da1:0"
last-modified
Tue, 04 Jun 2024 18:10:12 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
style.css
fitshow.me/css/ 		67 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fitshow.me/css/style.css
Requested by
Host: fitshow.me
URL: https://fitshow.me/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.185.6.227 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
pss4d.win.hostgator.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e990f8dc1bd63d503bdbadbaef7a75e2ea34c29ecbbdd12a0eaabeb420143643

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fitshow.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-powered-by-plesk
PleskWin
date
Sat, 08 Jun 2024 04:29:33 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2017 23:48:42 GMT
server
Microsoft-IIS/10.0
etag
"069794d2242d31:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
9320
js
www.googletagmanager.com/gtag/ 		318 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6QXWGFZYE9
Requested by
Host: fitshow.me
URL: https://fitshow.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
53b44ed6a769aa8b53fa918d8a6c97b1370be827cb92fefeb3975eceffb906fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fitshow.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 04:29:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
107324
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 08 Jun 2024 04:29:34 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6896462464434985
Requested by
Host: fitshow.me
URL: https://fitshow.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f11cd09a56a90480c216c77a28d7e4d89459e72bcc8482fdfb6e93f4b26aef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fitshow.me/
Origin
https://fitshow.me
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 04:29:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52215
x-xss-protection
0
server
cafe
etag
10065883888374014020
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 08 Jun 2024 04:29:34 GMT
font-awesome.min.css
fitshow.me/css/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fitshow.me/css/font-awesome.min.css
Requested by
Host: fitshow.me
URL: https://fitshow.me/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.185.6.227 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
pss4d.win.hostgator.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fitshow.me/css/style.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-powered-by-plesk
PleskWin
date
Sat, 08 Jun 2024 04:29:33 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2017 23:48:42 GMT
server
Microsoft-IIS/10.0
etag
"069794d2242d31:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
5369
css
fonts.googleapis.com/ 		0
0
scevent.min.js
sc-static.net/ 		45 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: fitshow.me
URL: https://fitshow.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-207-250.fra53.r.cloudfront.net
Software
CloudFront /
Resource Hash
bbcaea2f5270b092d8de9217541148a27a51880cd5029f612d69f2c38d6c2aba

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fitshow.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 04:29:34 GMT
content-encoding
gzip
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
19625
x-amz-cf-id
qTVVBis6DYsM1QNtoa2KCv2u1iwhIFSN-bAOuZ2Y0aF2iCOaqZBYqQ==
events.js
analytics.tiktok.com/i18n/pixel/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CPAVENJC77U5D4UAG900&lib=ttq
Requested by
Host: fitshow.me
URL: https://fitshow.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.238.33 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-238-33.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b73deef1d78b34453a5206625c6f7aa02d4a1e07d9e0414efd949973792ca824

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fitshow.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
6bdd4611.c51af94
date
Sat, 08 Jun 2024 04:29:34 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2406080429343285622802D78E586B62-11C530C1D0919963-00
x-cache
TCP_MISS from a23-33-238-29.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time
30,23.33.238.29
server-timing
cdn-cache; desc=MISS, edge; dur=8, origin; dur=22, inner; dur=17
content-length
1549
pragma
no-cache
server
nginx
x-tt-logid
202406080429343285622802D78E586B62
x-cache-remote
TCP_MISS from a23-48-200-211.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
22,23.48.200.211
x-tt-trace-host
0187fbd8908e446f8b1b5e834ce4df640f18a06632a423e4b844ef4c7feffa0f1f79dadd793c408d38dd18b4683966decd084db99f966b79094766b10139b8d169d81e46ee74b57e784e5075213152416e7babf01a130d6dd65e1147edcc21db6cf8c7ec8fa88b2ebae4047e6c871a4aea
expires
Sat, 08 Jun 2024 04:29:34 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/ 		425 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6896462464434985&plah=fitshow.me&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6896462464434985
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fa9ae9d3911e1d7d2a3490afc5f630617962a5b79ef17d71ea022d48be0ed4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fitshow.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 04:29:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147237
x-xss-protection
0
server
cafe
etag
5594939008285274521
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 08 Jun 2024 04:29:34 GMT
register-conversion
region1.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://region1.analytics.google.com/g/collect?v=2&tid=G-6QXWGFZYE9&gtm=45je4650v9186258148za200&_p=1717820974302&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1993886051.171782097...
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1993886051.1717820974&dbk=4207465626183496078&dma=1&dma_cps=sypham&en=page_view&gtm=45je4650v9186258148za200&npa=1&...
0
524 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1993886051.1717820974&dbk=4207465626183496078&dma=1&dma_cps=sypham&en=page_view&gtm=45je4650v9186258148za200&npa=1&tid=G-6QXWGFZYE9&dl=https%3A%2F%2Ffitshow.me%3F
Requested by
Host: fitshow.me
URL: https://fitshow.me/
Protocol
H2
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://fitshow.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma
no-cache
attribution-reporting-register-trigger
{"aggregatable_trigger_data":[{"key_piece":"0x4e9e39a087bf2126","source_keys":["1"]},{"key_piece":"0x30dedb670e3b2467","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"4207465626183496078","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["16592942799"],"5":["06-08","06-07","06-06"]}}
date
Sat, 08 Jun 2024 04:29:34 GMT
server
Golfe2
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 08 Jun 2024 04:29:34 GMT
server
Golfe2
content-type
text/html; charset=UTF-8
location
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1993886051.1717820974&dbk=4207465626183496078&dma=1&dma_cps=sypham&en=page_view&gtm=45je4650v9186258148za200&npa=1&tid=G-6QXWGFZYE9&dl=https%3A%2F%2Ffitshow.me%3F
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
477
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6QXWGFZYE9&cid=1993886051.1717820974&gtm=45je4650v9186258148za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6QXWGFZYE9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fitshow.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 08 Jun 2024 04:29:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fitshow.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6QXWGFZYE9&cid=1993886051.1717820974&gtm=45je4650v9186258148za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=633089853
Requested by
Host: fitshow.me
URL: https://fitshow.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fitshow.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 08 Jun 2024 04:29:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
register-conversion
region1.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://region1.analytics.google.com/g/collect?v=2&tid=G-6QXWGFZYE9&gtm=45je4650v9186258148za200&_p=1717820974302&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1993886051.1717820974&ecid=...
  • https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1993886051.1717820974&dbk=1055979459550384601&dma=1&dma_cps=sypham&en=scroll&gtm=45je4650v9186258148za200&npa=1&tid...
0
562 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1993886051.1717820974&dbk=1055979459550384601&dma=1&dma_cps=sypham&en=scroll&gtm=45je4650v9186258148za200&npa=1&tid=G-6QXWGFZYE9&dl=https%3A%2F%2Ffitshow.me%3F
Requested by
Host: fitshow.me
URL: https://fitshow.me/
Protocol
H2
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://fitshow.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma
no-cache
attribution-reporting-register-trigger
{"aggregatable_trigger_data":[{"key_piece":"0x4e9e39a087bf2126","source_keys":["1"]},{"key_piece":"0xb7443efd47534948","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"1055979459550384601","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["16592942799"],"5":["06-08","06-07","06-06"]}}
date
Sat, 08 Jun 2024 04:29:34 GMT
server
Golfe2
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 08 Jun 2024 04:29:34 GMT
server
Golfe2
content-type
text/html; charset=UTF-8
location
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1993886051.1717820974&dbk=1055979459550384601&dma=1&dma_cps=sypham&en=scroll&gtm=45je4650v9186258148za200&npa=1&tid=G-6QXWGFZYE9&dl=https%3A%2F%2Ffitshow.me%3F
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
474
expires
Fri, 01 Jan 1990 00:00:00 GMT
6c2c462f-4eeb-429c-8b8f-bfd91bd69bb7.js
tr.snapchat.com/config/me/ 		203 B
467 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/me/6c2c462f-4eeb-429c-8b8f-bfd91bd69bb7.js?v=3.18.1-2406041825
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
446a335a2aa61f762826843ff5ce0b06db98893d9be41db28a34baac5c195eca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fitshow.me/
Origin
https://fitshow.me
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 04:29:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
application/javascript
access-control-allow-origin
https://fitshow.me
x-envoy-upstream-service-time
96
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
203
i
tr.snapchat.com/cm/ Frame B269 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=6c2c462f-4eeb-429c-8b8f-bfd91bd69bb7&u_scsid=c96956fd-e69c-41eb-9d94-51ab27599082&u_sclid=6aa52b07-760c-458d-8f09-76bfa834fc83
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://fitshow.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 08 Jun 2024 04:29:34 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240605/r20110914/ Frame DE7B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240605/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6896462464434985&plah=fitshow.me&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://fitshow.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
36163
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4165
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 07 Jun 2024 18:26:51 GMT
etag
3711839061170457607
expires
Fri, 21 Jun 2024 18:26:51 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame FB83 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-6896462464434985&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1717524612&plat=3%3A16%2C4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffitshow.me%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~28~30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=32~28~30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=32_18~28_13~30_5~27_14~29_10&aiixl=32_9~28_4~30_6~27_3~29_5&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717820974327&bpp=3&bdt=276&idt=103&shv=r20240605&mjsv=m202406030101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=7841471845921&frm=20&pv=2&ga_vid=1993886051.1717820974&ga_sid=1717820974&ga_hid=517617125&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31084199%2C31084257%2C42531705%2C95334511%2C95334529%2C95334564%2C95334572%2C95334581%2C95334829%2C95335262%2C95334052%2C95334160%2C31078668&oid=2&pvsid=4404632958543040&tmod=1894687501&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=136
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6896462464434985&plah=fitshow.me&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://fitshow.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Jun 2024 04:29:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
p
tr.snapchat.com/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://fitshow.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 08 Jun 2024 04:29:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
access-control-allow-origin
https://fitshow.me
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p
tr6.snapchat.com/ 		0
192 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr6.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7628:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://fitshow.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 08 Jun 2024 04:29:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
0
via
1.1 google
server
API Gateway
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
main.MTRiM2JhOTViMA.js
analytics.tiktok.com/i18n/pixel/static/ 		344 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTRiM2JhOTViMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CPAVENJC77U5D4UAG900&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.238.33 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-238-33.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b696d943a5d725768a59d00a9fa7bd14c73d3f97340eabf55268b25cddc877ca

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fitshow.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
c51b077
date
Sat, 08 Jun 2024 04:29:34 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240605160954B2101E3C69091613F589
x-tt-trace-id
00-240605160954B2101E3C69091613F589-32366B749E770BE7-00
vary
Accept-Encoding
x-cache
TCP_HIT from a23-33-238-29.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
018c0355c94275b02aeed25f4449a31ab874cb916631fa937c3444446e02dbd634616c9fb6a0bfe9b8d70b4a28ebdbb8e8eb5c2659ac89e7ec3bdeed2689b1528e4a4cc72ebc1a944f1da69d8ff0158f7c5f17fff236c0344167d9c954d5898520
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length
101708
p
tr.snapchat.com/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://fitshow.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 08 Jun 2024 04:29:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
access-control-allow-origin
https://fitshow.me
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
identify_ce1d8843.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRiM2JhOTViMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.238.33 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-238-33.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fitshow.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
c51b247
date
Sat, 08 Jun 2024 04:29:35 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240521140000E6A238C88A55CDF242CC
x-tt-trace-id
00-240521140000E6A238C88A55CDF242CC-3AF974049583181A-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-33-238-29.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01d7f0261c0e92681db1ad590bd1596f630ba7724549086f7643fdee242d8f1e62b5897c42f5233e252cc108d6b501b937e5c36b1955724549ca9bda88adf1c72fcd8c63f8fb28aeade34e329835a748d0cf05c9cd65a88497e822d58615355e3a
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length
39466
pixel
analytics.tiktok.com/api/v2/ 		0
841 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRiM2JhOTViMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.238.33 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-238-33.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://fitshow.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
2018fbd9.c51b24d
date
Sat, 08 Jun 2024 04:29:35 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24060804293596ED7E6416F01C52B3A8-25F48E13F61FBA80-00
x-cache
TCP_MISS from a23-33-238-29.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time
93,23.33.238.29
server-timing
cdn-cache; desc=MISS, edge; dur=15, origin; dur=84, inner; dur=81
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2024060804293596ED7E6416F01C52B3A8
x-cache-remote
TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
84,23.220.104.8
x-tt-trace-host
0187fbd8908e446f8b1b5e834ce4df640f18a06632a423e4b844ef4c7feffa0f1fd267f2b8b75c50184832add9e5e2b6ff1ac0dff2386479ef644e6c0f8f566dc987bcef0632d56b16c983c65919c7273a3e387ff6a082829ea70426069839d3de569069a9cbb4b09113f892f6a2a2d2e1
access-control-allow-headers
Authorization,*
expires
Sat, 08 Jun 2024 04:29:35 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240605&st=env
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRiM2JhOTViMA.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fitshow.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 04:29:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12710
x-xss-protection
0
Primary Request Home
1haft.com/fitshow24/ 		181 KB
181 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1haft.com/fitshow24/Home
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.185.6.227 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
pss4d.win.hostgator.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e2171e3fc590e7826cda590a01fb070c9403917547de51f1369d5a0e37a94668

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://fitshow.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 08 Jun 2024 04:29:35 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
favicon.ico
fitshow.me/ 		37 KB
37 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://fitshow.me/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.185.6.227 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
pss4d.win.hostgator.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fitshow.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-powered-by-plesk
PleskWin
date
Sat, 08 Jun 2024 04:29:35 GMT
last-modified
Thu, 30 May 2024 13:23:20 GMT
server
Microsoft-IIS/10.0
etag
"13ffa8994b2da1:0"
x-powered-by
ASP.NET
content-type
image/x-icon
accept-ranges
bytes
content-length
37818
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6896462464434985&plah=fitshow.me&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fitshow.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 04:29:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 08 Jun 2024 04:29:35 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A8DF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://fitshow.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
23560
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 07 Jun 2024 21:56:55 GMT
expires
Sat, 07 Jun 2025 21:56:55 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
p
tr.snapchat.com/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://fitshow.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 08 Jun 2024 04:29:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
access-control-allow-origin
https://fitshow.me
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
act
analytics.tiktok.com/api/v2/pixel/ 		0
698 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTRiM2JhOTViMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.238.33 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-238-33.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://fitshow.me/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
c51b383
date
Sat, 08 Jun 2024 04:29:36 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240608042935641D63352581A34F22D0-4695FFBDC28A3FE5-00
x-cache
TCP_MISS from a23-33-238-29.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
server-timing
inner; dur=18, cdn-cache; desc=MISS, edge; dur=9, origin; dur=28
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240608042935641D63352581A34F22D0
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
29,23.33.238.29
x-tt-trace-host
0187fbd8908e446f8b1b5e834ce4df640f836ff524d495be698ca3eb619723125ed3fa0148423ba93300e16b38a88dbc85b89113839f39a27fcf4190cd2bf266e2ac6e0e3d5068ea0d1878a18aadb69e0e4d11d826d24f890a08a6703f3b4265dd
access-control-allow-headers
Authorization,*
expires
Sat, 08 Jun 2024 04:29:36 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
js
www.googletagmanager.com/gtag/ 		318 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6QXWGFZYE9
Requested by
Host: 1haft.com
URL: https://1haft.com/fitshow24/Home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4ee529e8984f23ca77bac808e6a6cbe87ce0994a48428f15c920451e041a712c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1haft.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 04:29:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
107323
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 08 Jun 2024 04:29:36 GMT
modernizr
1haft.com/bundles/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1haft.com/bundles/modernizr?v=inCVuEFe6J4Q07A0AcRsbJic_UE5MwpRMNGcOtk94TE1
Requested by
Host: 1haft.com
URL: https://1haft.com/fitshow24/Home
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.185.6.227 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
pss4d.win.hostgator.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1haft.com/fitshow24/Home
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-powered-by-plesk
PleskWin
date
Sat, 08 Jun 2024 04:29:35 GMT
content-encoding
gzip
last-modified
Sat, 08 Jun 2024 04:29:36 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public
content-length
11118
expires
Sun, 08 Jun 2025 04:29:36 GMT
css
fonts.googleapis.com/ 		22 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Requested by
Host: 1haft.com
URL: https://1haft.com/fitshow24/Home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
31fe46164ce2459191ca1f7727fd742ce01833ee4f705459e88d43f53fcc9f80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1haft.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 08 Jun 2024 04:29:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 08 Jun 2024 03:09:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 08 Jun 2024 04:29:36 GMT
nucleo-svg.css
1haft.com/Content/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1haft.com/Content/nucleo-svg.css
Requested by
Host: 1haft.com
URL: https://1haft.com/fitshow24/Home
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.185.6.227 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
pss4d.win.hostgator.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
13c358b65ecb3c2de9301565fd5105d17bab41a940415eb24585152b122da3db

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1haft.com/fitshow24/Home
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-powered-by-plesk
PleskWin
date
Sat, 08 Jun 2024 04:29:35 GMT
content-encoding
gzip
last-modified
Sun, 07 Aug 2022 11:55:18 GMT
server
Microsoft-IIS/10.0
etag
"b145989054aad81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
2276
nucleo-icons.css
1haft.com/Content/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1haft.com/Content/nucleo-icons.css
Requested by
Host: 1haft.com
URL: https://1haft.com/fitshow24/Home
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.185.6.227 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
pss4d.win.hostgator.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3b39139aa6d06e1dde861c568cabcb3912826ffd1d40f821b0ed565b8bafbd15

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1haft.com/fitshow24/Home
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-powered-by-plesk
PleskWin
date
Sat, 08 Jun 2024 04:29:35 GMT
content-encoding
gzip
last-modified
Sun, 07 Aug 2022 11:55:15 GMT
server
Microsoft-IIS/10.0
etag
"80135f8e54aad81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1991
42d5adcbca.js
kit.fontawesome.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/42d5adcbca.js
Requested by
Host: 1haft.com
URL: https://1haft.com/fitshow24/Home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f69bd3e20023b4fd03f3ed5eea76e2a06504a53574a1c71b76ca6ff76f250d22

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1haft.com/
Origin
https://1haft.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 04:29:36 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
8906244fafe7bb77-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F9bKCr5RC6gVux_8IPlB
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ 		52 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css
Requested by
Host: 1haft.com
URL: https://1haft.com/fitshow24/Home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1haft.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 04:29:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
121695
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3279
last-modified
Mon, 04 May 2020 16:04:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d2a-ce35"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QyUGhIWW9bqQe%2BtfK2tx2ExTuVaKg%2BqoDV8x6Qci6fbu8SFl6OBC3iQa9dE%2FpNQtsjrMyHC1uFRB%2FsHIafS6QyJV75iR4AijL3SgaxbrRmEQaulsv%2BntudmEj6nGZO%2FihPZ7kJW0KGEYoa0HjMVDoHl2"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8906244fade61cc5-FRA
expires
Thu, 29 May 2025 04:29:36 GMT
aos.css
cdnjs.cloudflare.com/ajax/libs/aos/2.3.4/ 		25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/aos/2.3.4/aos.css
Requested by
Host: 1haft.com
URL: https://1haft.com/fitshow24/Home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1haft.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 04:29:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6175596
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1438
last-modified
Mon, 04 May 2020 16:05:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d5d-65c5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uaWXaMkHA6ux8F%2BpWVUdLHz2MMHBQ15SFYuwWYhapbSvwT1uCA7ZDiKFhULHOiXxidUPUZL2KU%2FLMVzESUmBcALRuCnvRY33DePYNz62zGnJkUFd%2B7rlm0U10z7GCQ6kcjVMQoBnK%2BJWkD0YccQiEN8M"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8906244fade51cc5-FRA
expires
Thu, 29 May 2025 04:29:36 GMT
soft-ui-dashboard.css
1haft.com/Content/ 		407 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1haft.com/Content/soft-ui-dashboard.css?v=1.0.3
Requested by
Host: 1haft.com
URL: https://1haft.com/fitshow24/Home
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.185.6.227 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
pss4d.win.hostgator.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
02aeb605e10504d5e55890585dfd20c3edb9d4c16a9d958b46dc29051e0fb840

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1haft.com/fitshow24/Home
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-powered-by-plesk
PleskWin
date
Sat, 08 Jun 2024 04:29:35 GMT
content-encoding
gzip
last-modified
Mon, 27 Nov 2023 19:23:00 GMT
server
Microsoft-IIS/10.0
etag
"08233226721da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
53201
Chart.js
cdnjs.cloudflare.com/ajax/libs/Chart.js/2.9.4/ 		433 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.9.4/Chart.js
Requested by
Host: 1haft.com
URL: https://1haft.com/fitshow24/Home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7428669133ec3ec4d5d771d4d78e6e16dc9385d6fa189a537276246b679f6a63
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1haft.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 04:29:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
118751
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87499
last-modified
Sun, 18 Oct 2020 18:57:15 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f8c900b-6c2e2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E%2FSs13JXI0uqGxM3UL9FiAkhTryK89dP%2BI91x8Y%2Fa1%2Fw4ozhPqHch9Blt%2FWRC4ERoNx9mbK3DN3UJaCCAEjTINrJpxTExoegp7F7gdHL%2BK3jZOjl5srFOHpXxd0qiuJxbDZ4wDVKb%2BtngA2zi5Sq8CCW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8906244fade41cc5-FRA
expires
Thu, 29 May 2025 04:29:36 GMT
MsAjaxJs
1haft.com/bundles/ 		142 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1haft.com/bundles/MsAjaxJs?v=D6VN0fHlwFSIWjbVzi6mZyE9Ls-4LNrSSYVGRU46XF81
Requested by
Host: 1haft.com
URL: https://1haft.com/fitshow24/Home
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.185.6.227 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
pss4d.win.hostgator.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
594e60989897c3fe7e623be3e586d11d1e80d5288270d9604ab2b492d79cbcc9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1haft.com/fitshow24/Home
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-powered-by-plesk
PleskWin
date
Sat, 08 Jun 2024 04:29:36 GMT
content-encoding
gzip
last-modified
Sat, 08 Jun 2024 04:29:36 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public
expires
Sun, 08 Jun 2025 04:29:36 GMT
jquery-3.6.0.min.js
1haft.com/Scripts/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1haft.com/Scripts/jquery-3.6.0.min.js
Requested by
Host: 1haft.com
URL: https://1haft.com/fitshow24/Home
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.185.6.227 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
pss4d.win.hostgator.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1haft.com/fitshow24/Home
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-powered-by-plesk
PleskWin
date
Sat, 08 Jun 2024 04:29:36 GMT
content-encoding
gzip
last-modified
Sun, 07 Aug 2022 12:11:14 GMT
server
Microsoft-IIS/10.0
etag
"0ddfac956aad81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
30890
WebFormsJs
1haft.com/bundles/ 		60 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1haft.com/bundles/WebFormsJs?v=N8tymL9KraMLGAMFuPycfH3pXe6uUlRXdhtYv8A_jUU1
Requested by
Host: 1haft.com
URL: https://1haft.com/fitshow24/Home
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.185.6.227 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
pss4d.win.hostgator.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c33d2eeb46f41ebdccc2b62b178a76466645fc91a640c3e718a9999a6b4b9965

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1haft.com/fitshow24/Home
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-powered-by-plesk
PleskWin
date
Sat, 08 Jun 2024 04:29:36 GMT
content-encoding
gzip
last-modified
Sat, 08 Jun 2024 04:29:36 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
User-Agent,Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public
content-length
61422
expires
Sun, 08 Jun 2025 04:29:36 GMT
FITSHOW24-30757.png
1haft.com/Media/Logos/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1haft.com/Media/Logos/FITSHOW24-30757.png
Requested by
Host: 1haft.com
URL: https://1haft.com/fitshow24/Home
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.185.6.227 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
pss4d.win.hostgator.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e746173053ad483c30054c8e4bdeea6ad986465718e8bd3f6b74175505705077

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1haft.com/fitshow24/Home
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-powered-by-plesk
PleskWin
date
Sat, 08 Jun 2024 04:29:36 GMT
last-modified
Thu, 30 May 2024 12:57:05 GMT
server
Microsoft-IIS/10.0
etag
"f8138adf90b2da1:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
36273
Banner1645151_106.PNG
1haft.com/Media/Banners/ 		948 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1haft.com/Media/Banners/Banner1645151_106.PNG
Requested by
Host: 1haft.com
URL: https://1haft.com/fitshow24/Home
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.185.6.227 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
pss4d.win.hostgator.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1haft.com/fitshow24/Home
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-powered-by-plesk
PleskWin
date
Sat, 08 Jun 2024 04:29:36 GMT
last-modified
Sat, 01 Jun 2024 09:51:51 GMT
server
Microsoft-IIS/10.0
etag
"6c6df539b4da1:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
1316217
Banner1645137_105.PNG
1haft.com/Media/Banners/ 		0
0
FITSHOW24-1450.png
1haft.com/Media/Banners/ 		0
0
Banner1643251_103.PNG
1haft.com/Media/Banners/ 		0
0
Banner1643230_101.PNG
1haft.com/Media/Banners/ 		0
0
3031334.PNG
1haft.com/Media/Logos/ 		0
0
313252.PNG
1haft.com/Media/Logos/ 		0
0
323432.PNG
1haft.com/Media/Logos/ 		0
0
Venue28313129_12.PNG
1haft.com/Media/Venues/ 		0
0
leaflet.js
1haft.com/Content/leaflet/ 		0
0
leaflet.css
1haft.com/Content/leaflet/ 		0
0
010201037-31357.png
1haft.com/Media/Logos/ 		0
0
bootstrap.js
1haft.com/Scripts/ 		0
0
popper.min.js
1haft.com/Scripts/ 		0
0
bootstrap.bundle.min.js
1haft.com/Scripts/ 		0
0
pace.min.js
1haft.com/plugins/PACE/ 		0
0
modernizr.min.js
1haft.com/Scripts/ 		0
0
jquery.appear.js
1haft.com/Scripts/ 		0
0
jquery.overlayScrollbars.min.js
1haft.com/plugins/overlayScrollbars/js/ 		0
0
toastr.min.js
1haft.com/plugins/toastr/ 		0
0
dropify.min.js
1haft.com/plugins/dropify/js/ 		0
0
apexcharts.min.js
1haft.com/plugins/apexcharts-bundle/js/ 		0
0
purecounter_vanilla.js
1haft.com/plugins/purecounter/ 		0
0
easypiechart.min.js
1haft.com/plugins/EasyPieChart/ 		0
0
jquery.easypiechart.min.js
1haft.com/plugins/EasyPieChart/ 		0
0
aos.js
cdnjs.cloudflare.com/ajax/libs/aos/2.3.4/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/aos/2.3.4/aos.js
Requested by
Host: 1haft.com
URL: https://1haft.com/fitshow24/Home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5005b2e414770fd5ccb40bc221a12771966d02b5c1f9c89da48bd8e3811d377
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1haft.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 04:29:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2005802
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4109
last-modified
Mon, 04 May 2020 16:05:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d5d-3962"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o0KRRKXKS9nVC2y%2BSUze0EvSkBOTaoYSa8LhphZiiu3DXnCPiVgABgVQ7R1cylJwHbmZPSTt02po6Rm7VHLyRivJF56Oykeayf0J0UoHtFPZ3c5jIIBp4ECVVFV1gNJMRK6FOPXkdpLaP6Btl1HDycKe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89062451ff471cc5-FRA
expires
Thu, 29 May 2025 04:29:36 GMT
bs-init.js
1haft.com/Scripts/ 		0
0
site.js
1haft.com/Scripts/ 		0
0
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=42d5adcbca
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/42d5adcbca.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1haft.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 04:29:36 GMT
content-encoding
gzip
via
1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v45zlT5QO3luBXgl9mfK75cW4YPO955uDvqk1BNrcPpoIWwh96RPU4DEoyFSpq5luI1Qb9hMNunUBaKczYAo5KF9kEr4PHr36lHb5ovZGFkd0VYednojlHx6nFG5Ec48yYOrPsMD4i%2FomS3i5xzsw%2F6tEw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
89062451fd986aeb-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
iLJ6sfyow5hYgzzWhg0Rfjl3lOBhDVyhtR-wD3No6ORxJDs05Ycb6w==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		26 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=42d5adcbca
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/42d5adcbca.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1haft.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 04:29:36 GMT
content-encoding
gzip
via
1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
age
227099
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fz%2BoVcpqlx6BF9Lszt040DMDcmYk2V8Aquiz0AIDtcg2eWK7YnBjD3GDVk4%2FccHs1IjtkBIz4bJJNMwrOjG7%2BA1m6fSf1ARPFANZzqL7oN6O4ed5OW6wtIw0KGPJ8m6x3%2BuPsh3eLvCyiguOWzSJx53wUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
89062451fd996aeb-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
fTSpjx698dsWdnpNzx6WklzDlt322Po9Hcs_gbYQqcroYtvJbifRDA==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=42d5adcbca
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/42d5adcbca.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1haft.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 04:29:36 GMT
content-encoding
gzip
via
1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
age
53158
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=80jrrDfwWc4YjIA2hJzNDLtVt5na3RAUP1XRweN%2BCokp7ltewG8eNpByUVZaYP%2FiEtlGB5sX1I60Cf2B6qv5r1yEn3IAfw6xw9%2FEYTMnRZB6%2FQfUq1i8E8ixe5UtjqGspBx09fYO63PNUKub8qqC7S9gmA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
89062451fd966aeb-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
mkSSplG77Yn6uWUegUPYA8bAZi-aPB-u_lmimoN167ornNOheqHU0g==
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f93ef184faa777f6603e0649edafcc0e27edc083e44fcd258c78c94844d7c4d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
122d64fb6a133fd94d4617efed62fbc6af96d1bc68249598e51249c2d03398ba

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f26c2194a39f9093b42c3a0723d61b0a641864b7a39da8ff55df4b0ab7b63604

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10f669e094fc908dba6761baa473026ac814cc09e5248f9f1ae89f2cebad0f83

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b401ee49937689565e5a4a01fb38cdf1338ea927e6b5bfb922093d933a859418

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8127882d8fd8c3ae03cd83f27c04a4b65493c3e2f5e4598669e6e6d3f085c8cc

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
PARABG-10856174348.PNG
1haft.com/Media/Images/ 		0
0
Cairo-Regular.ttf.woff
1haft.com/Content/fonts/ 		0
0
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by
Host: 1haft.com
URL: https://1haft.com/fitshow24/Home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1haft.com/
Origin
https://1haft.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 04:29:37 GMT
via
1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
age
53158
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
78168
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"a9fd1225fb2cd32320e2b931dca01089"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9oVpq8G4YTkHXmVKsU8SPJpLlfPI5ZMlpupOaObSDrJM9VNVYvEowfLMwvAiszqwAgR8C88HLJVkuF3qGCbZD62rGIrt7k8JfO3l54R735ylfmG%2Fftn1X0gfjg5oqiEhc9cN6aQJMbaha64%2BgSkAN3g7gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
890624532e056aeb-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
LEtzwgergSk3roU9XLG-IBY4x8StYIcRdvmihavP21u86gtJs45sQg==
free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
Requested by
Host: 1haft.com
URL: https://1haft.com/fitshow24/Home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:1adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://1haft.com/
Origin
https://1haft.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 04:29:37 GMT
via
1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
age
53158
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
76736
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"4f5ec865a8274ab291b6a42b5f70639e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ym0RLA%2FOTwa176bi1kE1FHbmAfuZjJOpyP6DrfSTbEJ5wbDNPejfQWT6inGXYqeR21qphPN6%2Bh51MGyDxgMWpKahR%2FfD5t%2B%2FW%2B2A5bJ6ddMat54EjNZ06dbvIoNAmHvJLzA62LtxqB1tNdu5%2FUx5JE0IYA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
890624532e076aeb-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
TYPynCBcUTG1EsmKWCTRxiRSjH7vDVUgkcF1B17rRGfxwcXBfaFJsQ==
reg-keyboard.jpg
1haft.com/media/images/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,600italic,800,800italic
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240605&jk=4404632958543040&bg=!JiWlJWrNAAb64txl2uI7ADQBe5WfOMnfZgO6E2WyDLVYV-8p7a1_ODIzP4bygb-b7sqmLRHTO9Sh0SaX4gq2H-ylOIgxAgAAAD9SAAAABGgBB34ANQkhQq0kDhqE0hMx6M1RaUHGJpcR1dZU4eRl5Zi_5KiMF4SgPgtU9-3oALV7_Rjs6nkpQmLomQKca3LhIkZeYgV95Y-DsLJa2dX3fw8_casNlP8NebcGzj-mwnMSBWUv2KuDObY3-5VF74E5fP9q3ewTofXEp3heQpyAvsQm__zS-WGW9vuVMEMj9DiFnRaiAgVc92ZlbXx1C-ynOHdL2Ky2gzxjAmz2ehCAk7HWO2tstImeKUOuFv24pKzo2jjMgghvKjVwg2kWvV9xuy-0UkrsMonn1XPWThV1E1M4769vbrE7x8Vw6pe3EQoNcPNTCGc2RL9Rwn22ppkDvc_D3svz_BgHOUVH8Kjtzf_EHXa3lieaayuSu7KiHcJtkziJo_tS_JwdHFCW5g5UUiqqPDMpLKLUsrttnj31OAqux1aXFZBZwR97pvwjRp_iB9NW-CTFzeowLsasfwjStT_rN3oxzHx3RfevGfp3uiuwu-FSvFx6ie83BOdO0t2nNCWkeuF2jLr8q3loCUxQUaxArQCc9kgr7a71MIdC_NmWm3Mmi10_FA4USrGm82-N3HLVTjwyxgYVSA4OKEGyeMcAXTf_2enOnPlcPIAYziyE-Kmylu-5hnRceyxDOdh3TA9hPN0a8D3ycz39NNs054YlmucpLJRV0N6rxywFRQNMfVZcB8535ln9ionjw5hNchoo_CFU3NKocWQ5cAC_KPWQOmWkgrrpIAZio-Kyb2hKnNFnBAbtnRwnqPW1h2VgDKVkp3ShMp4o8KrSr2AOBdJ72-_215r7C9ag454zNa5HNl0zpVhLVSKzeP4dectEKTlPCMxUSB42rwZrRcpIFnjfUb-h3roLisWz-_hh0YP4b80zEapW1IQWD_8Cdocb1AkeSCSu92zqdom0Ecs2Hpsq9zL0an8kWxPLnOEzqemRjSFfBr26C6yI2iKZvB7Vo7TINTs-WPg
Domain
1haft.com
URL
https://1haft.com/Media/Banners/Banner1645137_105.PNG
Domain
1haft.com
URL
https://1haft.com/Media/Banners/FITSHOW24-1450.png
Domain
1haft.com
URL
https://1haft.com/Media/Banners/Banner1643251_103.PNG
Domain
1haft.com
URL
https://1haft.com/Media/Banners/Banner1643230_101.PNG
Domain
1haft.com
URL
https://1haft.com/Media/Logos/3031334.PNG
Domain
1haft.com
URL
https://1haft.com/Media/Logos/313252.PNG
Domain
1haft.com
URL
https://1haft.com/Media/Logos/323432.PNG
Domain
1haft.com
URL
https://1haft.com/Media/Venues/Venue28313129_12.PNG
Domain
1haft.com
URL
https://1haft.com/Content/leaflet/leaflet.js
Domain
1haft.com
URL
https://1haft.com/Content/leaflet/leaflet.css
Domain
1haft.com
URL
https://1haft.com/Media/Logos/010201037-31357.png
Domain
1haft.com
URL
https://1haft.com/Scripts/bootstrap.js
Domain
1haft.com
URL
https://1haft.com/Scripts/popper.min.js
Domain
1haft.com
URL
https://1haft.com/Scripts/bootstrap.bundle.min.js
Domain
1haft.com
URL
https://1haft.com/plugins/PACE/pace.min.js
Domain
1haft.com
URL
https://1haft.com/Scripts/modernizr.min.js
Domain
1haft.com
URL
https://1haft.com/Scripts/jquery.appear.js
Domain
1haft.com
URL
https://1haft.com/plugins/overlayScrollbars/js/jquery.overlayScrollbars.min.js
Domain
1haft.com
URL
https://1haft.com/plugins/toastr/toastr.min.js
Domain
1haft.com
URL
https://1haft.com/plugins/dropify/js/dropify.min.js
Domain
1haft.com
URL
https://1haft.com/plugins/apexcharts-bundle/js/apexcharts.min.js
Domain
1haft.com
URL
https://1haft.com/plugins/purecounter/purecounter_vanilla.js
Domain
1haft.com
URL
https://1haft.com/plugins/EasyPieChart/easypiechart.min.js
Domain
1haft.com
URL
https://1haft.com/plugins/EasyPieChart/jquery.easypiechart.min.js
Domain
1haft.com
URL
https://1haft.com/Scripts/bs-init.js
Domain
1haft.com
URL
https://1haft.com/Scripts/site.js
Domain
1haft.com
URL
https://1haft.com/Media/Images/PARABG-10856174348.PNG
Domain
1haft.com
URL
https://1haft.com/Content/fonts/Cairo-Regular.ttf.woff
Domain
1haft.com
URL
https://1haft.com/media/images/reg-keyboard.jpg

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| google_tag_manager object| google_tag_data object| dataLayer object| html5 object| Modernizr object| FontAwesomeKitConfig function| Color function| Chart object| theForm function| __doPostBack function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $removeHandler function| $get function| $find function| $addHandler function| $addHandlers function| $clearHandlers function| Type object| Sys object| _events function| $ function| jQuery function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| ValidatorUpdateDisplay function| ValidatorUpdateIsValid function| AllValidatorsValid function| ValidatorHookupControlID function| ValidatorHookupControl function| ValidatorHookupEvent function| ValidatorGetValue function| ValidatorGetValueRecursive function| Page_ClientValidate function| ValidatorCommonOnSubmit function| ValidatorEnable function| ValidatorOnChange function| ValidatedTextBoxOnKeyPress function| ValidatedControlOnBlur function| ValidatorValidate function| ValidatorSetFocus function| IsInVisibleContainer function| IsValidationGroupMatch function| ValidatorOnLoad function| ValidatorConvert function| ValidatorCompare function| CompareValidatorEvaluateIsValid function| CustomValidatorEvaluateIsValid function| RegularExpressionValidatorEvaluateIsValid function| ValidatorTrim function| RequiredFieldValidatorEvaluateIsValid function| RangeValidatorEvaluateIsValid function| ValidationSummaryOnSubmit function| WebForm_FindFirstFocusableChild function| WebForm_AutoFocus function| WebForm_CanFocus function| WebForm_IsFocusableTag function| WebForm_IsInVisibleContainer function| GridView function| GridView_createPropertyString function| GridView_setStateValue function| GridView_OnCallback function| GridView_getHiddenFieldContents function| createPropertyStringFromValues_GridView function| DetailsView function| DetailsView_createPropertyString function| DetailsView_setStateValue function| DetailsView_OnCallback function| DetailsView_getHiddenFieldContents function| createPropertyStringFromValues_DetailsView function| TreeView_HoverNode function| TreeView_GetNodeText function| TreeView_PopulateNode function| TreeView_ProcessNodeData function| TreeView_SelectNode function| TreeView_ToggleNode function| TreeView_UnhoverNode function| Point function| __wpTranslateOffset function| __wpGetPageEventLocation function| __wpClearSelection function| WebPart function| WebPart_Dispose function| WebPart_OnMouseDown function| WebPart_OnDragStart function| WebPart_OnDrag function| WebPart_OnDragEnd function| WebPart_GetParentWebPartElement function| WebPart_UpdatePosition function| Zone function| Zone_Dispose function| Zone_OnDragEnter function| Zone_OnDragOver function| Zone_OnDrop function| Zone_GetParentZoneElement function| Zone_AddWebPart function| Zone_ToggleDropCues function| Zone_GetWebPartIndex function| Zone_UpdatePosition function| WebPartDragState function| WebPartMenu function| WebPartMenu_Dispose function| WebPartMenu_Show function| WebPartMenu_Hide function| WebPartMenu_Hover function| WebPartMenu_Unhover function| WebPartMenu_OnClick function| WebPartMenu_OnKeyPress function| WebPartMenu_OnMouseEnter function| WebPartMenu_OnMouseLeave function| WebPartManager function| WebPartManager_Dispose function| WebPartManager_AddZone function| WebPartManager_IsDragDropEnabled function| WebPartManager_DragDrop function| WebPartManager_InitiateWebPartDragDrop function| WebPartManager_CompleteWebPartDragDrop function| WebPartManager_ContinueWebPartDragDrop function| WebPartManager_Execute function| WebPartManager_ProcessWebPartDragEnter function| WebPartManager_ProcessWebPartDragOver function| WebPartManager_ProcessWebPartDrop function| WebPartManager_ShowHelp function| WebPartManager_ExportWebPart function| WebPartManager_UpdatePositions function| WebPartManager_SubmitPage object| __pendingCallbacks number| __synchronousCallBackIndex boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes object| __disabledControlArray string| Page_ValidationVer boolean| Page_IsValid boolean| Page_BlockSubmit object| Page_InvalidControlToBeFocused object| Page_TextTypes object| __wpm number| countDownDate number| x

10 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: e6bb07284d4c4489a6690c8c63e56bba
.fitshow.me/ Name: _ga
Value: GA1.1.1993886051.1717820974
.fitshow.me/ Name: _scid
Value: f1c38443-9857-404a-89ef-38debcdfa539
.fitshow.me/ Name: _scid_r
Value: f1c38443-9857-404a-89ef-38debcdfa539
.region1.google-analytics.com/ Name: ar_debug
Value: 1
.tiktok.com/ Name: _ttp
Value: 2ha8kwlnQ3P63rSyoWxUQ2PdejO
.fitshow.me/ Name: _tt_enable_cookie
Value: 1
.fitshow.me/ Name: _ttp
Value: 8_M83_zZE-HtdP1wAeQ_6VsrJui
1haft.com/ Name: ASP.NET_SessionId
Value: gc31tbhy0acz0dqnir31ioqt
.fitshow.me/ Name: _ga_6QXWGFZYE9
Value: GS1.1.1717820974.1.0.1717820976.58.0.1307437452

9 Console Messages

Source Level URL
Text
security error URL: https://fitshow.me/
Message:
Mixed Content: The page at 'https://fitshow.me/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,600italic,800,800italic'. This request has been blocked; the content must be served over HTTPS.
other warning URL: https://fitshow.me/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://fitshow.me/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://fitshow.me/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://fitshow.me/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://fitshow.me/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://fitshow.me/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://fitshow.me/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://fitshow.me/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1haft.com
analytics.tiktok.com
cdnjs.cloudflare.com
fitshow.me
fonts.googleapis.com
ka-f.fontawesome.com
kit.fontawesome.com
pagead2.googlesyndication.com
region1.analytics.google.com
region1.google-analytics.com
sc-static.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tr.snapchat.com
tr6.snapchat.com
www.google.de
www.googletagmanager.com
1haft.com
fonts.googleapis.com
pagead2.googlesyndication.com
143.204.207.250
192.185.6.227
2001:4860:4802:32::36
23.33.238.33
2600:1901:0:7628::
2606:4700:3034::6815:1adf
2606:4700:4400::ac40:93bc
2606:4700::6811:180e
2a00:1450:4001:801::2008
2a00:1450:4001:81d::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2001
2a00:1450:400c:c06::9b
35.190.43.134
02aeb605e10504d5e55890585dfd20c3edb9d4c16a9d958b46dc29051e0fb840
0f93ef184faa777f6603e0649edafcc0e27edc083e44fcd258c78c94844d7c4d
10f669e094fc908dba6761baa473026ac814cc09e5248f9f1ae89f2cebad0f83
122d64fb6a133fd94d4617efed62fbc6af96d1bc68249598e51249c2d03398ba
13c358b65ecb3c2de9301565fd5105d17bab41a940415eb24585152b122da3db
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
31fe46164ce2459191ca1f7727fd742ce01833ee4f705459e88d43f53fcc9f80
3b39139aa6d06e1dde861c568cabcb3912826ffd1d40f821b0ed565b8bafbd15
446a335a2aa61f762826843ff5ce0b06db98893d9be41db28a34baac5c195eca
4ee529e8984f23ca77bac808e6a6cbe87ce0994a48428f15c920451e041a712c
53b44ed6a769aa8b53fa918d8a6c97b1370be827cb92fefeb3975eceffb906fc
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
594e60989897c3fe7e623be3e586d11d1e80d5288270d9604ab2b492d79cbcc9
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
7428669133ec3ec4d5d771d4d78e6e16dc9385d6fa189a537276246b679f6a63
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
7fa9ae9d3911e1d7d2a3490afc5f630617962a5b79ef17d71ea022d48be0ed4d
8127882d8fd8c3ae03cd83f27c04a4b65493c3e2f5e4598669e6e6d3f085c8cc
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d
9f11cd09a56a90480c216c77a28d7e4d89459e72bcc8482fdfb6e93f4b26aef8
a5005b2e414770fd5ccb40bc221a12771966d02b5c1f9c89da48bd8e3811d377
b401ee49937689565e5a4a01fb38cdf1338ea927e6b5bfb922093d933a859418
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
b696d943a5d725768a59d00a9fa7bd14c73d3f97340eabf55268b25cddc877ca
b73deef1d78b34453a5206625c6f7aa02d4a1e07d9e0414efd949973792ca824
bbcaea2f5270b092d8de9217541148a27a51880cd5029f612d69f2c38d6c2aba
c33d2eeb46f41ebdccc2b62b178a76466645fc91a640c3e718a9999a6b4b9965
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
e0d16d4e797dd900cac089c1fcd46dd1b59d895281a575ae94e0a50ea632179f
e2171e3fc590e7826cda590a01fb070c9403917547de51f1369d5a0e37a94668
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e746173053ad483c30054c8e4bdeea6ad986465718e8bd3f6b74175505705077
e990f8dc1bd63d503bdbadbaef7a75e2ea34c29ecbbdd12a0eaabeb420143643
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f26c2194a39f9093b42c3a0723d61b0a641864b7a39da8ff55df4b0ab7b63604
f69bd3e20023b4fd03f3ed5eea76e2a06504a53574a1c71b76ca6ff76f250d22
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e